Receiving Helpdesk

what is an xmas scan used for

by Miss Katelynn Crooks DVM Published 3 years ago Updated 2 years ago

Xmas scans derive their name from the set of flags that are turned on within a packet. These scans are designed to manipulate the PSH, URG and FIN flags of the TCP header

Transmission Control Protocol

The Transmission Control Protocol (TCP) is a core protocol of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP.

en.wikipedia.org
. When viewed within Wireshark, we can see that alternating bits are enabled, or “Blinking,” much like you would light up a Christmas tree.

An adversary uses a TCP XMAS scan to determine if ports are closed on the target machine. This scan type is accomplished by sending TCP segments with all possible flags set in the packet header, generating packets that are illegal based on RFC 793.

Full Answer

What are Xmas scans?

Since the Holidays are upon us, I thought it would be a good time to discuss Xmas Scans, also known as Christmas tree scans—the only network scan with a name that invokes thoughts of cookies, gifts and holiday joy. Xmas scans derive their name from the set of flags that are turned on within a packet.

What is Xmas scan in TCP?

These scans are designed to manipulate the PSH, URG and FIN flags of the TCP header. So in other words, the Xmas scan in order to identify listening ports on a targeted system will send a specific packet. Click to see full answer. Similarly one may ask, what is Xmas scan in nmap?

Does Xmas scan work on open ports?

If the port is open, there is no response; but if the port is closed, the target responds with a RST/ACK packet. XMAS scans work only on target systems that follow the RFC 793 implementation of TCP/IP and don’t work against any version of Windows.

What is the difference between Xmas scan and fin scan?

XMAS scans work only on target systems that follow the RFC 793 implementation of TCP/IP and don’t work against any version of Windows. FIN- A FIN scan is similar to an XMAS scan but sends a packet with just the FIN flag set. FIN scans receive the same response and have the same limitations as XMAS scans.

What is the purpose of port scanning?

A port scan is a common technique hackers use to discover open doors or weak points in a network. A port scan attack helps cyber criminals find open ports and figure out whether they are receiving or sending data. It can also reveal whether active security devices like firewalls are being used by an organization.

How does nmap perform Christmas scan?

Nmap Xmas Scan can be performed using nmap -sX command.

What is an Xmas scan quizlet?

Xmas scan. In the Xmas scan, Nmap sends packets with URG, FIN, and PSH flags activated. This has the effect of "lighting the packet up like a Christmas tree" and can occasionally solicit a response from a firewalled system. Not all systems will respond to probes of this type.

How do you detect a fin scan?

Depending upon the method used it may be necessary to sniff the network in order to see the response. FIN scans are detected via heuristic (non-signature) based algorithms, much in the same way as other scan types are detected. An IDS/IPS system with heuristic algorithms is required to detect them.

What is stealth scan?

Stealth scans Stealth scan types are those where packet flags cause the target system to respond without having a fully established connection. Stealth scanning is used by hackers to circumvent the intrusion detection system (IDS), making it a significant threat.

What does the flag do in an Nmap scan?

Add in the -A flag on your Nmap command, you can discover the operating system information of the hosts that are mapped. The -A flag can be used in combination with other Nmap commands. Using the -O flag on your Nmap command will reveal further operating system information of the mapped hosts.May 14, 2019

Which of the following attacks are more difficult to detect?

Insider attacks still far more difficult to detect and prevent than external cyber attacks. A recent survey conducted by Gurucul of more than 320 IT security experts, found that 15 percent of people said they would delete files or change passwords upon exiting a company.Jul 8, 2019

Which Nmap flag can be used for Xmas tree scan?

Xmas scan ( -sX ) Sets the FIN, PSH, and URG flags, lighting the packet up like a Christmas tree.

How does a SYN scan work quizlet?

How does a SYN scan work? In a normal TCP session, a packet is sent to another computer with the SYN flag set. The receiving computer sends back a packet with the SYN/ACK flag set, indicating an acknowledgment.

What type of scan is a FIN scan?

FIN SCAN is one of the port scanning methods in Nmap, which uses the sheer stupidity of old and stateless firewalls. In fact, when it comes to FIN Scan, our Port Scanner software sends a packet with a flag in the form of FIN meaning the end of the session to the destination firewall or host.

What is missing from a half open scan?

A half open does not include the final ACK - a threeway handshake is part of every TCP connection and happens at the beginning of every connection. In the case of a half-open scan, however, a final ACK is not sent, therefore leaving the connection halfway complete.

How does FIN scan work?

The FIN scan sends a packet that would never occur in the real world. It sends a packet with the FIN flag set without first establishing a connection with the target. If a RST (reset) packet is received back from the target due to the way the RFC is written, the port is considered closed.Jul 5, 2016

What is a nmap Xmas scan?

Nmap Xmas scan was considered a stealthy scan which analyzes responses to Xmas packets to determine the nature of the replying device. Each operating system or network device responds in a different way to Xmas packets revealing local information such as OS (Operating System), port state and more. Currently many firewalls and Intrusion Detection System can detect Xmas packets and it is not the best technique to carry out a stealth scan, yet it is extremely useful to understand how it works.

Is the Xmas scan new?

While the Xmas scan isn’t new and most defense systems are capable to detect it becoming an obsolete technique against well protected targets it is a great way of introduction to uncommon TCP segments like PSH and URG and to understand the way in which Nmap analyzes packets get conclusions on targets. More than an attack method this scan is useful ...

What is a Xmas scan?

What is Xmas scan in nmap? Nmap Xmas scan was considered a stealthy scan which analyzes responses to Xmas packets to determine the nature of the replying device. Each operating system or network device responds in a different way to Xmas packets revealing local information such as OS (Operating System), port state and more.

Is a FIN scan the same as a XMAS scan?

FIN scans receive the same response and have the same limitations as XMAS scans. NULL - A NULL scan is also similar to XMAS and FIN in its limitations and response, but it just sends a packet with no flags set.

image

Port States

Image
Open|filtered:Nmap can’t detect if the port is open or filtered, even if the port is open the Xmas scan will report it as open|filtered, it happens when no response is received (even after retransmissions). Closed: Nmap detects the port is closed, it happens when the response is a TCP RST packet. Filtered:Nmap detects a firewal…
See more on linuxhint.com

Timing Templates

  • Paranoid: -T0, extremely slow, useful to bypass IDS (Intrusion Detection Systems) Sneaky: -T1, very slow, also useful to bypass IDS (Intrusion Detection Systems) Polite: -T2, neutral. Normal: -T3, this is the default mode. Aggressive: -T4, fast scan. Insane:-T5, faster than Aggressive scan technique.
See more on linuxhint.com

Nmap Xmas Scan Examples

  • The following example shows a polite Xmas scan against LinuxHint. Example of Aggressive Xmas Scan against LinuxHint.com By applying the flag -sVfor version detection you can get more information on specific ports and distinguish between filtered and filtered ports, but while Xmas was considered a stealth scan technique this addition may make the scan more visible to firewa…
See more on linuxhint.com

Conclusion

  • While the Xmas scan isn’t new and most defense systems are capable to detect it becoming an obsolete technique against well protected targets it is a great way of introduction to uncommon TCP segments like PSH and URG and to understand the way in which Nmap analyzes packets get conclusions on targets. More than an attack method this scan is useful ...
See more on linuxhint.com

Popular Posts:

  • 1. does autozone replace headlight bulbs
  • 2. what does the root word hydra mean
  • 3. how do you drill out a rounded allen bolt
  • 4. convert feet into inches
  • 5. 1 teaspoon to grams
  • 6. how many sides does a sphere have in 3d
  • 7. changing throttle position sensor chevrolet
  • 8. what time is pst in usa
  • 9. error prosafirma seguridad social
  • 10. windows 11
    • A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9
    Messages7TimelineExceptionsViews7RouteQueries7Models15Livewire0MailsGateSessionRequest
    8.3.21PHP Version1.73sRequest Duration2MBMemory UsageGET {post}Route
    • warninglog[00:56:48] LOG.warning: Creation of dynamic property Barryvdh\Debugbar\DataFormatter\QueryFormatter:...
    • warninglog[00:56:48] LOG.warning: Creation of dynamic property Barryvdh\Debugbar\DataFormatter\QueryFormatter:...
    • warninglog[00:56:48] LOG.warning: Callables of the form ["Swift_SmtpTransport", "Swift_Transport_EsmtpTranspor...
    • warninglog[00:56:48] LOG.warning: Creation of dynamic property Barryvdh\Debugbar\DataFormatter\SimpleFormatter...
    • warninglog[00:56:48] LOG.warning: Creation of dynamic property Barryvdh\Debugbar\DataFormatter\SimpleFormatter...
    • warninglog[00:56:48] LOG.warning: json_decode(): Passing null to parameter #1 ($json) of type string is deprec...
    • warninglog[00:56:48] LOG.warning: json_decode(): Passing null to parameter #1 ($json) of type string is deprec...
    warning
    • Booting (18.31ms)
    • Application (1.71s)
    • 1 x Application (98.9%)
      1.71s
      1 x Booting (1.06%)
      18.31ms
      7 templates were rendered
      • themes.DevBlog.content.post (resources/views/themes/DevBlog/content/post.blade.php)34blade
        Params
        0
        post
        1
        postContent
        2
        author
        3
        updated_at
        4
        bing_rich_snippet_text
        5
        bing_rich_snippet_link
        6
        bing_related_keywords
        7
        google_related_keywords
        8
        bing_news_title
        9
        bing_news_description
        10
        bing_videos
        11
        bing_images
        12
        bing_search_result_title
        13
        bing_search_result_description
        14
        bing_search_result_url
        15
        bing_paa_questions
        16
        bing_paa_answers
        17
        bing_slider_faq_questions
        18
        bing_slider_faq_answers
        19
        bing_pop_faq_questions
        20
        bing_pop_faq_answers
        21
        bing_tab_faq_questions
        22
        bing_tab_faq_answers
        23
        google_faq_questions
        24
        google_faq_answers
        25
        google_rich_snippet
        26
        google_search_result
        27
        indexedArray
        28
        total_images
        29
        total_videos
        30
        settings
        31
        url_current
        32
        menus
        33
        sidebar
      • themes.DevBlog.layouts.master (resources/views/themes/DevBlog/layouts/master.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      • themes.DevBlog.panels.head (resources/views/themes/DevBlog/panels/head.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      • themes.DevBlog.panels.header (resources/views/themes/DevBlog/panels/header.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      • themes.DevBlog.panels.navbar (resources/views/themes/DevBlog/panels/navbar.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      • themes.DevBlog.panels.footer (resources/views/themes/DevBlog/panels/footer.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      • themes.DevBlog.panels.scripts (resources/views/themes/DevBlog/panels/scripts.blade.php)41blade
        Params
        0
        __env
        1
        app
        2
        errors
        3
        post
        4
        postContent
        5
        author
        6
        updated_at
        7
        bing_rich_snippet_text
        8
        bing_rich_snippet_link
        9
        bing_related_keywords
        10
        google_related_keywords
        11
        bing_news_title
        12
        bing_news_description
        13
        bing_videos
        14
        bing_images
        15
        bing_search_result_title
        16
        bing_search_result_description
        17
        bing_search_result_url
        18
        bing_paa_questions
        19
        bing_paa_answers
        20
        bing_slider_faq_questions
        21
        bing_slider_faq_answers
        22
        bing_pop_faq_questions
        23
        bing_pop_faq_answers
        24
        bing_tab_faq_questions
        25
        bing_tab_faq_answers
        26
        google_faq_questions
        27
        google_faq_answers
        28
        google_rich_snippet
        29
        google_search_result
        30
        indexedArray
        31
        total_images
        32
        total_videos
        33
        settings
        34
        url_current
        35
        menus
        36
        sidebar
        37
        i
        38
        __currentLoopData
        39
        loop
        40
        item
      uri
      GET {post}
      middleware
      web, checkdate
      as
      post.show
      controller
      App\Http\Controllers\Frontend\json_data\PostController@show
      namespace
      where
      file
      app/Http/Controllers/Frontend/json_data/PostController.php:18-166
      7 statements were executed1.66s
      receivinghelpdeskask
      • select * from `posts` where `published_at` <= '2025-06-08 00:56:48' and `slug` = 'what-is-an-xmas-scan-used-for' and `posts`.`deleted_at` is null limit 1
        3.21ms/app/Providers/RouteServiceProvider.php:54receivinghelpdeskask
        Metadata
        Bindings
        • 0. 2025-06-08 00:56:48
        • 1. what-is-an-xmas-scan-used-for
        Backtrace
        • 15. /app/Providers/RouteServiceProvider.php:54
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/Router.php:842
        • 19. Route binding:39
        • 20. /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:167
        • 21. /vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:78
      • select * from `json_post_contents` where `json_post_contents`.`post_id` = 149144 and `json_post_contents`.`post_id` is not null and `rewrite_id` = 0
        29.95msmiddleware::checkdate:30receivinghelpdeskask
        Metadata
        Bindings
        • 0. 149144
        • 1. 0
        Backtrace
        • 19. middleware::checkdate:30
        • 20. /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:167
        • 21. /vendor/laravel/jetstream/src/Http/Middleware/ShareInertiaData.php:61
        • 22. /vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:167
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php:50
      • select * from `nova_menu_menus` where `slug` = 'header' limit 1
        930μs/vendor/outl1ne/nova-menu-builder/src/helpers.php:32receivinghelpdeskask
        Metadata
        Bindings
        • 0. header
        Backtrace
        • 15. /vendor/outl1ne/nova-menu-builder/src/helpers.php:32
        • 17. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:45
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:261
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select * from `nova_menu_menu_items` where `nova_menu_menu_items`.`menu_id` = 1 and `nova_menu_menu_items`.`menu_id` is not null and `parent_id` is null order by `parent_id` asc, `order` asc, `name` asc
        1.93ms/vendor/outl1ne/nova-menu-builder/src/Models/Menu.php:35receivinghelpdeskask
        Metadata
        Bindings
        • 0. 1
        Backtrace
        • 19. /vendor/outl1ne/nova-menu-builder/src/Models/Menu.php:35
        • 20. /vendor/outl1ne/nova-menu-builder/src/helpers.php:33
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:45
        • 24. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:261
      • select * from `nova_menu_menu_items` where `nova_menu_menu_items`.`parent_id` in (1) order by `order` asc
        660μs/vendor/outl1ne/nova-menu-builder/src/Models/Menu.php:35receivinghelpdeskask
        Metadata
        Backtrace
        • 24. /vendor/outl1ne/nova-menu-builder/src/Models/Menu.php:35
        • 25. /vendor/outl1ne/nova-menu-builder/src/helpers.php:33
        • 27. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 28. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:45
        • 29. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:261
      • select `id`, `post_title`, `slug` from `posts` where `status` = 'publish' and `posts`.`deleted_at` is null order by RAND() limit 10
        1.62s/app/View/Composers/SidebarView.php:22receivinghelpdeskask
        Metadata
        Bindings
        • 0. publish
        Backtrace
        • 14. /app/View/Composers/SidebarView.php:22
        • 15. /app/View/Composers/SidebarView.php:12
        • 16. /vendor/laravel/framework/src/Illuminate/View/Concerns/ManagesEvents.php:124
        • 17. /vendor/laravel/framework/src/Illuminate/View/Concerns/ManagesEvents.php:162
        • 20. /vendor/laravel/framework/src/Illuminate/View/Concerns/ManagesEvents.php:177
      • select * from `fake_users` where `fake_users`.`id` = 40527 limit 1
        2.29msview::2dd102cf0462e89a4d4d8bc77355d767652bf9aa:15receivinghelpdeskask
        Metadata
        Bindings
        • 0. 40527
        Backtrace
        • 21. view::2dd102cf0462e89a4d4d8bc77355d767652bf9aa:15
        • 23. /vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:108
        • 24. /vendor/laravel/framework/src/Illuminate/View/Engines/PhpEngine.php:58
        • 25. /vendor/livewire/livewire/src/ComponentConcerns/RendersLivewireComponents.php:69
        • 26. /vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php:61
      App\Models\FakeUser
      1
      Outl1ne\MenuBuilder\Models\MenuItem
      1
      Outl1ne\MenuBuilder\Models\Menu
      1
      App\Models\JsonPostContent
      1
      App\Models\Post
      11
          _token
          I6DS7wCDMtwBeNOLUW0JiAT58Jdv2kkB2WK10NNd
          _previous
          array:1 [ "url" => "https://receivinghelpdesk.com/ask/what-is-an-xmas-scan-used-for" ]
          _flash
          array:2 [ "old" => [] "new" => [] ]
          PHPDEBUGBAR_STACK_DATA
          []
          path_info
          /what-is-an-xmas-scan-used-for
          status_code
          200
          status_text
          OK
          format
          html
          content_type
          text/html; charset=UTF-8
          request_query
          []
          request_request
          []
          request_headers
            0 of 0   
          array:24 [
  "cf-ipcountry" => array:1 [
    0 => "US"
  ]
  "cf-connecting-ip" => array:1 [
    0 => "216.73.216.62"
  ]
  "cdn-loop" => array:1 [
    0 => "cloudflare; loops=1"
  ]
  "sec-fetch-site" => array:1 [
    0 => "none"
  ]
  "accept" => array:1 [
    0 => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
  ]
  "user-agent" => array:1 [
    0 => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
  ]
  "upgrade-insecure-requests" => array:1 [
    0 => "1"
  ]
  "sec-ch-ua-platform" => array:1 [
    0 => ""Windows""
  ]
  "sec-ch-ua-mobile" => array:1 [
    0 => "?0"
  ]
  "sec-ch-ua" => array:1 [
    0 => ""Chromium";v="130", "HeadlessChrome";v="130", "Not?A_Brand";v="99""
  ]
  "cache-control" => array:1 [
    0 => "no-cache"
  ]
  "pragma" => array:1 [
    0 => "no-cache"
  ]
  "sec-fetch-dest" => array:1 [
    0 => "document"
  ]
  "cf-ray" => array:1 [
    0 => "94c28b0d6835f83f-ORD"
  ]
  "accept-encoding" => array:1 [
    0 => "gzip, br"
  ]
  "priority" => array:1 [
    0 => "u=0, i"
  ]
  "sec-fetch-user" => array:1 [
    0 => "?1"
  ]
  "sec-fetch-mode" => array:1 [
    0 => "navigate"
  ]
  "cf-visitor" => array:1 [
    0 => "{"scheme":"https"}"
  ]
  "connection" => array:1 [
    0 => "close"
  ]
  "x-forwarded-proto" => array:1 [
    0 => "https"
  ]
  "x-forwarded-for" => array:1 [
    0 => "216.73.216.62, 172.69.17.37"
  ]
  "x-server-addr" => array:1 [
    0 => "154.12.239.204"
  ]
  "host" => array:1 [
    0 => "receivinghelpdesk.com"
  ]
]
          request_server
            0 of 0   
          array:55 [
  "USER" => "runcloud"
  "HOME" => "/home/runcloud"
  "SCRIPT_NAME" => "/ask/index.php"
  "REQUEST_URI" => "/ask/what-is-an-xmas-scan-used-for"
  "QUERY_STRING" => ""
  "REQUEST_METHOD" => "GET"
  "SERVER_PROTOCOL" => "HTTP/1.0"
  "GATEWAY_INTERFACE" => "CGI/1.1"
  "REDIRECT_URL" => "/ask/what-is-an-xmas-scan-used-for"
  "REMOTE_PORT" => "53716"
  "SCRIPT_FILENAME" => "/home/runcloud/webapps/ReceivingHelpDesk/ask/index.php"
  "SERVER_ADMIN" => "you@example.com"
  "CONTEXT_DOCUMENT_ROOT" => "/home/runcloud/webapps/ReceivingHelpDesk/"
  "CONTEXT_PREFIX" => ""
  "REQUEST_SCHEME" => "http"
  "DOCUMENT_ROOT" => "/home/runcloud/webapps/ReceivingHelpDesk/"
  "REMOTE_ADDR" => "172.69.17.37"
  "SERVER_PORT" => "80"
  "SERVER_ADDR" => "127.0.0.1"
  "SERVER_NAME" => "receivinghelpdesk.com"
  "SERVER_SOFTWARE" => "Apache/2.4.63 (Unix) OpenSSL/1.1.1f"
  "SERVER_SIGNATURE" => ""
  "LD_LIBRARY_PATH" => "/RunCloud/Packages/apache2-rc/lib"
  "PATH" => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  "HTTP_CF_IPCOUNTRY" => "US"
  "HTTP_CF_CONNECTING_IP" => "216.73.216.62"
  "HTTP_CDN_LOOP" => "cloudflare; loops=1"
  "HTTP_SEC_FETCH_SITE" => "none"
  "HTTP_ACCEPT" => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
  "HTTP_USER_AGENT" => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
  "HTTP_UPGRADE_INSECURE_REQUESTS" => "1"
  "HTTP_SEC_CH_UA_PLATFORM" => ""Windows""
  "HTTP_SEC_CH_UA_MOBILE" => "?0"
  "HTTP_SEC_CH_UA" => ""Chromium";v="130", "HeadlessChrome";v="130", "Not?A_Brand";v="99""
  "HTTP_CACHE_CONTROL" => "no-cache"
  "HTTP_PRAGMA" => "no-cache"
  "HTTP_SEC_FETCH_DEST" => "document"
  "HTTP_CF_RAY" => "94c28b0d6835f83f-ORD"
  "HTTP_ACCEPT_ENCODING" => "gzip, br"
  "HTTP_PRIORITY" => "u=0, i"
  "HTTP_SEC_FETCH_USER" => "?1"
  "HTTP_SEC_FETCH_MODE" => "navigate"
  "HTTP_CF_VISITOR" => "{"scheme":"https"}"
  "HTTP_CONNECTION" => "close"
  "HTTP_X_FORWARDED_PROTO" => "https"
  "HTTP_X_FORWARDED_FOR" => "216.73.216.62, 172.69.17.37"
  "HTTP_X_SERVER_ADDR" => "154.12.239.204"
  "HTTP_HOST" => "receivinghelpdesk.com"
  "HTTPS" => "on"
  "REDIRECT_STATUS" => "200"
  "REDIRECT_HTTPS" => "on"
  "FCGI_ROLE" => "RESPONDER"
  "PHP_SELF" => "/ask/index.php"
  "REQUEST_TIME_FLOAT" => 1749324408.0264
  "REQUEST_TIME" => 1749324408
]
          request_cookies
          []
          response_headers
            0 of 0   
          array:7 [
  "content-type" => array:1 [
    0 => "text/html; charset=UTF-8"
  ]
  "cache-control" => array:1 [
    0 => "private, must-revalidate"
  ]
  "date" => array:1 [
    0 => "Sat, 07 Jun 2025 19:26:48 GMT"
  ]
  "pragma" => array:1 [
    0 => "no-cache"
  ]
  "expires" => array:1 [
    0 => -1
  ]
  "set-cookie" => array:2 [
    0 => "XSRF-TOKEN=eyJpdiI6InhpUmtSUGhGNHV5enRvNXpVZE9QcWc9PSIsInZhbHVlIjoieVMyZFV1VDFVTnQwVlB3TzlhU3MySGg5RHIzTjVuQ3FLSGcwZ1lHV0NaZmlyYlB0b2RFYTQxbUdEdUNDK3ZKL2p1aE96bXBCMU1aWlNObkxxWTJnZ1VTVkdhM3NQeTlFc2YwQm55QlV2c2UyMDNlblJ1V3dnUVBlK2JsYVR2NzciLCJtYWMiOiIwMTlmYmMwOThlZWYzMmI1OTE4MWQwZjcyMzgyN2Y3NTUzYzgyNzY0YzA2ZWJmNjU5YzE5ZWVjMWNlMjM3YjhkIiwidGFnIjoiIn0%3D; expires=Sat, 07-Jun-2025 21:26:49 GMT; Max-Age=7200; path=/; samesite=laxXSRF-TOKEN=eyJpdiI6InhpUmtSUGhGNHV5enRvNXpVZE9QcWc9PSIsInZhbHVlIjoieVMyZFV1VDFVTnQwVlB3TzlhU3MySGg5RHIzTjVuQ3FLSGcwZ1lHV0NaZmlyYlB0b2RFYTQxbUdEdUNDK3ZKL2p1aE96b"
    1 => "askhelpdesk_session=eyJpdiI6IllmZXpRcTZTY3N1UUx3TEdTQkVYOUE9PSIsInZhbHVlIjoiMFd2bml1VUcza3Jhck0xUWhpZjRQQzh5T0dxTDBzVEhCMHdKbGlieUtuSWJkbFphQ1BpNzRldmZ6dlZUUXZrT1VEQkpHa25Qalk1cjhOdWdEckxRQjNNZXptSmZNL0JtOGkxR3kxeldXYnNvK3g2RTNVdUdhQ1VQU3N6WGpxM0UiLCJtYWMiOiI0ZjI3NTZlZGNhNTllNzkzNTI3NWIxMzc3M2E2ZjAwMWUwZjU2NTM1NDgxMGNlNThkZGYxZGQ0ZDY1ZmFmZGUwIiwidGFnIjoiIn0%3D; expires=Sat, 07-Jun-2025 21:26:49 GMT; Max-Age=7200; path=/; httponly; samesite=laxaskhelpdesk_session=eyJpdiI6IllmZXpRcTZTY3N1UUx3TEdTQkVYOUE9PSIsInZhbHVlIjoiMFd2bml1VUcza3Jhck0xUWhpZjRQQzh5T0dxTDBzVEhCMHdKbGlieUtuSWJkbFphQ1BpNzRldmZ6dlZUUXZr"
  ]
  "Set-Cookie" => array:2 [
    0 => "XSRF-TOKEN=eyJpdiI6InhpUmtSUGhGNHV5enRvNXpVZE9QcWc9PSIsInZhbHVlIjoieVMyZFV1VDFVTnQwVlB3TzlhU3MySGg5RHIzTjVuQ3FLSGcwZ1lHV0NaZmlyYlB0b2RFYTQxbUdEdUNDK3ZKL2p1aE96bXBCMU1aWlNObkxxWTJnZ1VTVkdhM3NQeTlFc2YwQm55QlV2c2UyMDNlblJ1V3dnUVBlK2JsYVR2NzciLCJtYWMiOiIwMTlmYmMwOThlZWYzMmI1OTE4MWQwZjcyMzgyN2Y3NTUzYzgyNzY0YzA2ZWJmNjU5YzE5ZWVjMWNlMjM3YjhkIiwidGFnIjoiIn0%3D; expires=Sat, 07-Jun-2025 21:26:49 GMT; path=/XSRF-TOKEN=eyJpdiI6InhpUmtSUGhGNHV5enRvNXpVZE9QcWc9PSIsInZhbHVlIjoieVMyZFV1VDFVTnQwVlB3TzlhU3MySGg5RHIzTjVuQ3FLSGcwZ1lHV0NaZmlyYlB0b2RFYTQxbUdEdUNDK3ZKL2p1aE96b"
    1 => "askhelpdesk_session=eyJpdiI6IllmZXpRcTZTY3N1UUx3TEdTQkVYOUE9PSIsInZhbHVlIjoiMFd2bml1VUcza3Jhck0xUWhpZjRQQzh5T0dxTDBzVEhCMHdKbGlieUtuSWJkbFphQ1BpNzRldmZ6dlZUUXZrT1VEQkpHa25Qalk1cjhOdWdEckxRQjNNZXptSmZNL0JtOGkxR3kxeldXYnNvK3g2RTNVdUdhQ1VQU3N6WGpxM0UiLCJtYWMiOiI0ZjI3NTZlZGNhNTllNzkzNTI3NWIxMzc3M2E2ZjAwMWUwZjU2NTM1NDgxMGNlNThkZGYxZGQ0ZDY1ZmFmZGUwIiwidGFnIjoiIn0%3D; expires=Sat, 07-Jun-2025 21:26:49 GMT; path=/; httponlyaskhelpdesk_session=eyJpdiI6IllmZXpRcTZTY3N1UUx3TEdTQkVYOUE9PSIsInZhbHVlIjoiMFd2bml1VUcza3Jhck0xUWhpZjRQQzh5T0dxTDBzVEhCMHdKbGlieUtuSWJkbFphQ1BpNzRldmZ6dlZUUXZr"
  ]
]
          session_attributes
            0 of 0   
          array:4 [
  "_token" => "I6DS7wCDMtwBeNOLUW0JiAT58Jdv2kkB2WK10NNd"
  "_previous" => array:1 [
    "url" => "https://receivinghelpdesk.com/ask/what-is-an-xmas-scan-used-for"
  ]
  "_flash" => array:2 [
    "old" => []
    "new" => []
  ]
  "PHPDEBUGBAR_STACK_DATA" => []
]