urlscan.io logo urlscan.io
SecurityTrails logo

xtgem.update-ekla.download Open in urlscan Pro
2606:4700:3033::ac43:bcde  Public Scan

Go To Rescan Add Verdict Report
URL: https://xtgem.update-ekla.download/
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3033::ac43:bcde, located in United States and belongs to CLOUDFLARENET, US. The main domain is xtgem.update-ekla.download.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.
This is the only time xtgem.update-ekla.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.126.77 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (HIGHWINDS3)
1 45.141.156.118 202580 (THE-VALIDUS)
10 7
3    2606:4700:3033::ac43:bcde (United States)

ASN13335 (CLOUDFLARENET, US)
xtgem.update-ekla.download
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
mac-cdn.softpedia.com
1    2606:4700::6812:eda (United States)

ASN13335 (CLOUDFLARENET, US)
a.fsdn.com
1    104.18.126.77 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn2.macworld.co.uk
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
pics.me.me
1    45.141.156.118 (Bulgaria)

ASN202580 (THE-VALIDUS, UA)
getintopc.com
Domain Requested by
3 xtgem.update-ekla.download xtgem.update-ekla.download
1 getintopc.com xtgem.update-ekla.download
1 pics.me.me xtgem.update-ekla.download
1 cdn2.macworld.co.uk xtgem.update-ekla.download
1 a.fsdn.com xtgem.update-ekla.download
1 mac-cdn.softpedia.com xtgem.update-ekla.download
0 secureservercdn.net Failed xtgem.update-ekla.download
0 dl1.cbsistatic.com Failed xtgem.update-ekla.download
10 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
*.softpedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-20 -
2022-05-21		 a year crt.sh
macworld.co.uk
Cloudflare Inc ECC CA-3		 2021-05-04 -
2022-05-03		 a year crt.sh
pics.me.me
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
www.getintopc.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-03 -
2022-02-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://xtgem.update-ekla.download/
Frame ID: 8A286981547544126B3DB3B0A9B60FFB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xtgem.update-ekla.download

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

10
Requests

80 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

617 kB
Transfer

631 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xtgem.update-ekla.download/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bcde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c754a35d7e1af5911e211ca3a7b7d7c048794abd6a15d86497d394214f7b4f

Request headers

:method
GET
:authority
xtgem.update-ekla.download
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 04:06:06 GMT
content-type
text/html
last-modified
Sat, 08 Aug 2020 21:52:24 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Aq%2FhvpqY33BabBAlv5MFxwKv804VwOMRmLtofWQCgaDlJkL9nbW3wK4Embuq6GPdZiv8XEuyL%2BWLiz0dbLJdqPduYkNHudZrVF5PhlDQk%2F6itY5lJGckJNJlc7XECeNKNOSMC5brQ39ybQITI7F%2BJy4Qy14%2Fp7ZLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
695a18e40b5dc2ae-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
BL5scm.css
xtgem.update-ekla.download/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtgem.update-ekla.download/BL5scm.css
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bcde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc257e5925c6bf922d0d030c735a083884c34d7ff254bf0f48d0dbad48d058d

Request headers

:path
/BL5scm.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
xtgem.update-ekla.download
referer
https://xtgem.update-ekla.download/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 08 Aug 2020 21:51:28 GMT
server
cloudflare
etag
W/"5f2f1e60-395a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXv%2FX3271MOP0ult0eKXnW5IvmipShtTrdtiDUssx8MOisepeeFAK74O7k4cfPAwGPJmcOXULbwvd5AG7e0aL1zaYSKHXexTCzQrPQ%2FG9MYPmtCF33K0VNDOSe6oHjA7PDhQ8neh3bWjr7e3EmK%2BaQ%2BwhUGwmk5TMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
695a18e51bdac2ae-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
iPhone-Configuration-Utility-thumb.jpg
mac-cdn.softpedia.com/screenshots/thumbs/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mac-cdn.softpedia.com/screenshots/thumbs/iPhone-Configuration-Utility-thumb.jpg
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
aa3e139e526c8fae132bb139cd195fcc027cacb8b7d5f4cf4dcdf49536ac63d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:06:07 GMT
Last-Modified
Thu, 08 Oct 2015 13:22:45 GMT
ETag
"1444310565"
X-HW
1632801966.dop071.lo4.t,1632801967.cds020.lo4.shn,1632801967.dop071.lo4.t,1632801967.cds272.lo4.p
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7471
writer.png
a.fsdn.com/con/app/proj/openofficeorg.mirror/screenshots/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fsdn.com/con/app/proj/openofficeorg.mirror/screenshots/writer.png
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef1333ac18b8722148741d1fc548dbf95bfc7942ce91e19e58ed489bc73df47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
141568
x-ua-compatible
IE=edge,chrome=1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self', upgrade-insecure-requests
accept-ranges
bytes
cf-ray
695a18e57d2e6969-FRA
expires
Wed, 28 Sep 2022 04:06:08 GMT
Twitterrific_2015-Apr-23.png
cdn2.macworld.co.uk/cmsdata/features/3604735/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.macworld.co.uk/cmsdata/features/3604735/Twitterrific_2015-Apr-23.png
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.126.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69279fb1033356164ab63b42bbbe1eacd032490c1cc082107b7cf15308e774b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:07 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2015 16:05:17 GMT
server
cloudflare
etag
"37867a4adf7dd01:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
695a18e578ea3b79-CDG
content-length
246048
expires
Wed, 28 Sep 2022 04:06:07 GMT
imgingest-721735243933631070.png
dl1.cbsistatic.com/i/2017/08/17/6648cc8d-3c93-42e0-822b-9de5a1e81db1/aa91dc2bdc8d2fcfedecc8d32e77f3a2/ 		0
0
dictation-speech-show-all-select-voices-english-united-states-52189408.png
pics.me.me/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pics.me.me/dictation-speech-show-all-select-voices-english-united-states-52189408.png
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
WasabiS3/7.0.176-2021-07-18-7900366 (head02) /
Resource Hash
0235157d4231a76fa5b86ec1715b457e650b5b8f5752e7fe266ef74183ab298d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:07 GMT
last-modified
Sat, 19 Oct 2019 11:25:05 GMT
server
WasabiS3/7.0.176-2021-07-18-7900366 (head02)
x-amz-request-id
B05D641A2B55D692
etag
"a15ebdeb573302dc95bfe2e6f7761e6f"
x-hw
1632801966.cds154.fr8.hn,1632801966.cds248.fr8.s,1632801967.dop009.la3.r,1632801967.cds229.la3.p,1632801967.cds248.fr8.p
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-length
52386
x-amz-id-2
9kO+5MsLNrK7Wkrc08UaTvol2I4/VE4K+1i471qWob+Fg3ecPf8VVJs61plkF8M5TWPy07BD7QJ4
Mac-OS-X-Snow-Leopard-Latest-Version-Download.png
getintopc.com/wp-content/uploads/2015/01/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getintopc.com/wp-content/uploads/2015/01/Mac-OS-X-Snow-Leopard-Latest-Version-Download.png
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.141.156.118 , Bulgaria, ASN202580 (THE-VALIDUS, UA),
Reverse DNS
Software
nginx /
Resource Hash
ba53ed2ef5198832b7d10ee28e95b8a4d1e18d595c841bb58f6f1591409bb007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:07 GMT
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jul 2019 07:43:35 GMT
server
nginx
etag
"5d1effa7-28daf"
x-cache-status
HIT
x-frame-options
DENY
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
167343
x-content-type-options
nosniff
expires
Wed, 28 Sep 2022 04:06:07 GMT
IMG_1293-375x500.jpg
secureservercdn.net/ip-ad.mwp2.iad2.secureserver.net/ihn.da4.godaddywp.com/wp-content/uploads/2020/03/ 		0
0
/
xtgem.update-ekla.download/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xtgem.update-ekla.download/
Requested by
Host: xtgem.update-ekla.download
URL: https://xtgem.update-ekla.download/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bcde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
xtgem.update-ekla.download
referer
https://xtgem.update-ekla.download/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xtgem.update-ekla.download/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FzRkNfAKPWlTLqS6NLi0gztlCYbxCPHN7nunjKWOzptYa3jBX2sxKDb61gnz2Un8dK8r4e440JkGaUDyBMlIOEj9PBE8YJ3JgBtDSckTiF97afUOenhQ%2FS6G35ZT%2FcSWE66A%2Bm%2F003WrJwjXq%2BiNrYItVtWob1GSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
last-modified
Sat, 08 Aug 2020 21:52:24 GMT
cf-ray
695a18e51bddc2ae-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dl1.cbsistatic.com
URL
https://dl1.cbsistatic.com/i/2017/08/17/6648cc8d-3c93-42e0-822b-9de5a1e81db1/aa91dc2bdc8d2fcfedecc8d32e77f3a2/imgingest-721735243933631070.png
Domain
secureservercdn.net
URL
https://secureservercdn.net/ip-ad.mwp2.iad2.secureserver.net/ihn.da4.godaddywp.com/wp-content/uploads/2020/03/IMG_1293-375x500.jpg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://dl1.cbsistatic.com/i/2017/08/17/6648cc8d-3c93-42e0-822b-9de5a1e81db1/aa91dc2bdc8d2fcfedecc8d32e77f3a2/imgingest-721735243933631070.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED