Submitted URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-ut...
Effective URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-ut...
Submission: On September 12 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is canoedrum0.xtgem.com.
This is the only time canoedrum0.xtgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.36.158.42 16276 (OVH)
1 198.54.116.39 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 128.171.81.67 6360 (UNIVHAWAII)
6 178.33.123.218 16276 (OVH)
1 2 2a00:1450:400... 15169 (GOOGLE)
12 7
Domain Requested by
4 xtgem.com canoedrum0.xtgem.com
1 www.youtube.com canoedrum0.xtgem.com
1 youtu.be 1 redirects
1 cif.images.xtstatic.com canoedrum0.xtgem.com
1 enif.images.xtstatic.com canoedrum0.xtgem.com
1 www.cfht.hawaii.edu canoedrum0.xtgem.com
1 i.ytimg.com canoedrum0.xtgem.com
1 www.advancedliving.com canoedrum0.xtgem.com
1 canoedrum0.xtgem.com
0 edge.quantserve.com Failed canoedrum0.xtgem.com
12 10

This site contains links to these domains. Also see Links.

Domain
pastebin.pl
xtgem.com
Subject Issuer Validity Valid
advancedliving.com
Sectigo RSA Domain Validation Secure Server CA
2021-01-02 -
2022-01-02
a year crt.sh
edgestatic.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
www.cfht.hawaii.edu
R3
2021-07-18 -
2021-10-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.xtgem.com
R3
2021-08-27 -
2021-11-25
3 months crt.sh

This page contains 5 frames:

Primary Page: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Frame ID: 9E6FB9AC9FF5FE344B2453A917BC1E54
Requests: 8 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 21FC4F8FDFB84DDB742BA021A34D879A
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: D7FFDF11BB6CC913605E115BE6C2AD52
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/watch?v=Of108VuGGKo&feature=youtu.be
Frame ID: C9E3BB8B4128496F52DDDAFBACFE3238
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9jYW5vZWRydW0wLnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yMzEwMjk0NCZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiY2Fub2VkcnVtMC54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Frame ID: 14D2C6565417525190362A39FC3BE6D6
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Facts About Detoxil Omega Formula Review - Utah Compact Revealed - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

12
Requests

42 %
HTTPS

33 %
IPv6

8
Domains

10
Subdomains

7
IPs

3
Countries

2517 kB
Transfer

2542 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://youtu.be/Of108VuGGKo HTTP 303
  • https://www.youtube.com/watch?v=Of108VuGGKo&feature=youtu.be

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed
canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/
25 KB
8 KB
Document
General
Full URL
http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
1f1bbbe97b326458e3c1ac5e59e2033bbabfc51e339e68011361873b8b6bf2f2

Request headers

Host
canoedrum0.xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 12 Sep 2021 13:22:00 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=ba8d8b7cbe009d99e885f492fae5d24d; expires=Tue, 12-Sep-2023 13:22:01 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly _xta_vid=dcf5982c4292c396e9fe9da3fdef58cb-1631452921; expires=Sun, 12-Sep-2021 13:52:01 GMT; Max-Age=1800; path=/; domain=.xtgem.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
7230
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
What-is-Detoxil-Omega-Formula.jpg
www.advancedliving.com/wp-content/uploads/2020/06/
25 KB
25 KB
Image
General
Full URL
https://www.advancedliving.com/wp-content/uploads/2020/06/What-is-Detoxil-Omega-Formula.jpg
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.39 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server261-20.web-hosting.com
Software
LiteSpeed /
Resource Hash
00f6560c859d0391dc564e21b7096a41e22fa3bf7a1a8c6d69a09fe87b1e20a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:22:06 GMT
last-modified
Mon, 15 Jun 2020 17:21:44 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
25630
expires
Mon, 12 Sep 2022 19:22:06 GMT
mqdefault.jpg
i.ytimg.com/vi/ODVD8VkAias/
15 KB
16 KB
Image
General
Full URL
https://i.ytimg.com/vi/ODVD8VkAias/mqdefault.jpg
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27de357c83f0f9c62c2bef215a2cb84c7c7318b0382a047b89e14aa66082e022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:22:06 GMT
x-content-type-options
nosniff
server
sffe
etag
"1575774663"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15852
x-xss-protection
0
expires
Sun, 12 Sep 2021 15:22:06 GMT
image1.png
www.cfht.hawaii.edu/en/news/OmegaCen/
2 MB
2 MB
Image
General
Full URL
https://www.cfht.hawaii.edu/en/news/OmegaCen/image1.png
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
128.171.81.67 Waimea, United States, ASN6360 (UNIVHAWAII, US),
Reverse DNS
komo.cfht.hawaii.edu
Software
Apache /
Resource Hash
5469c0919c4f788e55a47e53d642e2a3a1479e9ee07e165915ccfeda0dd8913a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:22:07 GMT
last-modified
Mon, 22 Apr 2019 23:54:31 GMT
server
Apache
accept-ranges
bytes
etag
"2644da-587273090f010"
content-length
2507994
content-type
image/png
xtgem-forums.jpg
xtgem.com/images/forum/
8 KB
9 KB
Image
General
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 13:22:05 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
1
ETag
"20c8-59774aa04e000"
X-Cache
HIT
Content-Type
image/jpeg
Expires
Tue, 12 Oct 2021 13:22:05 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
X-Cache-Hits
4
quant.js
edge.quantserve.com/
0
0

tp.gif
enif.images.xtstatic.com/ Frame 21FC
42 B
368 B
Document
General
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://canoedrum0.xtgem.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/

Response headers

Date
Sun, 12 Sep 2021 13:22:06 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 12 Oct 2021 13:22:06 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame D7FF
42 B
368 B
Document
General
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://canoedrum0.xtgem.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/

Response headers

Date
Sun, 12 Sep 2021 13:22:06 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 12 Oct 2021 13:22:06 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
watch
www.youtube.com/ Frame C9E3
Redirect Chain
  • https://youtu.be/Of108VuGGKo
  • https://www.youtube.com/watch?v=Of108VuGGKo&feature=youtu.be
0
0
Document
General
Full URL
https://www.youtube.com/watch?v=Of108VuGGKo&feature=youtu.be
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/watch?v=Of108VuGGKo&feature=youtu.be
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://canoedrum0.xtgem.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 12 Sep 2021 13:22:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=MU3PwFlzy9E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Mon, 17-Dec-2018 13:22:11 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+265; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type
application/binary
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 12 Sep 2021 13:22:06 GMT
location
https://www.youtube.com/watch?v=Of108VuGGKo&feature=youtu.be
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
server
ESF
content-length
0
x-xss-protection
0
set-cookie
YSC=fcglpnHDHRE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+570; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtu.be; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set __xt_authbar
xtgem.com/ Frame 14D2
14 KB
4 KB
Document
General
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9jYW5vZWRydW0wLnh0Z2VtLmNvbVwvX194dF9ibG9nXC9fX3h0YmxvZ19lbnRyeT9fX3h0YmxvZ19lbnRyeT0yMzEwMjk0NCZfX3h0YmxvZ19ibG9ja19pZD0xIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiY2Fub2VkcnVtMC54dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
9d9cde3191243c74a5b1a63fcc6c3b80568c6829e54417dccfe250bf102100d8

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://canoedrum0.xtgem.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/

Response headers

Date
Sun, 12 Sep 2021 13:22:06 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w4~d2e2tkc75hre5048nrd6u4c3h1; expires=Mon, 13-Sep-2021 13:22:06 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Tue, 12-Oct-2021 13:22:06 GMT; Max-Age=2592000; path=/ __lang=us; expires=Tue, 12-Oct-2021 13:22:06 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2920
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
xtgem-icons.woff
xtgem.com/fonts/
5 KB
4 KB
Font
General
Full URL
http://xtgem.com/fonts/xtgem-icons.woff
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086

Request headers

Referer
http://canoedrum0.xtgem.com/
Origin
http://canoedrum0.xtgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 13:22:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1530-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
3769
X-Cache-Hits
0
close2.png
xtgem.com/images/
564 B
901 B
Image
General
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: canoedrum0.xtgem.com
URL: http://canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry/23102944-the-facts-about-detoxil-omega-formula-review-utah-compact-revealed?__xtblog_block_id=1
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://canoedrum0.xtgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 13:22:05 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
1
ETag
"234-59774aa04e000"
X-Cache
HIT
Content-Type
image/png
Expires
Tue, 12 Oct 2021 13:22:05 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.quantserve.com
URL
http://edge.quantserve.com/quant.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| _qevents boolean| cookies number| len

3 Cookies

Domain/Path Name / Value
canoedrum0.xtgem.com/__xt_blog/__xtblog_entry/__xtblog_entry Name:
Value: test
.xtgem.com/ Name: _xta_uid
Value: ba8d8b7cbe009d99e885f492fae5d24d
.xtgem.com/ Name: _xta_vid
Value: dcf5982c4292c396e9fe9da3fdef58cb-1631452921

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.