portal6.xyvid.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 20.40.202.13, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal6.xyvid.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 6th 2023. Valid for: a year.

This is the only time portal6.xyvid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	20.40.202.13 20.40.202.13	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
7	3

4 20.40.202.13 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

portal6.xyvid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	xyvid.com 1 redirects portal6.xyvid.com	27 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 236	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 600	29 KB
7	3

	Domain	Requested by
4	portal6.xyvid.com	1 redirects portal6.xyvid.com
3	bam.nr-data.net	portal6.xyvid.com
1	js-agent.newrelic.com	portal6.xyvid.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
*.xyvid.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-04-05`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://portal6.xyvid.com/
Frame ID: BEE480D925CC644C4EE800710EE14991
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Event Not Found :(

Page URL History Show full URLs

http://portal6.xyvid.com/ HTTP 301
https://portal6.xyvid.com/ Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

57 kB
Transfer

151 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portal6.xyvid.com/ HTTP 301
https://portal6.xyvid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
portal6.xyvid.com/
Redirect Chain

http://portal6.xyvid.com/
https://portal6.xyvid.com/

55 KB
24 KB

645ms
194ms

Document
text/html

20.40.202.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal6.xyvid.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.13 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

977fadbc6e3f2c34fae1f3dee1480e96407d6e082a93beb384d774928127ec1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 24154
Content-Type: text/html
Date: Tue, 16 Jan 2024 20:37:09 GMT
ETag: "ba85e22553fda1:0"
Feature-Policy: vibrate 'none'; geolocation 'none'
Last-Modified: Thu, 04 Jan 2024 21:28:51 GMT
Permissions-Policy: fullscreen=(), geolocation=()
Referrer-Policy: same-origin
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Content-Length: 0
Date: Tue, 16 Jan 2024 20:37:08 GMT
Location: https://portal6.xyvid.com/

GET
H/1.1 200
OK roboto.css
portal6.xyvid.com/css/ 9 KB
2 KB 153ms
152ms Stylesheet
text/css 20.40.202.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal6.xyvid.com/css/roboto.css

Requested by

Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.13 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0177ab1ec8531af088673c7e23ff57237b32af25b60bc0e84f1285d815188423

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portal6.xyvid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 20:37:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 1195
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 04 Jan 2024 21:29:25 GMT
Server: Microsoft-IIS/10.0
ETag: "84b0f816553fda1:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Feature-Policy: vibrate 'none'; geolocation 'none'
Permissions-Policy: fullscreen=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK InLineStyleReplace.css
portal6.xyvid.com/css/ 1 KB
1 KB 303ms
150ms Stylesheet
text/css 20.40.202.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal6.xyvid.com/css/InLineStyleReplace.css

Requested by

Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.40.202.13 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6430a5813975812f2a08ac77f7262d13f290a0d5f24e2f78d2a2a9e87a598b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://portal6.xyvid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 20:37:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 660
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 04 Jan 2024 21:29:24 GMT
Server: Microsoft-IIS/10.0
ETag: "e788d216553fda1:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Feature-Policy: vibrate 'none'; geolocation 'none'
Permissions-Policy: fullscreen=(), geolocation=()
Accept-Ranges: bytes

GET
H2 200 nr-spa-1.250.0.min.js Show response
js-agent.newrelic.com/ 86 KB
29 KB 138ms
42ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.250.0.min.js

Requested by

Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8aaf0af04baf8eaa35b1ac46ed02d131a8d3c44896b92a45fa1555c70ebc94c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer
Origin: https://portal6.xyvid.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 9CPSHfU_b43id9HPDI1ELov4Sz01U0Ym
content-encoding: br
via: 1.1 varnish
date: Tue, 16 Jan 2024 20:37:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: DBVBT01AKR5V4BQ2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 28786
x-amz-id-2: dmjipYb3K9oxoZwCYp1UG99I2mixnpSfRYNsGjTizczZhBFhqviArpzhCHsN7lv52cw9Maio/Mw=
x-served-by: cache-lcy-eglc8600024-LCY
last-modified: Tue, 09 Jan 2024 19:15:56 GMT
server: AmazonS3
x-timer: S1705437430.355087,VS0,VE0
etag: "6e3b65f7f44fa4b3bf86d1f0187490ce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 477150

POST
H/1.1 200 NRJS-82c08f1358b73abb964 Show response
bam.nr-data.net/1/ 40 B
405 B 325ms
227ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-82c08f1358b73abb964?a=1475523394&v=1.250.0&to=ZgZaNhFWCxZRUkVRXV9MbRAKGFFVBB9ZTF9d&rst=1710&ck=0&s=54560cf77297eb13&ref=https://portal6.xyvid.com/&hr=0&af=err,xhr,stn,ins,spa&qt=15&be=1081&fe=469&dc=164&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705437428697,%22n%22:0,%22f%22:436,%22dn%22:438,%22dne%22:438,%22c%22:438,%22s%22:584,%22ce%22:887,%22rq%22:887,%22rp%22:1081,%22rpe%22:1230,%22di%22:1245,%22ds%22:1245,%22de%22:1245,%22dc%22:1549,%22l%22:1549,%22le%22:1550%7D,%22navigation%22:%7B%7D%7D&fp=1554&fcp=1554
Requested by: Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 16 Jan 2024 20:37:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://portal6.xyvid.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-lcy-eglc8600023-LCY

POST
H/1.1 200 NRJS-82c08f1358b73abb964 Show response
bam.nr-data.net/resources/1/ 36 B
352 B 229ms
229ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-82c08f1358b73abb964?a=1475523394&v=1.250.0&to=ZgZaNhFWCxZRUkVRXV9MbRAKGFFVBB9ZTF9d&rst=2041&ck=0&s=54560cf77297eb13&ref=https://portal6.xyvid.com/&st=1705437428697&hr=0&fts=1705437428697&n=26&fsh=1
Requested by: Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e21819e111bfc8077e3cb92c05e28687937a989c21b0c1300b0a98021cce15f6

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 16 Jan 2024 20:37:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://portal6.xyvid.com
access-control-allow-credentials: true
Connection: close
Content-Length: 36
x-served-by: cache-lcy-eglc8600023-LCY

POST
H/1.1 200 NRJS-82c08f1358b73abb964 Show response
bam.nr-data.net/events/1/ 24 B
344 B 311ms
227ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-82c08f1358b73abb964?a=1475523394&v=1.250.0&to=ZgZaNhFWCxZRUkVRXV9MbRAKGFFVBB9ZTF9d&rst=2274&ck=0&s=54560cf77297eb13&ref=https://portal6.xyvid.com/&ptid=c3cb4482-0001-b3ba-bfb2-018d13fe046e&hr=0
Requested by: Host: portal6.xyvid.com
URL: https://portal6.xyvid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 16 Jan 2024 20:37:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://portal6.xyvid.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-lcy-eglc8600078-LCY

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.250.0.PROD object| newrelic

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portal6.xyvid.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 16111e1b7b1d3a0bbc80ac5b8ff7d93592201ade796bd577061cc53907323aa8
			.portal6.xyvid.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 16111e1b7b1d3a0bbc80ac5b8ff7d93592201ade796bd577061cc53907323aa8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
portal6.xyvid.com
151.101.194.137
162.247.243.29
20.40.202.13
0177ab1ec8531af088673c7e23ff57237b32af25b60bc0e84f1285d815188423
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
6430a5813975812f2a08ac77f7262d13f290a0d5f24e2f78d2a2a9e87a598b12
8aaf0af04baf8eaa35b1ac46ed02d131a8d3c44896b92a45fa1555c70ebc94c9
977fadbc6e3f2c34fae1f3dee1480e96407d6e082a93beb384d774928127ec1d
e21819e111bfc8077e3cb92c05e28687937a989c21b0c1300b0a98021cce15f6

portal6.xyvid.com Open in urlscan Pro 20.40.202.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

57 kBTransfer

151 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

portal6.xyvid.com Open in urlscan Pro
20.40.202.13 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

57 kB
Transfer

151 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions