consumer.xtime.com Open in urlscan Pro
54.71.128.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pA1IdvcU1CXwI4Jv_Ls8uIWCQ23YCh2Dz3uoIXcAYYn0g...
Effective URL:
https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA
Submission: On September 10 via manual (September 10th 2024, 2:09:58 pm UTC) from US — Scanned from CA

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 11 domains to perform 50 HTTP transactions. The main IP is 54.71.128.213, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is consumer.xtime.com. The Cisco Umbrella rank of the primary domain is 281178.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 28th 2023. Valid for: a year.

This is the only time consumer.xtime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:251... 2600:9000:2512:4e00:14:2c4a:59c0:93a1	16509 (AMAZON-02) (AMAZON-02)
20	54.71.128.213 54.71.128.213	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.130.48 18.173.130.48	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:28b... 2600:9000:28b2:fa00:c:2fca:7180:93a1	() ()
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.85.61.87 52.85.61.87	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	54.70.68.82 54.70.68.82	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
1 1	34.218.200.181 34.218.200.181	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:23c... 2600:9000:23cb:9a00:b:e995:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::54	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	148.113.163.217 148.113.163.217	() ()
50	18

1 2600:9000:2512:4e00:14:2c4a:59c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sgelink.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.71.128.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-128-213.us-west-2.compute.amazonaws.com

consumer.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x6con.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.130.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-130-48.jfk52.r.cloudfront.net

d2zah9y47r7bi2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:28b2:fa00:c:2fca:7180:93a1 (United States) 2 redirects

ASN- ()

d1d1dxv8oifr9i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-87.ewr53.r.cloudfront.net

media.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.68.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-68-82.us-west-2.compute.amazonaws.com

cdn.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.218.200.181 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-200-181.us-west-2.compute.amazonaws.com

xmmext-prod.xtimeapps.xtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:9a00:b:e995:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d39xv5bi5716zu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.163.217 (None, )

ASN- ()

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	xtime.com 2 redirects sgelink.xtime.com — Cisco Umbrella Rank: 477898 consumer.xtime.com — Cisco Umbrella Rank: 281178 x6con.xtime.com — Cisco Umbrella Rank: 686204 cdn.xtime.com — Cisco Umbrella Rank: 302357 media.xtime.com — Cisco Umbrella Rank: 238738 xmmext-prod.xtimeapps.xtime.com — Cisco Umbrella Rank: 102764	1005 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 225 www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 46	68 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	320 KB
4	cloudfront.net 2 redirects d2zah9y47r7bi2.cloudfront.net d1d1dxv8oifr9i.cloudfront.net d39xv5bi5716zu.cloudfront.net	33 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	262 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	89 KB
1	trackjs.com usage.trackjs.com	273 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
50	11

	Domain	Requested by
17	x6con.xtime.com	consumer.xtime.com x6con.xtime.com d2zah9y47r7bi2.cloudfront.net
5	www.google.com	d1d1dxv8oifr9i.cloudfront.net www.gstatic.com
5	www.google-analytics.com	www.googletagmanager.com d2zah9y47r7bi2.cloudfront.net x6con.xtime.com
4	www.googletagmanager.com	x6con.xtime.com www.googletagmanager.com
3	cdn.xtime.com	x6con.xtime.com cdn.xtime.com
2	connect.facebook.net	x6con.xtime.com connect.facebook.net
2	d1d1dxv8oifr9i.cloudfront.net	2 redirects
2	apis.google.com	x6con.xtime.com apis.google.com
1	usage.trackjs.com
1	www.facebook.com	d2zah9y47r7bi2.cloudfront.net
1	www.gstatic.com	www.google.com
1	accounts.google.com	apis.google.com
1	d39xv5bi5716zu.cloudfront.net	x6con.xtime.com
1	xmmext-prod.xtimeapps.xtime.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	media.xtime.com	x6con.xtime.com
1	d2zah9y47r7bi2.cloudfront.net	x6con.xtime.com
1	cdnjs.cloudflare.com	x6con.xtime.com
1	fonts.googleapis.com	x6con.xtime.com
1	consumer.xtime.com
1	sgelink.xtime.com	1 redirects
50	21

This site contains no links.

Subject Issuer	Validity	Valid
*.xtime.com Go Daddy Secure Certificate Authority - G2	`2023-09-28` - `2024-10-20`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.apis.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
accounts.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.trackjs.com RapidSSL TLS RSA CA G1	`2024-08-05` - `2025-08-11`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA
Frame ID: 335AB4CE3CFC11187E9FDF57DCD8AB08
Requests: 1 HTTP requests in this frame

Frame: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Frame ID: 1BA878BB5F90660D8321C7547CE99683
Requests: 47 HTTP requests in this frame

Frame: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/clicktracking.html
Frame ID: 8CB80103B311009E942EF81667A0CF28
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 27578444ECB8CAA7C1D35D76CB6076AE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4&co=aHR0cHM6Ly94NmNvbi54dGltZS5jb206NDQz&hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&badge=bottomright&cb=gmb0uh4x346r
Frame ID: 3AFD0C0FCFC08E094F7A2DB8C776403A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4&co=aHR0cHM6Ly94NmNvbi54dGltZS5jb206NDQz&hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&badge=bottomright&cb=7qlwg026zu3s
Frame ID: 1B9956FBFD12C64E69BE763CAEE83985
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4
Frame ID: 5B6886820D8F1E392E2763EEEE56E076
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4
Frame ID: 811D08EB8CB3045158242EFA853F3B81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Xtime App

Page URL History Show full URLs

https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pA1IdvcU1CXwI4Jv_Ls8uIWCQ... HTTP 302
https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

21
Subdomains

18
IPs

1
Countries

1799 kB
Transfer

5604 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pA1IdvcU1CXwI4Jv_Ls8uIWCQ23YCh2Dz3uoIXcAYYn0gEEtJCV3n4xZkpkazQIxJrJuqIe4KHZ4emEQXxHy-MBjogawwJLUGwQPk6PR-0NWtD_as02a9JO3NiFxdzzxU8/49m/H0vHbC68QJS9fWWUGlVTmA/h1/h001._uVIehuYYFyeGyR9GCWRWhdPa57NrdNPcjXZDZrVl68 HTTP 302
https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css HTTP 301
https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css

Request Chain 7

https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/js/main.83df9ee9.js HTTP 301
https://cdn.xtime.com/x6/consumerportal8/static/js/main.83df9ee9.js

Request Chain 23

https://xmmext-prod.xtimeapps.xtime.com/oe/xmm/getBrandLogo?make=VOLVO&variant=VOLVOCANADA&locale=fr_CA&key=DEFAULT_LOGO HTTP 302
https://d39xv5bi5716zu.cloudfront.net/mktgassets/VOLVO/VOLVOCANADA/enCA/VolvoLogo2010714.png

50 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
consumer.xtime.com/scheduling/
Redirect Chain

https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pA1IdvcU1CXwI4Jv_Ls8uIWCQ23YCh2Dz3uoIXcAYYn0gEEtJCV3n4xZkpkazQIxJrJuqIe4KHZ4emEQXxHy-MBjogawwJLUGwQPk6PR-0NWtD_as02a9JO3...
https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA

1011 B
1 KB

967ms
169ms

Document
text/html

54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-128-213.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 50e585a11a8cb4eedbece1c294a552e4a9aef180035925754bca95d96e495380

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: http://consumer.xtime.com
content-length: 1011
date: Tue, 10 Sep 2024 14:09:53 GMT

Redirect headers

age: 6
content-length: 146
content-type: text/html; charset=utf-8
date: Tue, 10 Sep 2024 14:09:46 GMT
location: https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA
server: nginx
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
x-amz-cf-id: bYUcK3ho0guNlPY7wWvves01LuqayScijvQzhoT8552893VX7deJ0g==
x-amz-cf-pop: JFK50-P7
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 / Show response
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/ Frame 1BA8 92 KB
23 KB 339ms
296ms Document
text/html 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Requested by: Host: consumer.xtime.com
URL: https://consumer.xtime.com/scheduling/?redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&locale=fr_CA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-128-213.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 95428010fb6ab75b33de88eb4b6c256abe5a7028429c7df837b4c88817eec52f

Request headers

Referer: https://consumer.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 10 Sep 2024 14:09:53 GMT
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 1BA8 16 KB
2 KB 482ms
95ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 13:04:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Sep 2024 14:09:54 GMT

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ Frame 1BA8 1 KB
1 KB 431ms
52ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1090599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqZAIoriiTHA%2BVs299NlRgvXIjuZWBJ3ejLVfopHGnmWv8m3eAEjqpPTABy2YB7MWT0JGzWoIMGMFCFze%2Fq6wLoXkDrxIz%2ByF%2Fj4Ln0APW31p8Q%2BZkzeFaxduQqU203LHmNhHk7oxZAGpxPTojFEO6Y7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c0fff9a0f9736c2-YYZ
expires: Sun, 31 Aug 2025 14:09:54 GMT

GET
H/1.1 200
OK tracker.js Show response
d2zah9y47r7bi2.cloudfront.net/releases/current/ Frame 1BA8 26 KB
9 KB 453ms
89ms Script
application/javascript 18.173.130.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.130.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-130-48.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 04 Sep 2024 12:28:12 GMT
Content-Encoding: gzip
Via: 1.1 38385695b10551583d750b943a475982.cloudfront.net (CloudFront)
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
X-Amz-Cf-Pop: JFK52-P2
Age: 524503
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-meta-content-type: application/javascript
Connection: keep-alive
Last-Modified: Thu, 13 Sep 2018 19:10:28 GMT
Server: AmazonS3
ETag: W/"160874c6a444216fd269e7e0e2370aa7"
Vary: accept-encoding
Content-Type: application/javascript
Cache-Control: s-max-age=3600, max-age=604800, public
X-Amz-Cf-Id: xqySM-dykq0XCuojKdMuT35PocB1dMqAxh95ORBgxrfvw58mGisAdA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1BA8 208 KB
75 KB 389ms
102ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118874632-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33b3fd17880c474ab4e23cebf8d043ad1b2229012592df598a43b52cc5646207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76422
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Sep 2024 14:09:54 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 1BA8 64 KB
25 KB 390ms
99ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=googleAsyncInit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f9d8d730c6d70f2a98e4db6df58e786db5b41e0786bf18a4a37eb22bdd5dc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 14:09:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24576
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "13e2b27ca87ebc71"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 14:09:54 GMT

GET
H2

200

styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/ Frame 1BA8
Redirect Chain

https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css

410 KB
58 KB

147ms
102ms

Stylesheet
text/css

54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: H2
Server: 54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-128-213.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 322c659b4cb27ea2a64d8484ed687514d52d52fcf89a9f9e4552f4bf556b9112

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: gzip
last-modified: Mon, 19 Aug 2024 12:09:00 GMT
etag: W/"420272-1724069340000"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

date: Tue, 10 Sep 2024 02:25:47 GMT
via: 1.1 81d12325eefc0deca593ce76681fa256.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: JFK52-P8
age: 42247
x-cache: Hit from cloudfront
content-type: text/html
location: https://cdn.xtime.com:443/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
content-length: 134
x-amz-cf-id: yhFIyjaV9Ik7GaONUf_TGkFuXMHWnHBReW9Cyf5sishP_YF9wMsulA==

GET
H2

200

main.83df9ee9.js Show response
cdn.xtime.com/x6/consumerportal8/static/js/ Frame 1BA8
Redirect Chain

https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/js/main.83df9ee9.js
https://cdn.xtime.com/x6/consumerportal8/static/js/main.83df9ee9.js

3 MB
658 KB

210ms
166ms

Script
application/javascript

54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xtime.com/x6/consumerportal8/static/js/main.83df9ee9.js
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: H2
Server: 54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-128-213.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7f367ee7202314bfaaca73927121cade08afb7b78f9ee59cbefc87bbf8abc55d

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: gzip
last-modified: Mon, 19 Aug 2024 12:09:00 GMT
etag: W/"2774045-1724069340000"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

date: Tue, 10 Sep 2024 14:02:21 GMT
via: 1.1 81d12325eefc0deca593ce76681fa256.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: JFK52-P8
age: 453
x-cache: Hit from cloudfront
content-type: text/html
location: https://cdn.xtime.com:443/x6/consumerportal8/static/js/main.83df9ee9.js
content-length: 134
x-amz-cf-id: TzanSOOkVraAOTm-_XLHUJOXxT9wUebfjIYee_eGYjpiVHk5IECqig==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1BA8 259 KB
87 KB 419ms
172ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NGRGFQZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3de10c93ca0ad161b57949f6ca8071bc53e925336628f06ab5d1591ca042c534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89085
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Sep 2024 14:09:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1BA8 200 KB
70 KB 484ms
248ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NR2MNCL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38e49b4ce0d47a0940a043d9ebc47377c455012b217268cb8207a004bda0c3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71506
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Sep 2024 14:09:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1BA8 3 KB
2 KB 293ms
56ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e733ee9cf013b9c52ec1069f11f9d06ba6d4993b2ff9c9ec5d12fc02f906fc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 14:09:54 GMT
content-md5: pWFFc2Tmc0xSYA4K+1bknw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5565, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: 9vtIfa0o+SzE1L7JvnbMkmrLLVUPn3A6uhEZXYS2HLVSaWnIP2Ba+2UJKXB9KJvFW0FgwilSVy5AQjMtC5LSPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: aea8770e36c001a99f2bfdd43f5a1143
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5bdb87bf68553f2917216cc051a1d0d7"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Sep 2024 14:19:50 GMT

GET
H2 200 clicktracking.html Show response
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/ Frame 8CB8 3 KB
1 KB 104ms
104ms Document
text/html 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/clicktracking.html
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-128-213.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7b6c4245ce945860950f95e7997dd4282ee67dc5f4b2d7401f0cc71d78f6538c

Request headers

Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 10 Sep 2024 14:09:54 GMT
etag: W/"3162-1724069340000"
last-modified: Mon, 19 Aug 2024 12:09:00 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 1BA8 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a96483c305583030d1f3a69e7b26dcc238e27d3b8e3d66a9a05cc8b93d753543

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BA8 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cc59a14d8f4cb1b5ce21d00a1d932280881bac1bee9748ce5f02187e4a386ae

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
x6con.xtime.com/xws/rest/dealers/xtm20210630323xx1/ Frame 1BA8 7 KB
8 KB 294ms
292ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/dealers/xtm20210630323xx1/settings?tokenId=11037120689&locale=fr_CA&countryCode=CA&languageCode=fr

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

5c072ca7ba9c602f8f9af6480eb73ec02978d00d68d62e010649bf2fec309619

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
x-coxauto-correlation-id: 95da013f-a094-4fef-8103-4a52e9a64a63
content-length: 7610
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 USAVolvoBackground2018.jpg
media.xtime.com/consumer/backgrounds/ Frame 1BA8 195 KB
196 KB 354ms
85ms Image
image/jpeg 52.85.61.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xtime.com/consumer/backgrounds/USAVolvoBackground2018.jpg
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-87.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c726148c4cb35575db567995ae8a0bd7ba86544b150f1d5130959bccfa15acb2

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 4sS4VkAqb8TTCmOAD9.hDIZKbFAR6b6L
date: Tue, 10 Sep 2024 14:09:55 GMT
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 21:11:04 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 3319
etag: "e80b3192686851ba37af7501cd07c6cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 199680
x-amz-cf-id: S8C0MTyVKEAUH1ruhL24og6yZ5Ne-zml5ZzkUY_Fx41jcpnH7YQo6A==

GET
DATA 200
OK truncated
/ Frame 1BA8 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e6a09fc80c2744f620d79894994f5a9f831a6ce708e21b54a088f1ed45b236f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BA8 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46fac385d75517cc4dd33adef46e2166230912b77972b9f2faa9f4de22d8bfe6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 1BA8 47 KB
48 KB 321ms
68ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://x6con.xtime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 13:12:06 GMT
x-content-type-options: nosniff
age: 349069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 13:12:06 GMT

GET
H2 200 icomoon.ttf
cdn.xtime.com/x6/consumerportal8/static/css/themes/default/assets/ Frame 1BA8 6 KB
6 KB 502ms
154ms Font
application/x-font-ttf 54.70.68.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xtime.com/x6/consumerportal8/static/css/themes/default/assets/icomoon.ttf
Requested by: Host: cdn.xtime.com
URL: https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.68.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-68-82.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f675b80601091b7fc5297a3a053c64619772b52035cea3516d15130a990a9b72

Request headers

Referer: https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.0e8a4300-5de9-11ef-9dae-15fb274adb15.css
Origin: https://x6con.xtime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
last-modified: Mon, 19 Aug 2024 12:09:00 GMT
etag: W/"5880-1724069340000"
access-control-allow-methods: GET
content-type: application/x-font-ttf;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 5880

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1BA8 305 KB
87 KB 255ms
58ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=398adb1895a74e872c2c6658df4f3f7a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4538394e05eaf7cbd80de9ed24a2e6bb1207443dc3563f7fd7976251ee9b0945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://x6con.xtime.com/
Origin: https://x6con.xtime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 14:09:55 GMT
content-md5: T2ALP1HTfD6pOu+eoxdNAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89221
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=23, mss=1232, tbw=5569, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: Yy38+HX1ROzYgshPsdeCxrivBBep9WrIvgMde8U+OrP7CflHtGXFerRbbbJbF0+001C0Z1ZKSnxJHzHbSAiRUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 91c63fb6ff9cb5ae855d25d3fc9ab122
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "e1494a34dbc1e86c00d4d86cf449c4ff"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Sep 2025 13:32:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1BA8 52 KB
21 KB 273ms
45ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118874632-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 13:35:59 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2036
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Sep 2024 15:35:59 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 1BA8 1 KB
993 B 365ms
83ms Script
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=fr&onload=GoogleRecaptchaLoaded&render=explicit

Requested by

Host: d1d1dxv8oifr9i.cloudfront.net
URL: https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/js/main.83df9ee9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15caa61fd4858d09cfc27aa04091e2bd290d3562e40ce72d2db22b49aa82c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Tue, 10 Sep 2024 14:09:55 GMT

GET
H2

200

VolvoLogo2010714.png
d39xv5bi5716zu.cloudfront.net/mktgassets/VOLVO/VOLVOCANADA/enCA/ Frame 1BA8
Redirect Chain

https://xmmext-prod.xtimeapps.xtime.com/oe/xmm/getBrandLogo?make=VOLVO&variant=VOLVOCANADA&locale=fr_CA&key=DEFAULT_LOGO
https://d39xv5bi5716zu.cloudfront.net/mktgassets/VOLVO/VOLVOCANADA/enCA/VolvoLogo2010714.png

23 KB
23 KB

354ms
88ms

Image
application/octet-stream

2600:9000:23cb:9a00:b:e995:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39xv5bi5716zu.cloudfront.net/mktgassets/VOLVO/VOLVOCANADA/enCA/VolvoLogo2010714.png
Requested by: Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
Protocol: H2
Server: 2600:9000:23cb:9a00:b:e995:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46e891335b3a2cd72e12fcd919c4ce17e64f02f72a1940ca7c0beee4f31fa1ed

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 10 Sep 2024 14:09:56 GMT
via: 1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
last-modified: Fri, 09 Oct 2020 23:43:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 3319
etag: "cc863463005f65a61b0aeb3067a16ed3"
x-cache: Hit from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 23526
x-amz-cf-id: -8c6T2I7oHa0BlZIy0qVEJnGEmQDr9wenGfCsqOJte5vBuPqVAyvqA==

Redirect headers

location: http://d39xv5bi5716zu.cloudfront.net/mktgassets/VOLVO/VOLVOCANADA/enCA/VolvoLogo2010714.png
date: Tue, 10 Sep 2024 14:09:55 GMT
content-length: 0

POST
H2 200 getAnonymousPromotionForDealer Show response
x6con.xtime.com/xws/rest/promotions/dealer/xtm20210630323xx1/ Frame 1BA8 31 B
264 B 108ms
107ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/promotions/dealer/xtm20210630323xx1/getAnonymousPromotionForDealer

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

8ebe6eddea943e5888ef2fb3c27e4c77afe41434f3390f5daf548d09eaac507e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
x-coxauto-correlation-id: 37fc0016-a875-4d51-abb3-053efbef51ca
content-length: 31
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1BA8 248 KB
88 KB 101ms
99ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z1VSW0S5E8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGRGFQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2bee35388885eecacf07391b830c22ed82cc382ed5252be61dd0d2a43c583e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 14:09:55 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/ Frame 1BA8 124 KB
42 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=googleAsyncInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55da2d09c925b0f62a178797ea8b2cf236421898a11ff4a06536aeb831f0caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43004
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:32:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Sep 2025 20:34:37 GMT

GET
H2 200 details Show response
x6con.xtime.com/xws/rest/dealer/xtm20210630323xx1/appointment/ Frame 1BA8 3 KB
3 KB 167ms
162ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/dealer/xtm20210630323xx1/appointment/details?confirmationKey=X06VE6GHXV&locale=fr_CA&tokenId=11037120689

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

ae5bcd6485340c045aeefe77f3572b3c17a9472be22faa3804f5146cc67c2efa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
x-coxauto-correlation-id: e0b07a98-6762-4b3e-ae0d-e6503760a2d1
content-length: 2631
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ Frame 1BA8 0
0 78ms
76ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z1VSW0S5E8&gtm=45je4940v892341079z878219380za200zb78219380&_p=1725977394373&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2065373306.1725977396&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=2&pscdl=noapi&_s=1&sid=1725977395&sct=1&seg=0&dl=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_CA&dr=https%3A%2F%2Fconsumer.xtime.com%2F&dt=Start%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&ep.application_name=CP8&ep.application_version=8.20.0&ep.application_environment=production&ep.is_production=(not%20set)&ep.dealership_id=xtm20210630323xx1&ep.dealership_name=&ep.hit_timestamp=2024-09-10T07%3A09%3A55.500-07%3A00&ep.gtm_container_id=GTM-NGRGFQZ&ep.gtm_container_version=39&ep.data_layer_version=0&ep.confirmation_key=(not%20initialized)&ep.schema=x6con.xtime.com&ep.dealer_code=XTM20210630323XX1&up.is_internal_user=(not%20set)&up.user_type=(not%20set)&tfd=2409
Requested by: Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 14:09:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://x6con.xtime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 2757 0
0 637ms
371ms Document
text/html 2607:f8b0:4004:c1f::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-AK4KiI85VzydVTSWGaldZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-AK4KiI85VzydVTSWGaldZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 14:09:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjstDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgXhJxkfVI4kVWQ4VLrM5ALMTDsWVZ43Y2gR1_NhxmVFJLyi-Mz0xJzSvJLKnUzU8sLcnQzSgpKYg3MjAyMbA0sNAzsIgvMAAAbwsp6g"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 58137086906 Show response
x6con.xtime.com/xws/rest/customer/preferences/xtm20210630323xx1/ Frame 1BA8 162 B
395 B 127ms
119ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/customer/preferences/xtm20210630323xx1/58137086906

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

d5cdeb5e96f5bccf16cf9cc08fde7b08f73c0fffba84d8f87b87af65c647f2d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:55 GMT
x-coxauto-correlation-id: 3e313083-cf13-4e9e-99fd-13d26139b983
content-length: 162
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 years Show response
x6con.xtime.com/xws/rest/vehicles/make/VOLVO/ Frame 1BA8 424 B
657 B 179ms
171ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/vehicles/make/VOLVO/years

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

649dce895a616cc7cf37f501e434bc391a27bea5baf1a8dade2ff24485510040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: 421d6802-7ae3-4b92-b09f-b739ab220011
content-length: 424
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 models Show response
x6con.xtime.com/xws/rest/vehicles/make/VOLVO/ Frame 1BA8 415 B
648 B 215ms
207ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/vehicles/make/VOLVO/models

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

c7f63c94eaac81650d3e7b2a48d12302a8aa22e61e120425754586c6b671b5fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: dbe7eb6d-dfe6-41bd-9944-fb41339ebd67
content-length: 415
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 trim Show response
x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/ Frame 1BA8 3 KB
4 KB 220ms
218ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/trim?dataStyle=1&channel=2&tokenId=11037120689&variant=VOLVOCANADA&countryCode=CA&languageCode=fr&locale=fr_CA&useSkipTrim=0&addIDK=true

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

ae8eef632d8e3c9615a3c43e96c6ed043a1b3a50ab76e3089716314553f7c70d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: ac4c19db-a533-4cc0-8501-15d84089a71d
content-length: 3411
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 1BA8 1 B
91 B 68ms
66ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 14:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://x6con.xtime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 1BA8 3 B
70 B 128ms
128ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=194570289&t=pageview&_s=1&dl=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_CA&dr=https%3A%2F%2Fconsumer.xtime.com%2Fscheduling%2F%3Fredirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26locale%3Dfr_CA&dp=%2F&ul=en-ca&de=UTF-8&dt=Start%20Page&sd=24-bit&sr=1600x1200&vp=1600x1202&je=0&_u=YADAAUABAAAAACADIC~&jid=1302782083&gjid=1395930667&cid=2065373306.1725977396&uid=&tid=UA-118874632-1&_gid=1593789687.1725977396&_r=1&_slc=1&gtm=45He4940n81NGRGFQZv78219380za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&cd1=CP8&cd2=8.20.0&cd3=production&cd4=&cd5=xtm20210630323xx1&cd6=GTM-NGRGFQZ&cd9=&cd10=(not%20set)&cd11=(overwrite)&cd12=(not%20set)&cd13=39&cd14=2024-09-10T07%3A09%3A55.526-07%3A00&cd15=1725977395526.3h8cwq0b&cd16=1&cd17=VWO&cd18=x6con.xtime.com&cd19=XTM20210630323XX1&cd20=(not%20initialized)&cd21=(not%20set)&cd22=xtm20210630323xx1&cd23=&cd24=x6con.xtime.com&cd25=XTM20210630323XX1&cd26=(not%20set)&cd27=(not%20initialized)&cd176=0&cd177=trackPageview&cd178=GTM-NGRGFQZ&cd179=39&cd180=2024-09-10T07%3A09%3A55.530-07%3A00&cd181=1725977395530.62cdb4el&cd183=UA-118874632-1&cd185=Top&cd187=%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5v7x4h9g065e1v16602x%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_ca%23%2F&cd189=(not%20set)&cd190=(not%20set)&cd191=(not%20set)&cd193=xtm20210630323xx1&cd194=&cd196=production&cd197=8.20.0&cd198=CP8&cd199=(not%20set)&cd200=4&z=519389420

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 14:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://x6con.xtime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 1BA8 35 B
132 B 118ms
118ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=194570289&t=event&ni=0&_s=1&dl=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_CA&dr=https%3A%2F%2Fconsumer.xtime.com%2Fscheduling%2F%3Fredirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26locale%3Dfr_CA&dp=%2F&ul=en-ca&de=UTF-8&dt=Start%20Page&sd=24-bit&sr=1600x1200&vp=1600x1202&je=0&ec=CP8%3A%20Start%20Page&ea=Start%20Page%3A%20View&el=Start%20Page%20Viewed&ev=0&_u=YADAAUABAAAAACADIC~&jid=&gjid=&cid=2065373306.1725977396&uid=&tid=UA-118874632-1&_gid=1593789687.1725977396&gtm=45He4940n81NGRGFQZv78219380za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&cd1=CP8&cd2=8.20.0&cd3=production&cd4=&cd5=xtm20210630323xx1&cd6=GTM-NGRGFQZ&cd9=&cd10=Start%20Page&cd11=(overwrite)&cd12=Start%20Page%20Viewed&cd13=39&cd14=2024-09-10T07%3A09%3A55.549-07%3A00&cd15=1725977395549.x8nxzehe&cd16=1&cd17=VWO&cd18=x6con.xtime.com&cd19=XTM20210630323XX1&cd20=(not%20initialized)&cd21=(not%20set)&cd22=xtm20210630323xx1&cd23=&cd24=x6con.xtime.com&cd25=XTM20210630323XX1&cd26=(not%20set)&cd27=(not%20initialized)&cd176=0&cd177=userEvent&cd178=GTM-NGRGFQZ&cd179=39&cd180=2024-09-10T07%3A09%3A55.549-07%3A00&cd181=1725977395549.germuah&cd183=UA-118874632-1&cd185=Top&cd187=%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5v7x4h9g065e1v16602x%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_ca%23%2F&cd189=(not%20set)&cd190=(not%20set)&cd191=(not%20set)&cd193=xtm20210630323xx1&cd194=&cd196=production&cd197=8.20.0&cd198=CP8&cd199=(not%20set)&cd200=4&z=796583633

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 02:58:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40286
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ Frame 1BA8 540 KB
214 KB 342ms
72ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fr&onload=GoogleRecaptchaLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8573e082ec06d5f448c20d6c958556518a437e8cd4832ce87191cedb683a8058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Origin: https://x6con.xtime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 13:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218396
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 04:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Sep 2025 13:07:50 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 1BA8 0
0 323ms
83ms Fetch
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fconsumer.xtime.com&client_id=531829967271983&input_token&origin=1&redirect_uri=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26redirect%3Dtrue%26webkey%3Dxtm20210630323xx1%3A%3A%3A%3A%3A5V7X4H9G065E1V16602X%26bx%3D479438%26bx1%3D479438%26locale%3Dfr_CA%23%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 10 Sep 2024 14:09:56 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
x-fb-server-load: 70
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7413016469921894301", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2801, tp=-1, tpl=-1, uplat=15, ullat=0
pragma: no-cache
x-fb-debug: mQsevfbB5i72mJzqiNrK7iVuz3nybAe5PvEEBfMJlXNPwouVzu71mtkl+l+e8rtzcK1GtVQTAHuzFGOVLYZJJA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7413016469921894301"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://x6con.xtime.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recommended Show response
x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/ Frame 1BA8 7 KB
8 KB 158ms
157ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/recommended?regDate=2023-01-01&engineType=I4&engineSize=2.0L+Supercharged+Turbo+Hybrid&driveType=AWD&trim=T8+Recharge+eAWD+Ultimate+Bright+Theme+AWD+SUV&vin=YV4H60CAXP1946467&mileage=8187&transmissionType=Automatic&locale=fr_CA&authId=11037120689&variant=VOLVOCANADA&units=km&isCappedPricing=false&useExactMileage=0

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

61c0944f1572400a303e3f769261802cb4d46fd9bc205d0bb7649582558090fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: 3d5ca11e-e676-4108-9c8c-810ab48a0e0d
content-length: 7594
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 recommended Show response
x6con.xtime.com/xws/rest/services/vehicle/YV4H60CAXP1946467/ Frame 1BA8 203 B
436 B 249ms
248ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/vehicle/YV4H60CAXP1946467/recommended?locale=fr_CA&make=VOLVO&variant=VOLVOCANADA&webkey=xtm20210630323xx1&day=2024%2F09%2F10

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

ffdc36724aafbd9d43e24acb64d8c9f944f9fcb591354511cc866948835b396f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: a1f77c4c-4a21-47a6-9bb1-854f0e31209e
content-length: 203
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 recommended Show response
x6con.xtime.com/xws/rest/services/vehicle/YV4H60CAXP1946467/ Frame 1BA8 203 B
435 B 216ms
215ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/vehicle/YV4H60CAXP1946467/recommended?locale=fr_CA&make=VOLVO&variant=VOLVOCANADA&webkey=xtm20210630323xx1&day=2024%2F09%2F10

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

ffdc36724aafbd9d43e24acb64d8c9f944f9fcb591354511cc866948835b396f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: 34721bc9-08e2-4a76-b3b1-4f96ca951afe
content-length: 203
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 3AFD 0
0 522ms
229ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4&co=aHR0cHM6Ly94NmNvbi54dGltZS5jb206NDQz&hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&badge=bottomright&cb=gmb0uh4x346r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wv1rfw2mn_SboECui6bFNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wv1rfw2mn_SboECui6bFNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 14:09:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1B99 0
0 512ms
231ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AbtrwsGP6-79ipjojXmmAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AbtrwsGP6-79ipjojXmmAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 14:09:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 details Show response
x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/metavehicle/ Frame 1BA8 268 B
500 B 174ms
171ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/metavehicle/details

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

f756c9780c06387df3f93ff6ee7c0c1532c9476df347006e2727432d8d99a213

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: f3559a21-eb2e-4198-8046-3ab6922db24f
content-length: 268
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 details Show response
x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/metavehicle/ Frame 1BA8 268 B
501 B 212ms
209ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/vehicles/dealer/xtm20210630323xx1/metavehicle/details

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

f756c9780c06387df3f93ff6ee7c0c1532c9476df347006e2727432d8d99a213

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:56 GMT
x-coxauto-correlation-id: 3ff1d9fa-4e55-4640-8537-717d6beedd7e
content-length: 268
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 maintenance Show response
x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/unscheduledservices/kind/ Frame 1BA8 12 KB
13 KB 255ms
253ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/unscheduledservices/kind/maintenance

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

9d3ce90572186dc58f7246fdae1d64a74fbfdd1bc2aa235368ffce02df601125

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:57 GMT
x-coxauto-correlation-id: d541a950-8bec-4304-b0db-bac697861de3
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 repair Show response
x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/unscheduledservices/kind/ Frame 1BA8 23 KB
23 KB 225ms
222ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/make/VOLVO/model/XC90/year/2023/unscheduledservices/kind/repair

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

086d8a568852c67cf427e85a6a259ad4ba8aa26588bfbf6cdbaaca524f91cde3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Sep 2024 14:09:57 GMT
x-coxauto-correlation-id: a2118561-8d9f-4cc8-855b-822ff0afe438
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST
H2 200 declined Show response
x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/consumer/ Frame 1BA8 93 B
324 B 197ms
195ms XHR
application/json 54.71.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x6con.xtime.com/xws/rest/services/dealer/xtm20210630323xx1/consumer/declined

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.128.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-128-213.us-west-2.compute.amazonaws.com

Software

Resource Hash

05d32ed2e6f00313eef7f9b0e6b31da25bf4f6527a4fb6d9ff225de863ded199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&redirect=true&webkey=xtm20210630323xx1:::::5V7X4H9G065E1V16602X&bx=479438&bx1=479438&locale=fr_CA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 10 Sep 2024 14:09:57 GMT
x-coxauto-correlation-id: 3e330624-b5c3-4970-b62e-c3d764d8286d
content-length: 93
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

POST apptOptions
x6con.xtime.com/xws/rest/dealers/xtm20210630323xx1/ Frame 1BA8 0
0

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ Frame 1BA8 43 B
273 B 329ms
107ms Image
image/gif 148.113.163.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=69ff2d61429a4c5da881a2026decd7d7&correlationId=b06a3247-af7f-40cc-9dc8-f60f5f688a36&application=consumerportal8&x=ac2b5c57-b676-47b2-9b90-bcbd29d712d1&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.113.163.217 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://x6con.xtime.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 10 Sep 2024 14:09:57 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43
Content-Type: image/gif

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 5B68 0
0 90ms
88ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0HaWrHrCN63Sg9M291PLUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0HaWrHrCN63Sg9M291PLUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 14:09:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 811D 0
0 186ms
91ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LdjljodAAAAAK5lxlrZFDtAHbiIj9jmrlgBQ7r4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Iro6DVIgbyaT8vTB4RCsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x6con.xtime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6Iro6DVIgbyaT8vTB4RCsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 14:09:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x6con.xtime.com
URL: https://x6con.xtime.com/xws/rest/dealers/xtm20210630323xx1/apptOptions

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345	1970-01-20 23:26:20	Name: run_full_story Value: 0
x6con.xtime.com/consumer	1969-12-31 23:59:59	Name: XID Value: B8F8927FFDE3A0200718B33719302DE1
.xtime.com/	1970-01-21 09:02:17	Name: _ga_Z1VSW0S5E8 Value: GS1.1.1725977395.1.0.1725977395.0.0.0
.x6con.xtime.com/	1970-01-21 09:02:17	Name: G_ENABLED_IDPS Value: google
.xtime.com/	1970-01-21 09:02:17	Name: _ga Value: GA1.2.2065373306.1725977396
.xtime.com/	1970-01-20 23:27:43	Name: _gid Value: GA1.2.1593789687.1725977396
.xtime.com/	1970-01-20 23:27:43	Name: _gat_gtag_UA_118874632_1 Value: 1
.xtime.com/	1970-01-20 23:26:17	Name: _gat_UA-118874632-1 Value: 1
.x6con.xtime.com/	1970-01-21 09:02:17	Name: _ga Value: GA1.3.2065373306.1725977396
.x6con.xtime.com/	1970-01-20 23:27:43	Name: _gid Value: GA1.3.1593789687.1725977396

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cdn.xtime.com
cdnjs.cloudflare.com
connect.facebook.net
consumer.xtime.com
d1d1dxv8oifr9i.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
d39xv5bi5716zu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
media.xtime.com
sgelink.xtime.com
usage.trackjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x6con.xtime.com
xmmext-prod.xtimeapps.xtime.com
x6con.xtime.com
148.113.163.217
18.173.130.48
2001:4860:4802:34::178
2600:9000:23cb:9a00:b:e995:2a80:93a1
2600:9000:2512:4e00:14:2c4a:59c0:93a1
2600:9000:28b2:fa00:c:2fca:7180:93a1
2606:4700::6811:190e
2607:f8b0:4004:c1f::54
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
34.218.200.181
52.85.61.87
54.70.68.82
54.71.128.213
05d32ed2e6f00313eef7f9b0e6b31da25bf4f6527a4fb6d9ff225de863ded199
086d8a568852c67cf427e85a6a259ad4ba8aa26588bfbf6cdbaaca524f91cde3
0e6a09fc80c2744f620d79894994f5a9f831a6ce708e21b54a088f1ed45b236f
15caa61fd4858d09cfc27aa04091e2bd290d3562e40ce72d2db22b49aa82c626
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
322c659b4cb27ea2a64d8484ed687514d52d52fcf89a9f9e4552f4bf556b9112
33b3fd17880c474ab4e23cebf8d043ad1b2229012592df598a43b52cc5646207
38e49b4ce0d47a0940a043d9ebc47377c455012b217268cb8207a004bda0c3fe
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3de10c93ca0ad161b57949f6ca8071bc53e925336628f06ab5d1591ca042c534
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
4538394e05eaf7cbd80de9ed24a2e6bb1207443dc3563f7fd7976251ee9b0945
46e891335b3a2cd72e12fcd919c4ce17e64f02f72a1940ca7c0beee4f31fa1ed
46fac385d75517cc4dd33adef46e2166230912b77972b9f2faa9f4de22d8bfe6
4cc59a14d8f4cb1b5ce21d00a1d932280881bac1bee9748ce5f02187e4a386ae
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
50e585a11a8cb4eedbece1c294a552e4a9aef180035925754bca95d96e495380
5c072ca7ba9c602f8f9af6480eb73ec02978d00d68d62e010649bf2fec309619
61c0944f1572400a303e3f769261802cb4d46fd9bc205d0bb7649582558090fa
649dce895a616cc7cf37f501e434bc391a27bea5baf1a8dade2ff24485510040
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b6c4245ce945860950f95e7997dd4282ee67dc5f4b2d7401f0cc71d78f6538c
7f367ee7202314bfaaca73927121cade08afb7b78f9ee59cbefc87bbf8abc55d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8573e082ec06d5f448c20d6c958556518a437e8cd4832ce87191cedb683a8058
887f9d8d730c6d70f2a98e4db6df58e786db5b41e0786bf18a4a37eb22bdd5dc
8ebe6eddea943e5888ef2fb3c27e4c77afe41434f3390f5daf548d09eaac507e
95428010fb6ab75b33de88eb4b6c256abe5a7028429c7df837b4c88817eec52f
9d3ce90572186dc58f7246fdae1d64a74fbfdd1bc2aa235368ffce02df601125
a96483c305583030d1f3a69e7b26dcc238e27d3b8e3d66a9a05cc8b93d753543
ae5bcd6485340c045aeefe77f3572b3c17a9472be22faa3804f5146cc67c2efa
ae8eef632d8e3c9615a3c43e96c6ed043a1b3a50ab76e3089716314553f7c70d
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
c726148c4cb35575db567995ae8a0bd7ba86544b150f1d5130959bccfa15acb2
c7f63c94eaac81650d3e7b2a48d12302a8aa22e61e120425754586c6b671b5fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bee35388885eecacf07391b830c22ed82cc382ed5252be61dd0d2a43c583e8
d55da2d09c925b0f62a178797ea8b2cf236421898a11ff4a06536aeb831f0caa
d5cdeb5e96f5bccf16cf9cc08fde7b08f73c0fffba84d8f87b87af65c647f2d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e733ee9cf013b9c52ec1069f11f9d06ba6d4993b2ff9c9ec5d12fc02f906fc40
f675b80601091b7fc5297a3a053c64619772b52035cea3516d15130a990a9b72
f756c9780c06387df3f93ff6ee7c0c1532c9476df347006e2727432d8d99a213
ffdc36724aafbd9d43e24acb64d8c9f944f9fcb591354511cc866948835b396f

consumer.xtime.com Open in urlscan Pro 54.71.128.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

70 %IPv6

11 Domains

21 Subdomains

18 IPs

1 Countries

1799 kBTransfer

5604 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

consumer.xtime.com Open in urlscan Pro
54.71.128.213 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

21
Subdomains

18
IPs

1
Countries

1799 kB
Transfer

5604 kB
Size

10
Cookies

50 HTTP transactions
4 data transactions