urlscan.io logo urlscan.io
SecurityTrails logo

consumer.xtime.com Open in urlscan Pro
34.214.130.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTg...
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 34.214.130.31, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is consumer.xtime.com. The Cisco Umbrella rank of the primary domain is 131140.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 27th 2022. Valid for: a year.
This is the only time consumer.xtime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.214.130.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 216.235.178.70 11609 (ELAVON)
5 13.224.189.7 16509 (AMAZON-02)
6 35.83.28.242 16509 (AMAZON-02)
18 8
1    34.214.130.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-130-31.us-west-2.compute.amazonaws.com
consumer.xtime.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    216.235.178.70 (United States)

ASN11609 (ELAVON, US)
www.cenpos.com
5    13.224.189.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-7.fra2.r.cloudfront.net
subscription8x1.xtime.com
6    35.83.28.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-28-242.us-west-2.compute.amazonaws.com
x1con.xtime.com
Apex Domain
Subdomains		 Transfer
12 xtime.com
consumer.xtime.com — Cisco Umbrella Rank: 131140
subscription8x1.xtime.com
x1con.xtime.com — Cisco Umbrella Rank: 460055
2 MB
2 cenpos.com
www.cenpos.com — Cisco Umbrella Rank: 211130
4 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 768
36 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
18 5
Domain Requested by
6 x1con.xtime.com subscription8x1.xtime.com
5 subscription8x1.xtime.com consumer.xtime.com
subscription8x1.xtime.com
2 www.cenpos.com consumer.xtime.com
2 code.jquery.com consumer.xtime.com
1 cdnjs.cloudflare.com consumer.xtime.com
1 fonts.googleapis.com consumer.xtime.com
1 consumer.xtime.com
18 7

This site contains no links.

Subject Issuer Validity Valid
*.xtime.com
Go Daddy Secure Certificate Authority - G2		 2022-09-27 -
2023-10-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
cenpos.com
Entrust Certification Authority - L1K		 2022-10-28 -
2023-11-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Frame ID: 4F422636C1D21F961382DB3AEF59FCA2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Subscription 8

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

1821 kB
Transfer

1896 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
consumer.xtime.com/subscriptions/ 		17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.130.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-130-31.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
04e04e188106005078090adee1bfff824164abaf9922bb1cc5d5517642d09c3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
http://consumer.xtime.com
date
Wed, 07 Jun 2023 17:09:31 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 17:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 17:09:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 17:09:32 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6620182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKLn21HTe2EqmQVmXkay5uto0qlnYgvqn8VSy9mZnFtMXu8M2NdymhD435BwdqbTu4RMznImUWG6ehh8xK4vd%2B%2F5XDHYyk9bFxzVkA8%2BN1BJNjpSbfcS8TEqFl7cArMYdJLIBE2icZkboR3si2SwnBh9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d3a80db9e0e2c77-FRA
expires
Mon, 27 May 2024 17:09:32 GMT
jquery-1.12.0.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:32 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-17c52"
vary
Accept-Encoding
x-hw
1686157772.dop222.fr8.t,1686157772.cds148.fr8.hn,1686157772.cds167.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:32 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1c1f"
vary
Accept-Encoding
x-hw
1686157772.dop222.fr8.t,1686157772.cds148.fr8.hn,1686157772.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
porthole.min.js
www.cenpos.com/Plugins/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cenpos.com/Plugins/porthole.min.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.235.178.70 , United States, ASN11609 (ELAVON, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e73647db069276b3ae496f63419534c56a62443328522a9af76691c2d878ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 07 Jun 2023 17:09:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2017 14:56:34 GMT
Server
Microsoft-IIS/10.0
ETag
"03d825f1f6d31:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1912
jquery.simplewebpay.js
www.cenpos.com/Plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cenpos.com/Plugins/jquery.simplewebpay.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.235.178.70 , United States, ASN11609 (ELAVON, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcb4460b78d44dd22864c597c74fcf50f5740467eda14d2aff5efd21178754cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 07 Jun 2023 17:09:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Aug 2019 21:34:38 GMT
Server
Microsoft-IIS/10.0
ETag
"02be212e852d51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1355
bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
subscription8x1.xtime.com/static/css/themes/bmwusa_2019/ 		572 KB
573 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3944e199b67ef8ca254dfc3ac80bcea5f4c21e8c7470a62bf0de3e95798f2218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 16:54:32 GMT
x-amz-version-id
faRUA5qTPYyiCWovfCKtz2oJj55sqyvZ
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 05:45:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
900
etag
"498762e53637382835c8134439856f23"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
585513
x-amz-cf-id
YYQgvAnI3jBByDsXqMVtrCJZvwSBEFZNuf8Q8A9U79UF7B_H8XsC7w==
2.e1988fff.chunk.js
subscription8x1.xtime.com/static/js/ 		998 KB
1000 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d78465d145141168c4ea67c1f60c779ad86bc7e526d804f806615fa106a79afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 16:54:32 GMT
x-amz-version-id
.hwIBPJs4XaWRebf_NEl.505ev.JJoZf
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 05:45:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
900
etag
"a2f501c334bc8dc7212992946fbbd664"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
1022310
x-amz-cf-id
mKHBPawgMmmqp0-KJ8NkloP40NGUCiBlJr_zPXYUWs00BJyl8R8Qew==
cxApp.e686772d.chunk.js
subscription8x1.xtime.com/static/js/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription8x1.xtime.com/static/js/cxApp.e686772d.chunk.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/subscriptions/?webkey=bushregencymtrs&linkId=d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d0243946bfd2d78270721db36f7d5d819d136ecb04b8dec6c7b9abac6c7ab0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consumer.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 16:54:32 GMT
x-amz-version-id
q3uke_KG74q8SeZ4yRl_uOosVxb3UoWd
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 05:45:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
900
etag
"173334c65ae8b0cab149be98802f5c87"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
43797
x-amz-cf-id
PdO8p-KghsiEBBv-qttCiv6_nIKa1W6SZM_jC-SHt75LsXZBKnWF4Q==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a96483c305583030d1f3a69e7b26dcc238e27d3b8e3d66a9a05cc8b93d753543

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type
image/png
BMWGroup-Bold.527dda93.woff
subscription8x1.xtime.com/static/css/themes/bmwusa_2019/assets/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/assets/BMWGroup-Bold.527dda93.woff
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36ee0de1368ea4326967a45e98975871cb2a0e14e13db72e38fb06b74beb2f22

Request headers

Referer
https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
Origin
https://consumer.xtime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 16:54:50 GMT
x-amz-version-id
w7EFWzG62A1se4qqwh9mzf4nISRBcTyR
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
883
x-cache
Hit from cloudfront
content-length
62516
last-modified
Fri, 18 Feb 2022 05:45:49 GMT
server
AmazonS3
etag
"527dda9314b10356671e8c836c208603"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
hRP_zqqbGQ1mbk7exRYIcpPmxsLBY1BfKoaNHcdNY9xePIh6ZO5seg==
BMWGroupLight-Regular.3a090998.woff
subscription8x1.xtime.com/static/css/themes/bmwusa_2019/assets/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/assets/BMWGroupLight-Regular.3a090998.woff
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7e817583fe5f70e069e3c9c95d9f1d760130a4dfae2f3be0fb11328b7520890

Request headers

Referer
https://subscription8x1.xtime.com/static/css/themes/bmwusa_2019/bmwusa_2019.ca7fcddd17e7c6ac.chunk.css
Origin
https://consumer.xtime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 16:54:43 GMT
x-amz-version-id
MSSg4gIcL.g7IYzUxoDhqD9pDMjcU8UT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
890
x-cache
Hit from cloudfront
content-length
81072
last-modified
Fri, 18 Feb 2022 05:45:49 GMT
server
AmazonS3
etag
"3a0909982584ddb6bdcb73fbd126689b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
XtEpgAk1hppKq5Z_C8GPW4EIPzHOU5m_JcJoUmwomU1VHAUX1Bc_MQ==
d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU
x1con.xtime.com/xws/rest/shortlink/consumer/decodeLinkId/ 		103 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/shortlink/consumer/decodeLinkId/d2Via2V5PWJ1c2hyZWdlbmN5bXRycyZwZXJzb25JZD00NDExNTgzODk1MyZ2ZWhpY2xlSWQ9OTcxODU3ODY5MzU
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
00a57c89cb19b1c1de66670b95eac2d5183228dff448a8a68ca0f7d231cfc481
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:33 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
103
x-xss-protection
1; mode=block
bushregencymtrs
x1con.xtime.com/xws/rest/marketing/micro-site/getSmsNumber/ 		98 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/marketing/micro-site/getSmsNumber/bushregencymtrs
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2fb9b0800bb542e72cc1df29d130c1c4d9f15e5dab5d22066e4297bfa6c6c96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:34 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
98
x-xss-protection
1; mode=block
bannerSettings
x1con.xtime.com/xws/rest/dealers/bushregencymtrs/ 		296 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/dealers/bushregencymtrs/bannerSettings
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4741a63748394c4b529cc6fe88ef74c623391c9b6d23e43faaa3dcc801c5f2ee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:34 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
296
x-xss-protection
1; mode=block
44115838953
x1con.xtime.com/xws/rest/marketing/micro-site/contactInfo/ 		174 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/marketing/micro-site/contactInfo/44115838953
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fd07b1f3e91eebc3319291e3b308ea514da18406f7195240389cdc99b4922184
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:34 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
174
x-xss-protection
1; mode=block
bushregencymtrs
x1con.xtime.com/xws/rest/marketing/micro-site/configurations/ 		877 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/marketing/micro-site/configurations/bushregencymtrs
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
33d46dfee8668fadc7c35c29a3308b9a078e87c92161f46762d006ee0cfa57f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:34 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
877
x-xss-protection
1; mode=block
DEALER_PORTAL
x1con.xtime.com/xws/rest/marketing/micro-site/getDealerMarketingSMSConfig/bushregencymtrs/ 		175 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x1con.xtime.com/xws/rest/marketing/micro-site/getDealerMarketingSMSConfig/bushregencymtrs/DEALER_PORTAL
Requested by
Host: subscription8x1.xtime.com
URL: https://subscription8x1.xtime.com/static/js/2.e1988fff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.28.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-28-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1d6bba1f8fbd0ee0cf68169e3db1a1372ce4f214144d9e7959313fbed3c505c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://consumer.xtime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 07 Jun 2023 17:09:35 GMT
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://consumer.xtime.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
175
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| PortholeClass object| Porthole object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
consumer.xtime.com
fonts.googleapis.com
subscription8x1.xtime.com
www.cenpos.com
x1con.xtime.com
13.224.189.7
2001:4de0:ac18::1:a:2a
216.235.178.70
2606:4700::6811:180e
2a00:1450:4001:803::200a
34.214.130.31
35.83.28.242
00a57c89cb19b1c1de66670b95eac2d5183228dff448a8a68ca0f7d231cfc481
04e04e188106005078090adee1bfff824164abaf9922bb1cc5d5517642d09c3f
1d6bba1f8fbd0ee0cf68169e3db1a1372ce4f214144d9e7959313fbed3c505c9
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
33d46dfee8668fadc7c35c29a3308b9a078e87c92161f46762d006ee0cfa57f2
36ee0de1368ea4326967a45e98975871cb2a0e14e13db72e38fb06b74beb2f22
3944e199b67ef8ca254dfc3ac80bcea5f4c21e8c7470a62bf0de3e95798f2218
3d0243946bfd2d78270721db36f7d5d819d136ecb04b8dec6c7b9abac6c7ab0b
4741a63748394c4b529cc6fe88ef74c623391c9b6d23e43faaa3dcc801c5f2ee
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
9e73647db069276b3ae496f63419534c56a62443328522a9af76691c2d878ea6
a96483c305583030d1f3a69e7b26dcc238e27d3b8e3d66a9a05cc8b93d753543
bcb4460b78d44dd22864c597c74fcf50f5740467eda14d2aff5efd21178754cc
d2fb9b0800bb542e72cc1df29d130c1c4d9f15e5dab5d22066e4297bfa6c6c96
d78465d145141168c4ea67c1f60c779ad86bc7e526d804f806615fa106a79afe
d7e817583fe5f70e069e3c9c95d9f1d760130a4dfae2f3be0fb11328b7520890
fd07b1f3e91eebc3319291e3b308ea514da18406f7195240389cdc99b4922184