urlscan.io logo urlscan.io
SecurityTrails logo

6d61b581-9b8e8435.cssjava.cfd Open in urlscan Pro
13.79.86.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbk...
Effective URL: https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogi...
Submission: On March 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 13.79.86.9, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 6d61b581-9b8e8435.cssjava.cfd.
TLS certificate: Issued by R3 on March 22nd 2023. Valid for: 3 months.
This is the only time 6d61b581-9b8e8435.cssjava.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 6 13.79.86.9 8075 (MICROSOFT...)
15 4
1    2a02:26f0:6c00:190::23ed (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.naukrigulf.com
5    2606:4700::6812:672 (United States)

ASN13335 (CLOUDFLARENET, US)
86kg61.codesandbox.io
codesandbox.io
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
6    13.79.86.9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lmo.cssjava.cfd
6d61b581-9b8e8435.cssjava.cfd
Apex Domain
Subdomains		 Transfer
6 cssjava.cfd
lmo.cssjava.cfd
6d61b581-9b8e8435.cssjava.cfd
4a74b446-9b8e8435.cssjava.cfd Failed
292 KB
5 codesandbox.io
86kg61.codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 77584
50 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
6 KB
1 naukrigulf.com
www.naukrigulf.com — Cisco Umbrella Rank: 757312
1 KB
15 4
Domain Requested by
4 lmo.cssjava.cfd 1 redirects 86kg61.codesandbox.io
lmo.cssjava.cfd
4 codesandbox.io 86kg61.codesandbox.io
codesandbox.io
2 6d61b581-9b8e8435.cssjava.cfd 1 redirects lmo.cssjava.cfd
6d61b581-9b8e8435.cssjava.cfd
1 static.cloudflareinsights.com 86kg61.codesandbox.io
1 86kg61.codesandbox.io
1 www.naukrigulf.com 1 redirects
0 4a74b446-9b8e8435.cssjava.cfd Failed 6d61b581-9b8e8435.cssjava.cfd
15 7

This site contains no links.

Subject Issuer Validity Valid
codesandbox.io
Cloudflare Inc ECC CA-3		 2023-03-19 -
2024-03-18		 a year crt.sh
*.nodebox.codesandbox.io
E1		 2023-03-08 -
2023-06-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
cssjava.cfd
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbmcgreevy%2540essexpropertytrust.com%26client-request-id%3D0fffe207-62a2-47c5-ac4a-44b1d50e0f81%26username%3Dbmcgreevy%2540essexpropertytrust.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATYH_3nX5R01H2Nl8vGq3z8jasYlQkboX-BkfEFI-MkJoWk3OT0otTUskqH1OLi1IqCovyC1KKSypKi0uISkMpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWq7wCLwioXHgNmKg4NLgEGCQYHhBwvjIlage7c9sJld98nfaafutsg-TXaGU6z6eVXlxcYFETlR3hXuhiluBWmlid4p2RlFvt4VjhllUa4ukZXuzuahhcl5FrbGVoYT2IQmsDGdYmP4wMbYwc4wi53hACfjAV6GH3wHf0y6tO3Xqbcer_h1DHJTikLyXP0rLdzTgzydy01Ty8Lck7JyU01KyoONUk3MK_3cQ3J8LDyCfW0B0
Frame ID: 3C49FAA1B409B3155E10BFDBC233DE7C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2... HTTP 303
    https://86kg61.codesandbox.io/ Page URL
  2. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= Page URL
  3. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= Page URL
  4. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=&sso_reload=true HTTP 302
    https://6d61b581-9b8e8435.cssjava.cfd/app/office365/exkmfomn8iC0YRwdU0x7/sso/wsfed/passive?login_hint=bmcgreevy%40... HTTP 302
    https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fws... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

15
Requests

67 %
HTTPS

75 %
IPv6

4
Domains

7
Subdomains

4
IPs

3
Countries

346 kB
Transfer

1074 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2F86kg61.codesandbox.io%2F%23Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= HTTP 303
    https://86kg61.codesandbox.io/ Page URL
  2. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= Page URL
  3. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= Page URL
  4. https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=&sso_reload=true HTTP 302
    https://6d61b581-9b8e8435.cssjava.cfd/app/office365/exkmfomn8iC0YRwdU0x7/sso/wsfed/passive?login_hint=bmcgreevy%40essexpropertytrust.com&client-request-id=0fffe207-62a2-47c5-ac4a-44b1d50e0f81&username=bmcgreevy%40essexpropertytrust.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATYH_3nX5R01H2Nl8vGq3z8jasYlQkboX-BkfEFI-MkJoWk3OT0otTUskqH1OLi1IqCovyC1KKSypKi0uISkMpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWq7wCLwioXHgNmKg4NLgEGCQYHhBwvjIlage7c9sJld98nfaafutsg-TXaGU6z6eVXlxcYFETlR3hXuhiluBWmlid4p2RlFvt4VjhllUa4ukZXuzuahhcl5FrbGVoYT2IQmsDGdYmP4wMbYwc4wi53hACfjAV6GH3wHf0y6tO3Xqbcer_h1DHJTikLyXP0rLdzTgzydy01Ty8Lck7JyU01KyoONUk3MK_3cQ3J8LDyCfW0B0 HTTP 302
    https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbmcgreevy%2540essexpropertytrust.com%26client-request-id%3D0fffe207-62a2-47c5-ac4a-44b1d50e0f81%26username%3Dbmcgreevy%2540essexpropertytrust.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATYH_3nX5R01H2Nl8vGq3z8jasYlQkboX-BkfEFI-MkJoWk3OT0otTUskqH1OLi1IqCovyC1KKSypKi0uISkMpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWq7wCLwioXHgNmKg4NLgEGCQYHhBwvjIlage7c9sJld98nfaafutsg-TXaGU6z6eVXlxcYFETlR3hXuhiluBWmlid4p2RlFvt4VjhllUa4ukZXuzuahhcl5FrbGVoYT2IQmsDGdYmP4wMbYwc4wi53hACfjAV6GH3wHf0y6tO3Xqbcer_h1DHJTikLyXP0rLdzTgzydy01Ty8Lck7JyU01KyoONUk3MK_3cQ3J8LDyCfW0B0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F%2F86kg61.codesandbox.io%2F%23Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20= HTTP 303
  • https://86kg61.codesandbox.io/

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
86kg61.codesandbox.io/
Redirect Chain
  • https://www.naukrigulf.com/nglogin/user/mailerLogin?conmailer=9cca59ac38d3efecbce4a1e6e38af2f2%7C~%7CZ2VyYXJkYm9pc21hcnRpbkBiaWdwb25kLmNvbQ%3D%3D%7C%2A%2A%2A%2A%7C1%7C~~%7C20230129&rUrl=https%3A%2F...
  • https://86kg61.codesandbox.io/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b981269707efb6a4b43b006b0ffe473000b3d2ceae87b113fa5e4db441081b87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7ac90580a818038e-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Mar 2023 19:18:39 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-request-id
F08igBIMzbXMeUILw1ul

Redirect headers

content-length
0
content-type
application/json
date
Thu, 23 Mar 2023 19:18:39 GMT
location
https://86kg61.codesandbox.io/#Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
server
nginx
strict-transport-security
: max-age=31536000
timestamp
1679599119
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-trace
2B494DDC280CC4073EF4EDDB87087D18C838B4A29E000000000000000000
sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
codesandbox.io/public/sse-hooks/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by
Host: 86kg61.codesandbox.io
URL: https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86kg61.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:18:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
19202922
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 13:00:47 GMT
server
cloudflare
etag
W/"62f7a07f-2aeb3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ac9058118bf038e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner.0b5d84a2b.js
codesandbox.io/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by
Host: 86kg61.codesandbox.io
URL: https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86kg61.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:18:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1482490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Mar 2023 08:37:20 GMT
server
cloudflare
etag
W/"6405a640-f37"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ac9058118bc038e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
watermark-button.f4f9aed52.js
codesandbox.io/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by
Host: 86kg61.codesandbox.io
URL: https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://86kg61.codesandbox.io/
Origin
https://86kg61.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:18:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
8191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 16:09:03 GMT
server
cloudflare
etag
W/"641c799f-ae5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7ac905815ae6902a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by
Host: 86kg61.codesandbox.io
URL: https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://86kg61.codesandbox.io/
Origin
https://86kg61.codesandbox.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:18:39 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2023.3.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7ac90581cc885c74-FRA
phishing
codesandbox.io/api/v1/sandboxes/86kg61/ 		33 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/api/v1/sandboxes/86kg61/phishing
Requested by
Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86kg61.codesandbox.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:18:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin
content-type
application/vnd.github.v3+json; charset=utf-8
access-control-allow-origin
https://86kg61.codesandbox.io
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ac905818b27902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33
x-request-id
F08igBpqRwQuV5MLw1wl
/
lmo.cssjava.cfd/ 		350 KB
118 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Requested by
Host: 86kg61.codesandbox.io
URL: https://86kg61.codesandbox.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.79.86.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bb8255423a5a7d1d2f638de6383f4565bfd325aa4b37c153daaeadaf27a46152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://86kg61.codesandbox.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 19:18:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
lmo.cssjava.cfd/ 		198 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Requested by
Host: lmo.cssjava.cfd
URL: https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.79.86.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
949dc5e31e358d480cb1d7db08f899e98f8e527c55574376c8b84be8c67b7307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 19:18:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
/
lmo.cssjava.cfd/ 		508 KB
172 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Requested by
Host: lmo.cssjava.cfd
URL: https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.79.86.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
8b5f1c5950a46f57ececf421c6e9ae36a7cfe3efc05b0b88b997e1df01de88b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 19:18:41 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2ed0f9af-9b8e8435.cssjava.cfd/api/report?catId=GW+estsfd+dub1"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.14939.4 - WEULR1 ProdSlices
x-ms-request-id
144a8646-bb40-4ea8-8985-6ea6e1b80800
Primary Request login.htm
6d61b581-9b8e8435.cssjava.cfd/login/
Redirect Chain
  • https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=&sso_reload=true
  • https://6d61b581-9b8e8435.cssjava.cfd/app/office365/exkmfomn8iC0YRwdU0x7/sso/wsfed/passive?login_hint=bmcgreevy%40essexpropertytrust.com&client-request-id=0fffe207-62a2-47c5-ac4a-44b1d50e0f81&usern...
  • https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbmcgreevy%2540essexpropertytrust.com%26client-request-...
18 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbmcgreevy%2540essexpropertytrust.com%26client-request-id%3D0fffe207-62a2-47c5-ac4a-44b1d50e0f81%26username%3Dbmcgreevy%2540essexpropertytrust.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATYH_3nX5R01H2Nl8vGq3z8jasYlQkboX-BkfEFI-MkJoWk3OT0otTUskqH1OLi1IqCovyC1KKSypKi0uISkMpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWq7wCLwioXHgNmKg4NLgEGCQYHhBwvjIlage7c9sJld98nfaafutsg-TXaGU6z6eVXlxcYFETlR3hXuhiluBWmlid4p2RlFvt4VjhllUa4ukZXuzuahhcl5FrbGVoYT2IQmsDGdYmP4wMbYwc4wi53hACfjAV6GH3wHf0y6tO3Xqbcer_h1DHJTikLyXP0rLdzTgzydy01Ty8Lck7JyU01KyoONUk3MK_3cQ3J8LDyCfW0B0
Requested by
Host: lmo.cssjava.cfd
URL: https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.79.86.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lmo.cssjava.cfd/?eqp=dXNlcm5hbWU9Ym1jZ3JlZXZ5QGVzc2V4cHJvcGVydHl0cnVzdC5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-language
de
content-type
text/html;charset=utf-8
date
Thu, 23 Mar 2023 19:18:45 GMT
p3p
CP="HONK"
pragma
no-cache
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://766d76c3-9b8e8435.cssjava.cfd/r/default/hpkp/reportOnly"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-okta-request-id
ZBymFTc1BVfy3vUKyXWsdgAAD0w
x-rate-limit-limit
1200
x-rate-limit-remaining
1191
x-rate-limit-reset
1679599143
x-robots-tag
noindex,nofollow
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 19:18:44 GMT
location
https://6d61b581-9b8e8435.cssjava.cfd/login/login.htm?fromURI=%2Fapp%2Foffice365%2Fexkmfomn8iC0YRwdU0x7%2Fsso%2Fwsfed%2Fpassive%3Flogin_hint%3Dbmcgreevy%2540essexpropertytrust.com%26client-request-id%3D0fffe207-62a2-47c5-ac4a-44b1d50e0f81%26username%3Dbmcgreevy%2540essexpropertytrust.com%26wa%3Dwsignin1.0%26wtrealm%3Durn%253Afederation%253AMicrosoftOnline%26wctx%3Destsredirect%253D2%2526estsrequest%253DrQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATYH_3nX5R01H2Nl8vGq3z8jasYlQkboX-BkfEFI-MkJoWk3OT0otTUskqH1OLi1IqCovyC1KKSypKi0uISkMpbTIL-RemeKeHFbqkpqUWJJZn5eY-YCWq7wCLwioXHgNmKg4NLgEGCQYHhBwvjIlage7c9sJld98nfaafutsg-TXaGU6z6eVXlxcYFETlR3hXuhiluBWmlid4p2RlFvt4VjhllUa4ukZXuzuahhcl5FrbGVoYT2IQmsDGdYmP4wMbYwc4wi53hACfjAV6GH3wHf0y6tO3Xqbcer_h1DHJTikLyXP0rLdzTgzydy01Ty8Lck7JyU01KyoONUk3MK_3cQ3J8LDyCfW0B0
p3p
CP="HONK"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://766d76c3-9b8e8435.cssjava.cfd/r/default/hpkp/reportOnly"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-okta-request-id
ZBymFJYj7lIU7pWE5T0qOAAADCc
okta-sign-in.min.js
4a74b446-9b8e8435.cssjava.cfd/assets/js/sdk/okta-signin-widget/7.4.0/js/ 		0
0
okta-sign-in.min.css
4a74b446-9b8e8435.cssjava.cfd/assets/js/sdk/okta-signin-widget/7.4.0/css/ 		0
0
loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
4a74b446-9b8e8435.cssjava.cfd/assets/loginpage/css/ 		0
0
style-sheet
6d61b581-9b8e8435.cssjava.cfd/api/internal/brand/theme/ 		0
0
gfsqvpsp46lcbxQL70x7
4a74b446-9b8e8435.cssjava.cfd/fs/bcg/4/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
4a74b446-9b8e8435.cssjava.cfd
URL
https://4a74b446-9b8e8435.cssjava.cfd/assets/js/sdk/okta-signin-widget/7.4.0/js/okta-sign-in.min.js
Domain
4a74b446-9b8e8435.cssjava.cfd
URL
https://4a74b446-9b8e8435.cssjava.cfd/assets/js/sdk/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Domain
4a74b446-9b8e8435.cssjava.cfd
URL
https://4a74b446-9b8e8435.cssjava.cfd/assets/loginpage/css/loginpage-theme.c1227d73b70be13e51aae80fe238b0ae.css
Domain
6d61b581-9b8e8435.cssjava.cfd
URL
https://6d61b581-9b8e8435.cssjava.cfd/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d
Domain
4a74b446-9b8e8435.cssjava.cfd
URL
https://4a74b446-9b8e8435.cssjava.cfd/fs/bcg/4/gfsqvpsp46lcbxQL70x7

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

21 Cookies

Domain/Path Name / Value
.naukrigulf.com/nglogin/user Name: _t_ds
Value: 209a3771679599119-45209a377-0209a377
www.naukrigulf.com/nglogin/user Name: aka_location
Value: Country=DE
.naukrigulf.com/ Name: _ngenv1[lang]
Value: en
.naukrigulf.com/ Name: puppeteer
Value: FALSE
.naukrigulf.com/ Name: resmanexp
Value:
.naukrigulf.com/ Name: mboost
Value: true
.naukrigulf.com/ Name: mboost50
Value: true
www.naukrigulf.com/ Name: profileCom
Value: y
www.naukrigulf.com/ Name: chatbotonorganicresman
Value: n
www.naukrigulf.com/ Name: chatbotonmarketingresman
Value: y
www.naukrigulf.com/ Name: chatbotonmarketingresmanAr
Value: y
www.naukrigulf.com/ Name: chatbotonorganicresmanAr
Value: n
.naukrigulf.com/ Name: countryc
Value: DE
.naukrigulf.com/ Name: countryn
Value: Germany
.naukrigulf.com/ Name: city
Value:
.naukrigulf.com/ Name: state
Value:
.naukrigulf.com/ Name: ak_bmsc
Value: 24E355EF1C23DF11224A4E3CD18EA873~000000000000000000000000000000~YAAQF7sQAvPywA2HAQAAAKzoDxMPGHsexQO948xMcWJCG+lXvLzcskl0D0TBQtivjxUpDENYZgGQjId4pZsyXnijkZDnmO5ojIe9q/Nc4KmzKM56pcLAHS8B7Bdc88hhG7sE5HlCARuV8JuK2RpMUrDvIPS6dW6wJlU4w5mz0SaiM5WyXEegaKSqLy0Exb3sbbVJg5I6wgjtr9JFun+Web9ep7v0kUJQj8nzndIUTcidb1Ueqp7pwZv+eThYz4jMePORpIAkcbLTonnDAzlnI/oskmcvqCc0dHb7oSo/2qVJte3/08uXEGzrLRrYeDp+2zV3dO1zetsx3+Hd8i6oQoRr+HmD/60FmV4L6LeqkB6S4g7imiz6uK9DmStZvllJt4m3O6Yp2Q1/KKKK5SjVaG0Ug7o9Rgo/
.codesandbox.io/ Name: _cfuvid
Value: fhTw4ZZQ5K1uvs7WT9HDgkuuKIAKT79pUSHLd1Q6EBk-1679599119499-0-604800000
.cssjava.cfd/ Name: nzrgji
Value: OWI4ZTg0MzUtM2JjMi00Njk2LTk4YjEtMDc0OTlhYzNiODJmOmY3ZDU5MGY4LWEzZmItNDlhOC1hODdiLTNkZTFkODk1MjA2MQ==
.lmo.cssjava.cfd/ Name: AADSSO
Value: NA|NoExtension
lmo.cssjava.cfd/ Name: SSOCOOKIEPULLED
Value: 1