invest.xandr.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 185.89.208.4, located in Frankfurt am Main, Germany and belongs to ASN-APPNEX, US. The main domain is invest.xandr.com. The Cisco Umbrella rank of the primary domain is 549946.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 2nd 2022. Valid for: a year.

This is the only time invest.xandr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	185.89.208.4 185.89.208.4	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.83.4.249 104.83.4.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
5	3

3 185.89.208.4 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: lbip4967820.ams3.adnexus.net

invest.xandr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.83.4.249 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-249.deploy.static.akamaitechnologies.com

anxconsole-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 550	54 KB
3	xandr.com 2 redirects invest.xandr.com — Cisco Umbrella Rank: 549946	6 KB
1	akamaihd.net anxconsole-a.akamaihd.net — Cisco Umbrella Rank: 627552	7 KB
5	3

	Domain	Requested by
3	acdn.adnxs.com	anxconsole-a.akamaihd.net
3	invest.xandr.com	2 redirects
1	anxconsole-a.akamaihd.net	invest.xandr.com
5	3

This site contains no links.

Subject Issuer	Validity	Valid
invest.xandr.com GeoTrust TLS RSA CA G1	`2022-06-02` - `2023-04-30`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Frame ID: 17093933E97F1C23D345F658E473A519
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://invest.xandr.com/creative-ui/1578263/bulk/home HTTP 302
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home HTTP 302
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

66 kB
Transfer

108 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://invest.xandr.com/creative-ui/1578263/bulk/home HTTP 302
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home HTTP 302
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
invest.xandr.com/
Redirect Chain

https://invest.xandr.com/creative-ui/1578263/bulk/home
http://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home

15 KB
5 KB

30ms
30ms

Document
text/html

185.89.208.4
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.89.208.4 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

lbip4967820.ams3.adnexus.net

Software

nginx/1.21.3 / Express

Resource Hash

19f7ff8d90b8ab16882dff0c343e6191c6c59bb0ec09ad99a37a68bf3a37ca0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Jan 2023 10:26:57 GMT
Server: nginx/1.21.3
Transfer-Encoding: chunked
an-served-by: invest-proxy-production-7546958cd7-t2nrt
etag: W/"3b3b-khiLZF6uYqSd72IQBDLablN34KM"
strict-transport-security: max-age=15552000
x-b3-parentspanid: df3c2e1c162c8c76
x-b3-sampled: 1
x-b3-spanid: 1b8d82faa257c15b
x-b3-traceid: 47bef6338498d380
x-envoy-upstream-service-time: 9
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 145
Content-Type: text/html
Date: Wed, 25 Jan 2023 10:26:57 GMT
Location: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Server: nginx/1.21.3

GET
H2 200 bundle.css
anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.91/ 31 KB
7 KB 237ms
75ms Stylesheet
text/css 104.83.4.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.91/bundle.css
Requested by: Host: invest.xandr.com
URL: https://invest.xandr.com/login?redir=/creative-ui/1578263/bulk/home
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.83.4.249 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-249.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 / Express
Resource Hash: 8da4308a94a3751a054fc3da54f3d218f49a5c8b82a1218ccb911b5c3641d552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invest.xandr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 10:26:57 GMT
content-encoding: gzip
x-b3-traceid: ba4dbddf2ddd2102
x-powered-by: Express
an-served-by: console-proxy-production-6c48c44585-scg6z
x-envoy-upstream-service-time: 114
x-b3-parentspanid: 63a9f03d42a1a82a
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6532
server: nginx/1.21.3
etag: W/"7bbf-VgusEc5dSxvoob71M/OrbH3plFo"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=37074
x-b3-spanid: cb2b7d86613f7661
access-control-allow-credentials: false
x-b3-sampled: 1
access-control-allow-headers: *
expires: Wed, 25 Jan 2023 20:44:51 GMT

GET
H/1.1 200
OK bg-pattern.226a6795ab64d5cdd0bdd4a853719227.svg
acdn.adnxs.com/cxp/1y/ 11 KB
2 KB 40ms
6ms Image
image/svg+xml 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acdn.adnxs.com/cxp/1y/bg-pattern.226a6795ab64d5cdd0bdd4a853719227.svg
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.91/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c969368d0b5c50cda577edc7a6488b4743bbbb77864f14d3020c3f724dde246a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anxconsole-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: Sat, 23 Dec 2023 07:36:44 GMT
Date: Wed, 25 Jan 2023 10:26:57 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2861413
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1582
X-Served-By: cache-lga21964-LGA, cache-hhn-etou8220062-HHN
Last-Modified: Tue, 07 May 2019 16:36:47 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1674642417.497430,VS0,VE0
ETag: W/"5cd1b41f-2d18"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 22585, 8

GET
H/1.1 200
OK GalanoGrotesque-Regular.woff2
acdn.adnxs.com/cxp/1y/ 27 KB
28 KB 40ms
7ms Font
application/octet-stream 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/cxp/1y/GalanoGrotesque-Regular.woff2
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.91/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80bbcd8b6b948bacdfef2c3d67333f7a67fad9350e24ce20597adf8d127ab140

Request headers

Referer: https://anxconsole-a.akamaihd.net/
Origin: https://invest.xandr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Cache-Hits: 16605, 24
Date: Wed, 25 Jan 2023 10:26:57 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 3032335
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27976
X-Served-By: cache-lga21970-LGA, cache-hhn-etou8220049-HHN
Last-Modified: Fri, 28 Jan 2022 17:29:14 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1674642417.497719,VS0,VE0
ETag: "61f427ea-6d48"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Thu, 21 Dec 2023 08:08:02 GMT

GET
H/1.1 200
OK GalanoGrotesque-Medium.woff2
acdn.adnxs.com/cxp/1y/ 24 KB
24 KB 48ms
8ms Font
application/octet-stream 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/cxp/1y/GalanoGrotesque-Medium.woff2
Requested by: Host: anxconsole-a.akamaihd.net
URL: https://anxconsole-a.akamaihd.net/authentication/v2/auth/styles/invest.xandr.com/2.0.91/bundle.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f03ca25843ca56ea5e6e18fc7fca7d3b1a8fe088c7972e4a284c9887669524f

Request headers

Referer: https://anxconsole-a.akamaihd.net/
Origin: https://invest.xandr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Cache-Hits: 16524, 6
Date: Wed, 25 Jan 2023 10:26:57 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 7531460
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 24332
X-Served-By: cache-lga21963-LGA, cache-hhn-etou8220080-HHN
Last-Modified: Fri, 28 Jan 2022 17:29:14 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1674642418.506629,VS0,VE0
ETag: "61f427ea-5f0c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Mon, 30 Oct 2023 06:22:38 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			invest.xandr.com/	1969-12-31 23:59:59	Name: _csrf Value: 4SxdoNIo4QCFqe9Qwlcpoy9A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
anxconsole-a.akamaihd.net
invest.xandr.com
104.83.4.249
151.101.193.108
185.89.208.4
19f7ff8d90b8ab16882dff0c343e6191c6c59bb0ec09ad99a37a68bf3a37ca0d
2f03ca25843ca56ea5e6e18fc7fca7d3b1a8fe088c7972e4a284c9887669524f
80bbcd8b6b948bacdfef2c3d67333f7a67fad9350e24ce20597adf8d127ab140
8da4308a94a3751a054fc3da54f3d218f49a5c8b82a1218ccb911b5c3641d552
c969368d0b5c50cda577edc7a6488b4743bbbb77864f14d3020c3f724dde246a

invest.xandr.com Open in urlscan Pro 185.89.208.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

66 kBTransfer

108 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

invest.xandr.com Open in urlscan Pro
185.89.208.4 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

66 kB
Transfer

108 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions