login.xximo.com
Open in
urlscan Pro
104.18.3.252
Public Scan
Effective URL: https://login.xximo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fscope%3Dssw%2520openid%26state%3D2e0...
Submission: On February 21 via manual from BE — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 16th 2021. Valid for: a year.
This is the only time login.xximo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 83.96.148.150 83.96.148.150 | 21155 (ASN-PROSE...) (ASN-PROSERVE Amsterdam) | |
1 11 | 104.18.3.252 104.18.3.252 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
12 | 2 |
ASN21155 (ASN-PROSERVE Amsterdam, NL)
PTR: ip-space.by.proserve.nl
my.xximo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
xximo.com
4 redirects
my.xximo.com login.xximo.com |
319 KB |
2 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 631 |
9 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | login.xximo.com |
1 redirects
login.xximo.com
|
3 | my.xximo.com | 3 redirects |
2 | ajax.aspnetcdn.com |
login.xximo.com
|
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.xximo.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-11-16 - 2022-11-15 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2021-08-06 - 2022-08-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.xximo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fscope%3Dssw%2520openid%26state%3D2e06c4baedb9b13cb6a5805155cf7eb1%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fmy.xximo.com%252Fleaseplan-be%252Ffr%252Fconnect%252Fcheck%26client_id%3Dxximo.ssw
Frame ID: 4D0A739EA6F8CFADA0D3F45CB1A964DD
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Leaseplan LoginPage URL History Show full URLs
-
https://my.xximo.com/leaseplan-be/fr
HTTP 301
https://my.xximo.com/leaseplan-be/fr/ HTTP 307
https://my.xximo.com/leaseplan-be/fr/connect/ HTTP 302
https://login.xximo.com/connect/authorize?scope=ssw%20openid&state=2e06c4baedb9b13cb6a5805155cf7eb1&... HTTP 302
https://login.xximo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fscope%3Dssw%2520... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: FAQ
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://my.xximo.com/leaseplan-be/fr
HTTP 301
https://my.xximo.com/leaseplan-be/fr/ HTTP 307
https://my.xximo.com/leaseplan-be/fr/connect/ HTTP 302
https://login.xximo.com/connect/authorize?scope=ssw%20openid&state=2e06c4baedb9b13cb6a5805155cf7eb1&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fmy.xximo.com%2Fleaseplan-be%2Ffr%2Fconnect%2Fcheck&client_id=xximo.ssw HTTP 302
https://login.xximo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fscope%3Dssw%2520openid%26state%3D2e06c4baedb9b13cb6a5805155cf7eb1%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fmy.xximo.com%252Fleaseplan-be%252Ffr%252Fconnect%252Fcheck%26client_id%3Dxximo.ssw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login
login.xximo.com/Account/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.css
login.xximo.com/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leaseplan.css
login.xximo.com/css/vendors/ |
177 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.js
login.xximo.com/js/ |
234 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leaseplan.png
login.xximo.com/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
login.xximo.com/js/ |
82 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
login.xximo.com/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.unobtrusive.min.js
ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular.woff2
login.xximo.com/webfonts/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Bold.woff2
login.xximo.com/webfonts/ |
45 KB 45 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-SemiBold.woff2
login.xximo.com/webfonts/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| $ function| jQuery object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| getPassword function| validatePasswords function| updateCheckMark function| checkIfEightChar function| checkIfOneLowercase function| checkIfOneUppercase function| checkIfOneDigit function| checkIfOneSpecialChar function| togglePassword3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my.xximo.com/ | Name: PHPSESSID Value: u2235dsik9vsjv3nv7knrjuiq0 |
|
login.xximo.com/ | Name: vendor Value: xximo |
|
login.xximo.com/ | Name: .AspNetCore.Antiforgery.fpUXb9nf698 Value: CfDJ8La7Vg4LTLdGrJVEjVDDBDdajiss7oiorYtBb0maQX8aXUXWmp3UPiZOyxIalpJ67Krq-k3VOx5PdylCpe2s-fCoK7jBevu3p5Ec7q1VN0gipgpp_v35Qrz2fvAiftcjQ6Ww-4VvXaTnf-0TeNr-x9A |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; object-src 'none'; frame-ancestors 'self' *.xximo.com http://localhost:55446/frame-source 'self'; sandbox allow-forms allow-same-origin allow-scripts; script-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'unsafe-inline' 'self' data: https:; base-uri 'self'; |
Strict-Transport-Security | max-age=2592000 |
X-Content-Security-Policy | default-src 'self'; object-src 'none'; frame-ancestors 'self' *.xximo.com http://localhost:55446/frame-source 'self'; sandbox allow-forms allow-same-origin allow-scripts; script-src * 'self' data: https:; font-src * 'self' data: https:; style-src * 'unsafe-inline' 'self' data: https:; base-uri 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN, http://localhost:55446/ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
login.xximo.com
my.xximo.com
104.18.3.252
152.199.19.160
83.96.148.150
13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
6fbaf3ed8b4496f1c273e4ae82fe3f1c1e2fb091419f28529c36f245a37621ba
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a
8c31b5df5f3535024fed9f9ab9f8b1a30f079d930b7ddbd5ad8a1784fb6ab415
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
bab30e37228014462c86309f3c9343028b3ce776aa77d0805d3e98679d8f1710
bcba7a1b90ed6b3e105b968b72fc7a4b6974a9204cfa8d29d131af804634be94
ca4b9c2abd890492987e54d402a8167200209e3144c3fb6b9acda7117bd28003
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d