invest.xandr.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 37.252.161.245, located in Amsterdam, Netherlands and belongs to ASN-APPNEX, US. The main domain is invest.xandr.com. The Cisco Umbrella rank of the primary domain is 568623.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on March 30th 2022. Valid for: a year.

This is the only time invest.xandr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	37.252.161.245 37.252.161.245	29990 (ASN-APPNEX) (ASN-APPNEX)
1	92.123.225.24 92.123.225.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
6	4

3 37.252.161.245 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: access-control-api.ams1.adnexus.net

invest.xandr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-24.deploy.static.akamaitechnologies.com

anxconsole-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 596	54 KB
3	xandr.com 2 redirects invest.xandr.com — Cisco Umbrella Rank: 568623	5 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 5529	354 B
1	akamaihd.net anxconsole-a.akamaihd.net — Cisco Umbrella Rank: 658771	6 KB
6	4

	Domain	Requested by
3	acdn.adnxs.com	anxconsole-a.akamaihd.net
3	invest.xandr.com	2 redirects
1	hello.myfonts.net	anxconsole-a.akamaihd.net
1	anxconsole-a.akamaihd.net	invest.xandr.com
6	4

This site contains no links.

Subject Issuer	Validity	Valid
invest.xandr.com GeoTrust TLS RSA CA G1	`2022-03-30` - `2023-04-30`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Frame ID: 6672F0210AB2B4C0697E0D10BCBFC701
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://invest.xandr.com/creative-ui/1578263/bulk/home HTTP 302
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home HTTP 302
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

66 kB
Transfer

102 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://invest.xandr.com/creative-ui/1578263/bulk/home HTTP 302
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home HTTP 302
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
invest.xandr.com/
Redirect Chain

https://invest.xandr.com/creative-ui/1578263/bulk/home
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home

14 KB
5 KB

23ms
23ms

Document
text/html

37.252.161.245
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.245 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: access-control-api.ams1.adnexus.net
Software: nginx/1.21.3 / Express
Resource Hash: 4b29e989d0808a9034e57a592f25ec9d43974a706e2026713272bbc4d04e741b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 24 May 2022 10:16:43 GMT
Server: nginx/1.21.3
Transfer-Encoding: chunked
an-served-by: invest-proxy-production-5f9689d85d-8cwhp
etag: W/"361c-UikH48ZWpd7R014D9WC8kV+PKZ0"
x-b3-parentspanid: b6dbd3bc4641fc07
x-b3-sampled: 1
x-b3-spanid: 7d48ede67bba25c7
x-b3-traceid: 311801eceb10edbc
x-envoy-upstream-service-time: 5
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 145
Content-Type: text/html
Date: Tue, 24 May 2022 10:16:43 GMT
Location: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Server: nginx/1.21.3

GET
H2 200 bundle.css
anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/ 26 KB
6 KB 71ms
8ms Stylesheet
text/css 92.123.225.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/bundle.css

Requested by

Host: invest.xandr.com
URL: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

92.123.225.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a92-123-225-24.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

4fa064e85f84b0a0382510cd6dce71eeb199f2a105070f8bae786090edc43abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invest.xandr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 27e8d32c5d33b1b8
x-powered-by: Express
an-served-by: console-proxy-production-56bb9b86d6-66pg9
x-envoy-upstream-service-time: 113
x-b3-parentspanid: e4fefd0ae652744e
content-length: 6080
x-xss-protection: 1
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"696c-HUwBi2mAj1pfISXt26Eti3GVwqk"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1398
x-b3-spanid: 7fd130bba2b33113
x-b3-sampled: 1
access-control-allow-credentials: false
access-control-allow-headers: *
date: Tue, 24 May 2022 10:16:43 GMT
expires: Tue, 24 May 2022 10:40:01 GMT

GET
H2 200 394bdb
hello.myfonts.net/count/ 0
354 B 66ms
32ms Stylesheet
text/css 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/394bdb
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/bundle.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anxconsole-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 10:16:43 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 71054706992f9271-FRA
content-length: 0
expires: Wed, 24 May 2023 10:16:43 GMT

GET
H/1.1 200
OK bg-pattern.226a6795ab64d5cdd0bdd4a853719227.svg
acdn.adnxs.com/cxp/1y/ 11 KB
2 KB 56ms
18ms Image
image/svg+xml 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acdn.adnxs.com/cxp/1y/bg-pattern.226a6795ab64d5cdd0bdd4a853719227.svg
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c969368d0b5c50cda577edc7a6488b4743bbbb77864f14d3020c3f724dde246a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anxconsole-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 10:16:43 GMT
Content-Encoding: gzip
Age: 1830173
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1582
X-Served-By: cache-lga13622-LGA, cache-cdg20735-CDG
Access-Control-Allow-Origin: *
Last-Modified: Tue, 07 May 2019 16:36:47 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1653387403.368377,VS0,VE0
ETag: W/"5cd1b41f-2d18"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 05 Apr 2023 07:29:02 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK GalanoGrotesque-Regular.woff2
acdn.adnxs.com/cxp/1y/ 27 KB
28 KB 27ms
7ms Font
application/octet-stream 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/cxp/1y/GalanoGrotesque-Regular.woff2
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80bbcd8b6b948bacdfef2c3d67333f7a67fad9350e24ce20597adf8d127ab140

Request headers

Referer: https://anxconsole-a.akamaihd.net/
Origin: https://invest.xandr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 10:16:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2431959
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 27976
X-Served-By: cache-lga13626-LGA, cache-hhn4044-HHN
Last-Modified: Fri, 28 Jan 2022 17:29:14 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1653387403.346254,VS0,VE1
ETag: "61f427ea-6d48"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 26 Apr 2023 06:44:03 GMT

GET
H/1.1 200
OK GalanoGrotesque-Medium.woff2
acdn.adnxs.com/cxp/1y/ 24 KB
24 KB 22ms
7ms Font
application/octet-stream 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/cxp/1y/GalanoGrotesque-Medium.woff2
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.74/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f03ca25843ca56ea5e6e18fc7fca7d3b1a8fe088c7972e4a284c9887669524f

Request headers

Referer: https://anxconsole-a.akamaihd.net/
Origin: https://invest.xandr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 10:16:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 620456
X-Cache: HIT, HIT
X-Cache-Hits: 8, 1
Connection: keep-alive
Content-Length: 24332
X-Served-By: cache-lga21982-LGA, cache-hhn4062-HHN
Last-Modified: Fri, 28 Jan 2022 17:29:14 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1653387403.346561,VS0,VE0
ETag: "61f427ea-5f0c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 17 May 2023 05:55:47 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			invest.xandr.com/	1969-12-31 23:59:59	Name: _csrf Value: D8b_jRBKyJvbKUjKqvNJQMso
			.myfonts.net/	1970-01-20 03:16:29	Name: __cf_bm Value: REjguizek66jxTDbdKKtJ5RIaWeO1bnLwu5c08jhq4M-1653387403-0-Afkh3/pgn7CILs/rlA7bZNQl9wM9L/Y7W+/XUkzFuEw6GWByT7RYsOFoZI5dqwDFtcu7korIX0DMstTI+W5ZR5U=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
anxconsole-a.akamaihd.net
hello.myfonts.net
invest.xandr.com
151.101.193.108
2606:4700::6811:f449
37.252.161.245
92.123.225.24
2f03ca25843ca56ea5e6e18fc7fca7d3b1a8fe088c7972e4a284c9887669524f
4b29e989d0808a9034e57a592f25ec9d43974a706e2026713272bbc4d04e741b
4fa064e85f84b0a0382510cd6dce71eeb199f2a105070f8bae786090edc43abb
80bbcd8b6b948bacdfef2c3d67333f7a67fad9350e24ce20597adf8d127ab140
c969368d0b5c50cda577edc7a6488b4743bbbb77864f14d3020c3f724dde246a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

invest.xandr.com Open in urlscan Pro 37.252.161.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

66 kBTransfer

102 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

Indicators

invest.xandr.com Open in urlscan Pro
37.252.161.245 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

66 kB
Transfer

102 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions