xtgem.over-update.download Open in urlscan Pro
2606:4700:3033::ac43:9bfc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xtgem.over-update.download/
Submission: On August 09 via automatic, source certstream-suspicious (August 9th 2020, 6:52:29 am UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::ac43:9bfc, located in United States and belongs to CLOUDFLARENET, US. The main domain is xtgem.over-update.download.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2020. Valid for: a year.

This is the only time xtgem.over-update.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::ac43:9bfc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	50.87.151.200 50.87.151.200	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:dacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:18d::29cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.167.155.198 108.167.155.198	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700:20:... 2606:4700:20::ac43:44b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	9

3 2606:4700:3033::ac43:9bfc (United States)

ASN13335 (CLOUDFLARENET, US)

xtgem.over-update.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

static.4kdownload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.87.151.200 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-151-200.unifiedlayer.com

www.appspcdownload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:dacc (United States)

ASN13335 (CLOUDFLARENET, US)

appdigg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:18d::29cc (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

images.sftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.167.155.198 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-167-155-198.unifiedlayer.com

www.isunshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44b6 (United States)

ASN13335 (CLOUDFLARENET, US)

image.winudf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	over-update.download xtgem.over-update.download	13 KB
1	winudf.com image.winudf.com	30 KB
1	isunshare.com www.isunshare.com	26 KB
1	sftcdn.net images.sftcdn.net	40 KB
1	appdigg.com appdigg.com	270 KB
1	blogspot.com 3.bp.blogspot.com	20 KB
1	appspcdownload.com www.appspcdownload.com	193 KB
1	4kdownload.com static.4kdownload.com	45 KB
1	googleusercontent.com lh3.googleusercontent.com	106 KB
11	9

	Domain	Requested by
3	xtgem.over-update.download	xtgem.over-update.download
1	image.winudf.com	xtgem.over-update.download
1	www.isunshare.com	xtgem.over-update.download
1	images.sftcdn.net	xtgem.over-update.download
1	appdigg.com	xtgem.over-update.download
1	3.bp.blogspot.com	xtgem.over-update.download
1	www.appspcdownload.com	xtgem.over-update.download
1	static.4kdownload.com	xtgem.over-update.download
1	lh3.googleusercontent.com	xtgem.over-update.download
11	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
static.4kdownload.com Let's Encrypt Authority X3	`2020-07-03` - `2020-10-01`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
s4-san.cloudinary.com Let's Encrypt Authority X3	`2020-07-14` - `2020-10-12`	3 months	crt.sh
www.isunshare.com Let's Encrypt Authority X3	`2020-07-31` - `2020-10-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xtgem.over-update.download/
Frame ID: 46F3C934EB556FDC1BF5902C603057C5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

11
Requests

91 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

743 kB
Transfer

757 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xtgem.over-update.download/ 18 KB
5 KB 181ms
145ms Document
text/html 2606:4700:3033::ac43:9bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d4ffc6ec2669ceda54e6abb5a3084e24577cdb99cd0eac091e1f4279bdef21

Request headers

:method: GET
:authority: xtgem.over-update.download
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 09 Aug 2020 06:52:12 GMT
content-type: text/html
set-cookie: __cfduid=d6f436a54e54bcff7b6ca175e8d3221b61596955932; expires=Tue, 08-Sep-20 06:52:12 GMT; path=/; domain=.over-update.download; HttpOnly; SameSite=Lax; Secure
last-modified: Sat, 08 Aug 2020 21:38:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 047396d0830000dfcb57ad4200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bff8d940bc4dfcb-FRA
content-encoding: br

GET
H2 200 styles.css
xtgem.over-update.download/ 11 KB
3 KB 153ms
151ms Stylesheet
text/css 2606:4700:3033::ac43:9bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xtgem.over-update.download/styles.css
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e5ae841511dc576327026ae39426c25f9f21d089a8eed41747d77ada631adf

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 21:37:30 GMT
server: cloudflare
etag: W/"5f2f1b1a-2ce3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
cf-ray: 5bff8d94fe51dfcb-FRA
cf-request-id: 047396d11e0000dfcb57af4200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4lAVUzMJl4uvAlT8h5xiZUQGTxM6jXYe1W1OqjJBsvq3yCp2lgMp3smmzacAgjeV5Jk=h900
lh3.googleusercontent.com/ 105 KB
106 KB 391ms
368ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4lAVUzMJl4uvAlT8h5xiZUQGTxM6jXYe1W1OqjJBsvq3yCp2lgMp3smmzacAgjeV5Jk=h900

Requested by

Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a11083ee737c728bf9052e420e3f4f14ae91da80cb0b498c32617c6b1f5109f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107705
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Aug 2020 06:52:13 GMT

GET
H2 200 1-windows.7fee79b5d164.png
static.4kdownload.com/main/img/screenshots/videodownloader/ 45 KB
45 KB 567ms
549ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.4kdownload.com/main/img/screenshots/videodownloader/1-windows.7fee79b5d164.png
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e7533a594551b061a5e41187f700d6e326ccfe5789e3f344bc7d20864ca5d1f2

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
last-modified: Thu, 12 Oct 2017 12:51:38 GMT
server: keycdn-engine
x-edge-location: defr
etag: "59df655a-b340"
status: 200
x-cache: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
content-length: 45888
expires: Mon, 09 Aug 2021 12:41:13 GMT

GET
H/1.1 200
OK hangouts-comp.jpg
www.appspcdownload.com/wp-content/uploads/2014/10/ 192 KB
193 KB 711ms
358ms Image
image/jpeg 50.87.151.200
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.appspcdownload.com/wp-content/uploads/2014/10/hangouts-comp.jpg
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: HTTP/1.1
Server: 50.87.151.200 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-151-200.unifiedlayer.com
Software: Apache /
Resource Hash: bb493244430d6f99a6954254baaef0ae03c8ef9cb22a97a12dacd665d875ee44

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 06:52:13 GMT
Last-Modified: Mon, 20 Nov 2017 04:32:11 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=10368000, public
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 197110
Expires: Mon, 07 Dec 2020 06:52:13 GMT

GET
H2 200 Iron%2BMan%2B1.jpg
3.bp.blogspot.com/-Zgx8XAGLE0E/VzqOsP-m0TI/AAAAAAAARqs/aZw35mu9U9AA2JMFxZyrfDiBAj-1mP_xACLcB/s1600/ 20 KB
20 KB 364ms
336ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Zgx8XAGLE0E/VzqOsP-m0TI/AAAAAAAARqs/aZw35mu9U9AA2JMFxZyrfDiBAj-1mP_xACLcB/s1600/Iron%2BMan%2B1.jpg

Requested by

Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3717a293562cf795ad83f0828c3d0e7050bd5b9ec16f9d3abb896c460307dfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Iron Man 1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20030
x-xss-protection: 0
server: fife
etag: "v46af"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Aug 2020 06:52:13 GMT

GET
H2 200 Download.png
appdigg.com/wp-content/uploads/2017/12/ 269 KB
270 KB 101ms
73ms Image
image/png 2606:4700:3032::ac43:dacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://appdigg.com/wp-content/uploads/2017/12/Download.png
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c619733c174e12f3343c33fc61ad10d5a4d74c560c4390513e301c972306cc06

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2017 07:55:18 GMT
server: cloudflare
etag: "434fe-5a4351e6-a20fc9;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5bff8d952908e00b-FRA
content-length: 275710
cf-request-id: 047396d1370000e00b460d6200000001
expires: Sun, 16 Aug 2020 06:52:12 GMT

GET
H2 200 apple-imovie-screenshot.png
images.sftcdn.net/images/t_app-cover-l,f_auto/p/697c2cb8-96d4-11e6-96c4-00163ec9f5fa/2448275136/ 40 KB
40 KB 51ms
29ms Image
image/webp 2a02:26f0:6c00:18d::29cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/697c2cb8-96d4-11e6-96c4-00163ec9f5fa/2448275136/apple-imovie-screenshot.png

Requested by

Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:18d::29cc , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Cloudinary /

Resource Hash

62d9d496bb7345408a0574b1c20777bff5e301b7a8f8f099dd92ffe7246f0d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
vary: Accept,User-Agent
status: 200
content-disposition: inline; filename="2448275136.webp"
server-timing: akam;dur=23;start=2020-08-09T06:52:12.978Z;desc=miss,rtt;dur=4,cloudinary;dur=79;start=2020-08-07T15:01:37.619Z
content-length: 40628
last-modified: Fri, 26 Oct 2018 09:47:51 GMT
server: Cloudinary
etag: "2aa015140c56d0949a1ca2b9c69aa4f4"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 retrieve-adobe-license-key.png
www.isunshare.com/blog/wp-content/uploads/2014/08/ 26 KB
26 KB 873ms
519ms Image
image/png 108.167.155.198
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.isunshare.com/blog/wp-content/uploads/2014/08/retrieve-adobe-license-key.png
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 108.167.155.198 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 108-167-155-198.unifiedlayer.com
Software: nginx/1.14.1 /
Resource Hash: d8ef235a4aaed80e7f73a381c87c552b0539eef4d8323b1c2180b6ccd932aa28

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2017 07:17:54 GMT
server: nginx/1.14.1
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
content-length: 26571
expires: Mon, 09 Aug 2021 06:52:13 GMT

GET
H2 200 screen-2.jpg
image.winudf.com/v2/image/Y29tLmdhbWVyc3dvcmxkLmFnZU9mRW1waXJlM19zY3JlZW5fMl8xNTIzMjA4NDM2XzAxMw/ 30 KB
30 KB 915ms
898ms Image
image/jpeg 2606:4700:20::ac43:44b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image/Y29tLmdhbWVyc3dvcmxkLmFnZU9mRW1waXJlM19zY3JlZW5fMl8xNTIzMjA4NDM2XzAxMw/screen-2.jpg?fakeurl=1&type=.jpg

Requested by

Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bc3c5b28b9ff5321c6ba5f1de412a304c5ec6d30502bff42912e988c682748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
cf-cache-status: MISS
server: cloudflare
etag: fc1d8834
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 5bff8d951e541f19-FRA
content-length: 30675
cf-request-id: 047396d12c00001f19bd2cf200000001

GET
H2 200 /
xtgem.over-update.download/ 0
5 KB 155ms
154ms Other
text/html 2606:4700:3033::ac43:9bfc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xtgem.over-update.download/
Requested by: Host: xtgem.over-update.download
URL: https://xtgem.over-update.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9bfc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xtgem.over-update.download/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 06:52:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 08 Aug 2020 21:38:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 5bff8d94fe52dfcb-FRA
cf-request-id: 047396d11e0000dfcb57af5200000001

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.over-update.download/	1970-01-19 12:19:07	Name: __cfduid Value: d6f436a54e54bcff7b6ca175e8d3221b61596955932

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
appdigg.com
image.winudf.com
images.sftcdn.net
lh3.googleusercontent.com
static.4kdownload.com
www.appspcdownload.com
www.isunshare.com
xtgem.over-update.download
108.167.155.198
2606:4700:20::ac43:44b6
2606:4700:3032::ac43:dacc
2606:4700:3033::ac43:9bfc
2a00:1450:4001:809::2001
2a00:1450:4001:81b::2001
2a02:26f0:6c00:18d::29cc
2a0b:4d07:102::1
50.87.151.200
3717a293562cf795ad83f0828c3d0e7050bd5b9ec16f9d3abb896c460307dfca
61d4ffc6ec2669ceda54e6abb5a3084e24577cdb99cd0eac091e1f4279bdef21
62d9d496bb7345408a0574b1c20777bff5e301b7a8f8f099dd92ffe7246f0d15
63e5ae841511dc576327026ae39426c25f9f21d089a8eed41747d77ada631adf
a11083ee737c728bf9052e420e3f4f14ae91da80cb0b498c32617c6b1f5109f8
bb493244430d6f99a6954254baaef0ae03c8ef9cb22a97a12dacd665d875ee44
c0bc3c5b28b9ff5321c6ba5f1de412a304c5ec6d30502bff42912e988c682748
c619733c174e12f3343c33fc61ad10d5a4d74c560c4390513e301c972306cc06
d8ef235a4aaed80e7f73a381c87c552b0539eef4d8323b1c2180b6ccd932aa28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7533a594551b061a5e41187f700d6e326ccfe5789e3f344bc7d20864ca5d1f2

xtgem.over-update.download Open in urlscan Pro 2606:4700:3033::ac43:9bfc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

78 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

743 kBTransfer

757 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

xtgem.over-update.download Open in urlscan Pro
2606:4700:3033::ac43:9bfc Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

743 kB
Transfer

757 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions