proshow067.xtgem.com
Open in
urlscan Pro
54.36.158.42
Public Scan
Effective URL: http://proshow067.xtgem.com/?fbclid=IwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY
Submission: On May 11 via manual from SE
Summary
This is the only time proshow067.xtgem.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a03:2880:f11... 2a03:2880:f11c:8184:face:b00c:0:14c9 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 54.36.158.42 54.36.158.42 | 16276 (OVH) (OVH) | |
1 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
5 | 178.33.123.218 178.33.123.218 | 16276 (OVH) (OVH) | |
1 2 | 91.228.74.183 91.228.74.183 | 27281 (QUANTCAST) (QUANTCAST) | |
1 2 | 2600:9000:215... 2600:9000:2156:a00:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 91.228.74.197 91.228.74.197 | 27281 (QUANTCAST) (QUANTCAST) | |
11 | 7 |
ASN16276 (OVH, FR)
PTR: d2.xtgem.com
3.thumbs.xtstatic.com | |
enif.images.xtstatic.com | |
cif.images.xtstatic.com | |
xtgem.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
quantserve.com
2 redirects
edge.quantserve.com pixel.quantserve.com |
10 KB |
3 |
xtstatic.com
3.thumbs.xtstatic.com enif.images.xtstatic.com cif.images.xtstatic.com |
1 KB |
3 |
xtgem.com
proshow067.xtgem.com xtgem.com |
6 KB |
2 |
quantcount.com
1 redirects
rules.quantcount.com |
784 B |
1 |
imgur.com
i.imgur.com |
360 KB |
1 |
facebook.com
l.facebook.com |
1 KB |
11 | 6 |
Domain | Requested by | |
---|---|---|
2 | pixel.quantserve.com |
1 redirects
proshow067.xtgem.com
|
2 | rules.quantcount.com |
1 redirects
proshow067.xtgem.com
|
2 | xtgem.com |
proshow067.xtgem.com
|
2 | edge.quantserve.com |
1 redirects
proshow067.xtgem.com
|
1 | cif.images.xtstatic.com |
proshow067.xtgem.com
|
1 | enif.images.xtstatic.com |
proshow067.xtgem.com
|
1 | 3.thumbs.xtstatic.com |
proshow067.xtgem.com
|
1 | i.imgur.com |
proshow067.xtgem.com
|
1 | proshow067.xtgem.com |
l.facebook.com
|
1 | l.facebook.com | |
11 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
covideoodayne.blogspot.com |
xtgem.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
*.xtgem.com Let's Encrypt Authority X3 |
2020-05-03 - 2020-08-01 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://proshow067.xtgem.com/?fbclid=IwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY
Frame ID: 44FF0CD318898BC8572166693C1FEB32
Requests: 8 HTTP requests in this frame
Frame:
http://enif.images.xtstatic.com/tp.gif
Frame ID: F68F760D50EFF5DFF1ADF034E32A5D05
Requests: 1 HTTP requests in this frame
Frame:
http://cif.images.xtstatic.com/tp.gif
Frame ID: C25E6A19E2EA541F59F00A386CE6532D
Requests: 1 HTTP requests in this frame
Frame:
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9wcm9zaG93MDY3Lnh0Z2VtLmNvbVwvaW5kZXg/ZmJjbGlkPUl3QVIzRjAtSmo5WjE2clFZdWpOMEU5bjNmeVlxbHBkMXI4My1SOEhVS0U2MTJCRkZPUXBSSW5iMUQ3UlkiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJwcm9zaG93MDY3Lnh0Z2VtLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: BD28754FD83B1BD6B13C30169C149FEB
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://l.facebook.com/l.php?u=http%3A%2F%2Fproshow067.xtgem.com%2F%3Ffbclid%3DIwAR3F0-Jj9Z16rQYujN... Page URL
- http://proshow067.xtgem.com/?fbclid=IwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Quantcast (Analytics) Expand
Detected patterns
- script /\.quantserve\.com\/quant\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: LINK VIDEO FULL HD CHO NGƯỜI TỐI CỔ ĐÂY NHÉ;!
Search URL Search Domain Scan URL
Title: Lamborghini Huracán LP 61»
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://l.facebook.com/l.php?u=http%3A%2F%2Fproshow067.xtgem.com%2F%3Ffbclid%3DIwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY&h=AT1sfNcr9KlzQGheC1e28rbjJ6lXb9FzZMoLO5borNhWethoDbT8Il_amjjaWGdxONgOPfOdQKMWgrMgM4Ta1TJWHgc1WMXPypUIQz6GZCtlqQ_D0CU22b9wtNftvwKVQKfnYWKwnKxAtw Page URL
- http://proshow067.xtgem.com/?fbclid=IwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://edge.quantserve.com/quant.js HTTP 301
- https://edge.quantserve.com/quant.js
- http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
- https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
- http://pixel.quantserve.com/pixel;r=1858618227;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fproshow067.xtgem.com%2F%3Ffbclid%3DIwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY;ref=https%3A%2F%2Fl.facebook.com%2F;fpan=1;fpa=P0-1090173133-1589204397278;ns=0;ce=1;qjs=1;qv=f473609d-20200430082408;cm=;gdpr=0;je=0;sr=1600x1200x24;enc=n;dst=1;et=1589204397278;tzo=-120;ogl=title.%5BKH%C3%94NG%20CHE%5D%20Full%20Video%205p19s%20Doggy%20em%20g%C3%A1i%202k1%20m%C3%B4ng%20c%E1%BB%B1c%20n%E1%BA%A3y!%20N%C6%B0%E1%BB%9Bc%20L%E1%BB%93n%20l%C3%AAnh%20l%C3%A1ng%20~%2Cimage.https%3A%2F%2Fscontent%252Efsgn2-1%252Efna%252Efbcdn%252Enet%2Fv%2Ft1%252E0-9%2F96141783_253568379177133_6877754 HTTP 301
- https://pixel.quantserve.com/pixel;r=1858618227;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fproshow067.xtgem.com%2F%3Ffbclid%3DIwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY;ref=https%3A%2F%2Fl.facebook.com%2F;fpan=1;fpa=P0-1090173133-1589204397278;ns=0;ce=1;qjs=1;qv=f473609d-20200430082408;cm=;gdpr=0;je=0;sr=1600x1200x24;enc=n;dst=1;et=1589204397278;tzo=-120;ogl=title.%5BKH%C3%94NG%20CHE%5D%20Full%20Video%205p19s%20Doggy%20em%20g%C3%A1i%202k1%20m%C3%B4ng%20c%E1%BB%B1c%20n%E1%BA%A3y!%20N%C6%B0%E1%BB%9Bc%20L%E1%BB%93n%20l%C3%AAnh%20l%C3%A1ng%20~%2Cimage.https%3A%2F%2Fscontent%252Efsgn2-1%252Efna%252Efbcdn%252Enet%2Fv%2Ft1%252E0-9%2F96141783_253568379177133_6877754
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
l.php
l.facebook.com/ |
274 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
proshow067.xtgem.com/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oxW6uQL.png
i.imgur.com/ |
359 KB 360 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.jpg
3.thumbs.xtstatic.com/100/50/-/377a8f66d716dcf77e2db5d0fac2cb82/i1.ytimg.com/vi/aJN5BxmclEo/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
edge.quantserve.com/ Redirect Chain
|
21 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tp.gif
enif.images.xtstatic.com/ Frame F68F |
0 0 |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tp.gif
cif.images.xtstatic.com/ Frame C25E |
0 0 |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
__xt_authbar
xtgem.com/ Frame BD28 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close2.png
xtgem.com/images/ |
564 B 904 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/ Redirect Chain
|
3 B 357 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=1858618227;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fproshow067.xtgem.com%2F%3Ffbclid%3DIwAR3F0-Jj9Z16rQYujN0E9n3fyYqlpd1r83-R8HUKE612BFFOQpRInb1D7RY;ref=https%3A%2F%2Fl.facebook.com%2F;fpan=...
pixel.quantserve.com/ Redirect Chain
|
35 B 658 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _qevents boolean| cookies number| len function| quantserve function| __qc object| ezt object| _qoptions4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xtgem.com/ | Name: __lang Value: us |
|
.xtgem.com/ | Name: __qca Value: P0-1090173133-1589204397278 |
|
xtgem.com/ | Name: __template Value: web |
|
.xtgem.com/ | Name: session Value: d2~q10r5rglliscgi8st9n9eo0i67 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3.thumbs.xtstatic.com
cif.images.xtstatic.com
edge.quantserve.com
enif.images.xtstatic.com
i.imgur.com
l.facebook.com
pixel.quantserve.com
proshow067.xtgem.com
rules.quantcount.com
xtgem.com
151.101.112.193
178.33.123.218
2600:9000:2156:a00:6:44e3:f8c0:93a1
2a03:2880:f11c:8184:face:b00c:0:14c9
54.36.158.42
91.228.74.183
91.228.74.197
0aa0f9ceb7d5bd7920577f1718d0d97a0087a1c20ff6ce074b25f1e49f02e8a2
3b182bec405eba49ce98536fd6308443ea7a85315a99adf7110f6a2739764a1c
46e623010cc22041a4ce94e967553cf09e22f297bec3bc5a131d5d78e6e07a1b
976e0080754f29db1e74108f974d4347b76c2d3c917cb24f8f9163f3b6e314e8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356