urlscan.io logo urlscan.io
SecurityTrails logo

bearrugby16.xtgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
URL: http://bearrugby16.xtgem.com/
Submission: On December 12 via manual from AE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is bearrugby16.xtgem.com.
This is the only time bearrugby16.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
bearrugby16.xtgem.com
5    141.94.172.213 (France)

ASN16276 (OVH, FR)
5.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    2600:9000:223e:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:223e:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
3 xtstatic.com
5.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
4 KB
3 xtgem.com
bearrugby16.xtgem.com
xtgem.com — Cisco Umbrella Rank: 264109
8 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
1 KB
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 15782
pixel.quantserve.com — Cisco Umbrella Rank: 655
10 KB
9 4
Domain Requested by
2 rules.quantcount.com 1 redirects bearrugby16.xtgem.com
2 xtgem.com bearrugby16.xtgem.com
1 pixel.quantserve.com bearrugby16.xtgem.com
1 cif.images.xtstatic.com bearrugby16.xtgem.com
1 enif.images.xtstatic.com bearrugby16.xtgem.com
1 edge.quantserve.com bearrugby16.xtgem.com
1 5.thumbs.xtstatic.com bearrugby16.xtgem.com
1 bearrugby16.xtgem.com
9 8

This site contains links to these domains. Also see Links.

Domain
xtgem.com
Subject Issuer Validity Valid
*.xtgem.com
R3		 2022-10-22 -
2023-01-20		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh

This page contains 4 frames:

Primary Page: http://bearrugby16.xtgem.com/
Frame ID: 1DF01D2CD8E9AF1C5E01242E0E5FABCA
Requests: 6 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: C937FF42C7039BDE4214020F99BBAAAD
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 3F9E16E25D725139A497EE58EE3E15A7
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9iZWFycnVnYnkxNi54dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiYmVhcnJ1Z2J5MTYueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: BEAE4AD0ED2901BFA7075F7C1DE91D36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XtGem.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

9
Requests

22 %
HTTPS

67 %
IPv6

4
Domains

8
Subdomains

5
IPs

2
Countries

23 kB
Transfer

57 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bearrugby16.xtgem.com/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
31023b55a1f8105eebc7e07dc9b5893c149f38a13684a3a7a16d8961b93609a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
3656
Content-Type
text/html;charset=UTF-8
Date
Mon, 12 Dec 2022 07:18:46 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
80s-toys-atari.-i-still-have-o-58584.jpg
5.thumbs.xtstatic.com/100/50/-/577f02a7fbb9404e6b520b2df60b1a7b/backtooldschool.xtgem.com/images/blog/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://5.thumbs.xtstatic.com/100/50/-/577f02a7fbb9404e6b520b2df60b1a7b/backtooldschool.xtgem.com/images/blog/80s-toys-atari.-i-still-have-o-58584.jpg
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79d8f3ea7bf73a89664e29b27922ed03596569d3cad73b91c016829fbbbf7066

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://bearrugby16.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 07:18:46 GMT
X-Ngz
1
Last-Modified
Fri, 28 Oct 2022 05:44:03 GMT
ETag
"b4c-0"
Sent-XS
0.000
Content-Type
image/jpeg
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Content-Length
2892
Expires
Wed, 14 Dec 2022 07:18:46 GMT
quant.js
edge.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://bearrugby16.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 07:18:46 GMT
Content-Encoding
gzip
Etag
"KvGSi9leJgKNKEGESzHjYw=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Mon, 19 Dec 2022 07:18:46 GMT
tp.gif
enif.images.xtstatic.com/ Frame C937 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://bearrugby16.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Mon, 12 Dec 2022 07:18:46 GMT
ETag
"2a-59774aa04e000"
Expires
Wed, 11 Jan 2023 07:18:46 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
tp.gif
cif.images.xtstatic.com/ Frame 3F9E 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://bearrugby16.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Mon, 12 Dec 2022 07:18:46 GMT
ETag
"2a-59774aa04e000"
Expires
Wed, 11 Jan 2023 07:18:46 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
__xt_authbar
xtgem.com/ Frame BEAE 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9iZWFycnVnYnkxNi54dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiYmVhcnJ1Z2J5MTYueHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
28a124a48361e258ba5929b15d034d18fdf18ecfc96710c3f4851c7e1660579d

Request headers

Referer
http://bearrugby16.xtgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
2793
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 07:18:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Vary
Accept-Encoding
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://bearrugby16.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 07:18:46 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Wed, 11 Jan 2023 07:18:46 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
H2
Server
2600:9000:223e:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://bearrugby16.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 06:52:17 GMT
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
3040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:42:04 GMT
server
AmazonS3
etag
"2440f0fe7f89d580c051f453f7cc5d22"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6CZPoO686xBfVUSwXBcLVRZ5ROQg5ksZoFFIfptECSODmol-b05xsg==

Redirect headers

Date
Mon, 12 Dec 2022 07:18:46 GMT
Via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P4
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
IJEm4E7Unx6ChfT8X7Dn2G_deQQSGOxsbdwozNchxulqCmwpEqsV-Q==
pixel;r=440509819;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fbearrugby16.xtgem.com%2F;uht=2;fpan=1;fpa=P0-649106974-1670829526932;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=xtge...
pixel.quantserve.com/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=440509819;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fbearrugby16.xtgem.com%2F;uht=2;fpan=1;fpa=P0-649106974-1670829526932;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=xtgem.com;dst=0;et=1670829527067;tzo=0;ogl=;ses=18509872-3937-4e38-9689-cd6b9bb4c850
Requested by
Host: bearrugby16.xtgem.com
URL: http://bearrugby16.xtgem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://bearrugby16.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 07:18:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions

5 Cookies

Domain/Path Name / Value
.xtgem.com/ Name: _xta_uid
Value: 8e4dd1425a38e98656b87df74b20d228
.xtgem.com/ Name: _xta_vid
Value: e711a05ae0857ee6112a4fd5bf60d1e2-1670829526
bearrugby16.xtgem.com/ Name:
Value: test
.quantserve.com/ Name: mc
Value: 6396d5d7-22f1b-89c7e-cdfb9
.xtgem.com/ Name: __qca
Value: P0-649106974-1670829526932