urlscan.io logo urlscan.io
SecurityTrails logo

consumer.xtime.com Open in urlscan Pro
34.208.186.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pBUcGLO8K_AqDaKtxd0eu-5Xv0DOtgHQsZP2ANqrGYvHK...
Effective URL: https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
Submission: On April 19 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 34.208.186.205, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is consumer.xtime.com. The Cisco Umbrella rank of the primary domain is 137100.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 28th 2023. Valid for: a year.
This is the only time consumer.xtime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2646:e00:14:2c4a:59c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sgelink.xtime.com
5    34.208.186.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-186-205.us-west-2.compute.amazonaws.com
consumer.xtime.com
x6con.xtime.com
cdn.xtime.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    18.172.111.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-111-220.fra60.r.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2600:9000:275b:d600:c:2fca:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1d1dxv8oifr9i.cloudfront.net
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az693067.vo.msecnd.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sd-tagging.azurefd.net
Apex Domain
Subdomains		 Transfer
6 xtime.com
sgelink.xtime.com — Cisco Umbrella Rank: 218173
consumer.xtime.com — Cisco Umbrella Rank: 137100
x6con.xtime.com — Cisco Umbrella Rank: 249075
cdn.xtime.com — Cisco Umbrella Rank: 141424
83 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
303 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
3 cloudfront.net
d2zah9y47r7bi2.cloudfront.net
d1d1dxv8oifr9i.cloudfront.net
10 KB
2 azurefd.net
sd-tagging.azurefd.net — Cisco Umbrella Rank: 17262
284 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
89 KB
1 msecnd.net
az693067.vo.msecnd.net — Cisco Umbrella Rank: 157663
27 KB
1 google.com
apis.google.com — Cisco Umbrella Rank: 127
21 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
1020 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
21 10
Domain Requested by
4 www.googletagmanager.com x6con.xtime.com
www.googletagmanager.com
2 sd-tagging.azurefd.net d2zah9y47r7bi2.cloudfront.net
az693067.vo.msecnd.net
2 www.google-analytics.com www.googletagmanager.com
d2zah9y47r7bi2.cloudfront.net
2 connect.facebook.net x6con.xtime.com
connect.facebook.net
2 cdn.xtime.com x6con.xtime.com
2 d1d1dxv8oifr9i.cloudfront.net 2 redirects
2 x6con.xtime.com consumer.xtime.com
x6con.xtime.com
1 region1.google-analytics.com www.googletagmanager.com
1 az693067.vo.msecnd.net consumer.xtime.com
1 apis.google.com x6con.xtime.com
1 d2zah9y47r7bi2.cloudfront.net x6con.xtime.com
1 cdnjs.cloudflare.com x6con.xtime.com
1 fonts.googleapis.com x6con.xtime.com
1 consumer.xtime.com
1 sgelink.xtime.com 1 redirects
21 15

This site contains no links.

Subject Issuer Validity Valid
*.xtime.com
Go Daddy Secure Certificate Authority - G2		 2023-09-28 -
2024-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
*.azurefd.net
Microsoft Azure TLS Issuing CA 06		 2024-04-14 -
2024-06-27		 2 months crt.sh

This page contains 3 frames:

Primary Page: https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
Frame ID: A1BFB062941F58F2A23E62EC1D43889B
Requests: 1 HTTP requests in this frame

Frame: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Frame ID: 6A73383EF6BD5A0EC35631D5F3C875E8
Requests: 19 HTTP requests in this frame

Frame: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/clicktracking.html
Frame ID: 97287559C981EB41ABB7FB59C3941B0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xtime App

Page URL History Show full URLs

  1. https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pBUcGLO8K_AqDaKtxd0eu-5Xv... HTTP 302
    https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

21
Requests

90 %
HTTPS

71 %
IPv6

10
Domains

15
Subdomains

12
IPs

3
Countries

556 kB
Transfer

2688 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pBUcGLO8K_AqDaKtxd0eu-5Xv0DOtgHQsZP2ANqrGYvHKIbVp6C9R4Byj1JyUc5L0bZxPhn0qfaXKTc-7fxXB1y/45m/e0THOOOZRfC55RoOvJmWrg/h6/h001.aMmkTWMpehn1L7BQctN_P0xR16eC_9n0_YYoQhCcvjM HTTP 302
    https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css HTTP 301
  • https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
Request Chain 7
  • https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/js/main.e0c311f6.js HTTP 301
  • https://cdn.xtime.com/x6/consumerportal8/static/js/main.e0c311f6.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
consumer.xtime.com/scheduling/
Redirect Chain
  • https://sgelink.xtime.com/ss/c/u001.SgrdC-tG7lObBQLf98v3g8aWKFr4t4BZn94kPlD91pBUcGLO8K_AqDaKtxd0eu-5Xv0DOtgHQsZP2ANqrGYvHKIbVp6C9R4Byj1JyUc5L0bZxPhn0qfaXKTc-7fxXB1y/45m/e0THOOOZRfC55RoOvJmWrg/h6/h0...
  • https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
977 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.186.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-186-205.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ed656159b43a4fdfee6f6e05cc7b144476fddfc204823fdf26341dea68c81fba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
http://consumer.xtime.com
content-length
977
date
Fri, 19 Apr 2024 03:26:10 GMT

Redirect headers

age
20946
content-length
108
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 21:37:04 GMT
location
https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
server
nginx
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-amz-cf-id
UMLRLmSzj8pdXLPIc2WouAdU9rNEeHslgNJOykEOLFciQpndNSZmaQ==
x-amz-cf-pop
FRA60-P5
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
/
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/ Frame 6A73 		88 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.186.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-186-205.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
101d04e4d21c35b2e96393f1f4e53f8b2f058f0012f3c13e80f9d2719ffd819f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://consumer.xtime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 19 Apr 2024 03:26:11 GMT
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 6A73 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Apr 2024 03:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 03:09:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Apr 2024 03:26:12 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ Frame 6A73 		1 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
266708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zjQnFj91br%2FJwih75UNTVLx3KSNfybp73DlHNawpr%2BdRqMgjSUS1S322GCEnv2V1aifTrVWJAuDbeUmNSD4CTUnnPpu%2B8Q%2BHBjGuongXXMkPLQbx%2FuChzyl1dojWupNUO1S466qx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8769caaced3f8c49-FRA
expires
Wed, 09 Apr 2025 03:26:11 GMT
tracker.js
d2zah9y47r7bi2.cloudfront.net/releases/current/ Frame 6A73 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.111.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-111-220.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
Content-Encoding
gzip
Via
1.1 d25e4a27039adc5d5e5994e9610df300.cloudfront.net (CloudFront)
Date
Sat, 13 Apr 2024 04:06:13 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
516000
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-meta-content-type
application/javascript
Connection
keep-alive
Last-Modified
Thu, 13 Sep 2018 19:10:28 GMT
Server
AmazonS3
ETag
W/"160874c6a444216fd269e7e0e2370aa7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
s-max-age=3600, max-age=604800, public
X-Amz-Cf-Id
67MxVYj3-IWnv9nIZ3CO6Db635FBpBnPufktrBxdsdxSc0AgxcTarQ==
js
www.googletagmanager.com/gtag/ Frame 6A73 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-118874632-1
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
106b5de36272a46b4d3040ed0d041719b8ccee809b93607639dac3171f208a7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72128
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Apr 2024 03:26:13 GMT
platform.js
apis.google.com/js/ Frame 6A73 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=googleAsyncInit
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed30115648b34318c1ecb58b1bd9792840e7e4b72355e2263770e25daf7ff80
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Apr 2024 03:26:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21307
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d392d3dd8dfae3c8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 03:26:13 GMT
styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/ Frame 6A73
Redirect Chain
  • https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
  • https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
410 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.xtime.com/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Server
34.208.186.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-186-205.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e23ff908efa57e165ce59bca4cac54a0ef42ac3eb038be14cc60b00f0078ba18

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://x6con.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Apr 2024 03:26:12 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2024 18:33:34 GMT
etag
W/"419973-1712774014000"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

date
Thu, 18 Apr 2024 10:08:32 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA60-P7
age
62260
x-cache
Hit from cloudfront
content-type
text/html
location
https://cdn.xtime.com:443/x6/consumerportal8/static/css/themes/volvousa/styles.min.cd381c10-f768-11ee-869b-95e1b19d3760.css
content-length
134
x-amz-cf-id
Xx83vC2QJcgMpmItVZjnHExMn-ROc7OVH_4PKNlUeOBrSLWx30tKxw==
main.e0c311f6.js
cdn.xtime.com/x6/consumerportal8/static/js/ Frame 6A73
Redirect Chain
  • https://d1d1dxv8oifr9i.cloudfront.net/x6/consumerportal8/static/js/main.e0c311f6.js
  • https://cdn.xtime.com/x6/consumerportal8/static/js/main.e0c311f6.js
768 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xtime.com/x6/consumerportal8/static/js/main.e0c311f6.js
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Server
34.208.186.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-186-205.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://x6con.xtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Apr 2024 03:26:12 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2024 18:33:34 GMT
etag
W/"2771171-1712774014000"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

date
Thu, 18 Apr 2024 06:06:18 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA60-P7
age
76794
x-cache
Hit from cloudfront
content-type
text/html
location
https://cdn.xtime.com:443/x6/consumerportal8/static/js/main.e0c311f6.js
content-length
134
x-amz-cf-id
3Lq0XpYlh3M-gY7NT-VLn9xb2digQBJOKgS7aUKGuPERKyqG-HlQQw==
gtm.js
www.googletagmanager.com/ Frame 6A73 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGRGFQZ
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
212075df985d541e93046f612d0d485221d00f31554c427deae3850b7b403d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84746
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Apr 2024 03:26:13 GMT
gtm.js
www.googletagmanager.com/ Frame 6A73 		186 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NR2MNCL
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd1d80d14deb196bb157a61e2b32909e1a2a289cd5abece94ee25f32908c4ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67323
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Apr 2024 03:26:13 GMT
sdk.js
connect.facebook.net/en_US/ Frame 6A73 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a1606d6328a78e0e542f1a6954ff41093878b102e3f53f450e5fbb49aa060b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Apr 2024 03:26:13 GMT
content-md5
wijxC1aFk6Foo7YiT3ALvg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=12, mss=1294, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
RYjkCbfX7c1baXvNPqKggkIgX2vJ2JqG7fvqqLH8Rp72mMoNwChpn9I6YWCUYjAGEdw+6PkHbTDStBMm6j4Wug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7d076252c2a492c50929875634ca91a3
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"d17fd50c52be49fac78d7442940e965e"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 19 Apr 2024 03:39:11 GMT
clicktracking.html
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/ Frame 9728 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/clicktracking.html
Requested by
Host: x6con.xtime.com
URL: https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.186.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-186-205.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7b6c4245ce945860950f95e7997dd4282ee67dc5f4b2d7401f0cc71d78f6538c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345/?&webkey=vw20120702001035402503&bx=475971&bx1=475971&locale=en_US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 19 Apr 2024 03:26:13 GMT
etag
W/"3162-1712774014000"
last-modified
Wed, 10 Apr 2024 18:33:34 GMT
vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/ Frame 6A73 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c44ecd9b24422662ed44d04ca83bc0a4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
53e28fe2984dba47e78842766fb5e00aa92a825a8b9bd001647e70bb0b421593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Origin
https://x6con.xtime.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Apr 2024 03:26:13 GMT
content-md5
tWbEqBgE+k4UVc9m6tLESQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87562
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=38, mss=1232, tbw=4290, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
4AdfYpwehb7YgNhQMLP2noIFTFBcxbiiqKhVBGintIjCUsMZWaKSGm6TKTEdJrvsy+WxOzOcwY+YwXIHMaemJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
248fda463b7690a4bff635f7ce50c6fc
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6245d0a7aa8d61ee436aea5303ada299"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 18 Apr 2025 21:07:41 GMT
analytics.js
www.google-analytics.com/ Frame 6A73 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118874632-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Apr 2024 01:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5886
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 19 Apr 2024 03:48:08 GMT
sd.js
az693067.vo.msecnd.net/cdn/ Frame 6A73 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az693067.vo.msecnd.net/cdn/sd.js
Requested by
Host: consumer.xtime.com
URL: https://consumer.xtime.com/scheduling/?webkey=vw20120702001035402503&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC4) /
Resource Hash
382214dcc624bdf56ccd29b38a1087018227c70f39de28a65098ae513d8f1ff1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:14 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 18 Apr 2024 20:46:29 GMT
server
ECAcc (frc/4CC4)
age
2004
etag
0x8DC5FE79F57D9D8
vary
Accept-Encoding
x-azure-ref
20240419T025250Z-1686fdff856qgcq6503872u5v400000000eg000000000xzn
content-type
text/javascript
x-cache
HIT
cache-control
max-age=3600
content-length
27271
js
www.googletagmanager.com/gtag/ Frame 6A73 		231 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z1VSW0S5E8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGRGFQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0284cc2aa620562d3306a7b72836d575754f0d125df6a10badadd04e89d2a9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85199
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Apr 2024 03:26:14 GMT
collect
region1.google-analytics.com/g/ Frame 6A73 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z1VSW0S5E8&gtm=45je44h0v892341079z878219380za200&_p=1713497172072&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=54607476.1713497174&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713497174&sct=1&seg=0&dl=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26webkey%3Dvw20120702001035402503%26bx%3D475971%26bx1%3D475971%26locale%3Den_US&dr=https%3A%2F%2Fconsumer.xtime.com%2F&dt=Consumer%208&en=page_view&_fv=1&_nsi=1&_ss=1&ep.application_name=CP8&ep.application_version=8.16.0&ep.application_environment=production&ep.is_production=(not%20set)&ep.dealership_id=vw20120702001035402503&ep.dealership_name=&ep.hit_timestamp=2024-04-19T05%3A26%3A14.86%2B02%3A00&ep.gtm_container_id=GTM-NGRGFQZ&ep.gtm_container_version=34&ep.data_layer_version=0&up.is_internal_user=(not%20set)&up.user_type=(not%20set)&tfd=3139
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z1VSW0S5E8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 19 Apr 2024 03:26:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://x6con.xtime.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 6A73 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=630289024&t=pageview&_s=1&dl=https%3A%2F%2Fx6con.xtime.com%2Ftemporary-unsupported-url-for-consumerportal8-b2018.345%2F%3F%26webkey%3Dvw20120702001035402503%26bx%3D475971%26bx1%3D475971%26locale%3Den_US&dr=https%3A%2F%2Fconsumer.xtime.com%2F&ul=de-de&de=UTF-8&dt=Consumer%208&sd=24-bit&sr=1600x1200&vp=1600x1202&je=0&_u=YADAAUABAAAAACAAIC~&jid=1489313335&gjid=1685561393&cid=54607476.1713497174&tid=UA-118874632-1&_gid=1816171974.1713497174&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2068059480
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Apr 2024 03:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://x6con.xtime.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rmeta
sd-tagging.azurefd.net/endpoint/VW/ Frame 6A73 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sd-tagging.azurefd.net/endpoint/VW/rmeta?providerId=XTIME%20SERVICE%20SCHEDULER&retailerId=402503&scenario=T3
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20240419T032614Z-17b6b6476d5gdbbkmhg3dk479w00000001x00000000094bs
x-cache
CONFIG_NOCACHE
content-type
application/json
access-control-allow-origin
https://x6con.xtime.com
access-control-allow-credentials
true
access-control-allow-headers
*
sda.js
sd-tagging.azurefd.net/scripts/sdanalytics/ Frame 6A73 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sd-tagging.azurefd.net/scripts/sdanalytics/sda.js?clientId=VW&instanceName=sda&scenario=T3
Requested by
Host: az693067.vo.msecnd.net
URL: https://az693067.vo.msecnd.net/cdn/sd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://x6con.xtime.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 03:26:15 GMT
cache-control
max-age=3600
strict-transport-security
max-age=15724800; includeSubDomains
etag
0x8DC5FE79BF7A9AB
x-azure-ref
20240419T032614Z-17b6b6476d5czb6ffdwhc2x6hw00000001y0000000007s0d
x-cache
CONFIG_NOCACHE
content-type
text/javascript

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

5 Cookies

Domain/Path Name / Value
x6con.xtime.com/temporary-unsupported-url-for-consumerportal8-b2018.345 Name: run_full_story
Value: 0
.xtime.com/ Name: _ga_Z1VSW0S5E8
Value: GS1.1.1713497174.1.0.1713497174.0.0.0
.xtime.com/ Name: _ga
Value: GA1.2.54607476.1713497174
.xtime.com/ Name: _gid
Value: GA1.2.1816171974.1713497174
.xtime.com/ Name: _gat_gtag_UA_118874632_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
az693067.vo.msecnd.net
cdn.xtime.com
cdnjs.cloudflare.com
connect.facebook.net
consumer.xtime.com
d1d1dxv8oifr9i.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
fonts.googleapis.com
region1.google-analytics.com
sd-tagging.azurefd.net
sgelink.xtime.com
www.google-analytics.com
www.googletagmanager.com
x6con.xtime.com
104.17.24.14
157.240.252.13
18.172.111.220
2001:4860:4802:32::178
2001:4860:4802:32::36
2600:9000:2646:e00:14:2c4a:59c0:93a1
2600:9000:275b:d600:c:2fca:7180:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:46::45
2a00:1450:4001:801::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a03:2880:f084:d:face:b00c:0:3
34.208.186.205
101d04e4d21c35b2e96393f1f4e53f8b2f058f0012f3c13e80f9d2719ffd819f
106b5de36272a46b4d3040ed0d041719b8ccee809b93607639dac3171f208a7c
212075df985d541e93046f612d0d485221d00f31554c427deae3850b7b403d7a
382214dcc624bdf56ccd29b38a1087018227c70f39de28a65098ae513d8f1ff1
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
53e28fe2984dba47e78842766fb5e00aa92a825a8b9bd001647e70bb0b421593
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b6c4245ce945860950f95e7997dd4282ee67dc5f4b2d7401f0cc71d78f6538c
8a1606d6328a78e0e542f1a6954ff41093878b102e3f53f450e5fbb49aa060b3
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
bed30115648b34318c1ecb58b1bd9792840e7e4b72355e2263770e25daf7ff80
c0284cc2aa620562d3306a7b72836d575754f0d125df6a10badadd04e89d2a9f
cd1d80d14deb196bb157a61e2b32909e1a2a289cd5abece94ee25f32908c4ddb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23ff908efa57e165ce59bca4cac54a0ef42ac3eb038be14cc60b00f0078ba18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed656159b43a4fdfee6f6e05cc7b144476fddfc204823fdf26341dea68c81fba