urlscan.io logo urlscan.io
SecurityTrails logo

xtem.org Open in urlscan Pro
35.241.64.98  Public Scan

Go To Rescan Add Verdict Report
URL: http://xtem.org/
Submission: On July 26 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 34 HTTP transactions. The main IP is 35.241.64.98, located in Hong Kong, Hong Kong and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is xtem.org.
This is the only time xtem.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 35.241.64.98 396982 (GOOGLE-CL...)
1 172.67.209.186 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 154.85.69.6 139057 (LDPL-AS-A...)
1 35.215.162.237 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 154.85.69.11 139057 (LDPL-AS-A...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 99.86.4.88 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
34 14
13    35.241.64.98 (Hong Kong, Hong Kong)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.64.241.35.bc.googleusercontent.com
xtem.org
1    172.67.209.186 (United States)

ASN13335 (CLOUDFLARENET, US)
bd51static.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    154.85.69.6 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
sdk.51.la
1    35.215.162.237 (Hong Kong, Hong Kong)

ASN15169 (GOOGLE, US)
PTR: 237.162.215.35.bc.googleusercontent.com
138988h.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    154.85.69.11 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
collect-v6.51.la
2    2a02:26f0:480:c::210:f192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
inews.co.uk
1    99.86.4.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-88.fra6.r.cloudfront.net
uk-script.dotmetrics.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:480:c::210:f1a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
hulkprod.anm.co.uk
1    2a02:26f0:480:c::210:f190 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
inews.co.uk
1    2a02:26f0:480:23::1726:628d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmg-libs.anm.co.uk
1    2a02:26f0:480:c::210:f185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
rta2.inews.co.uk
Apex Domain
Subdomains		 Transfer
13 xtem.org
xtem.org
783 KB
4 inews.co.uk
inews.co.uk — Cisco Umbrella Rank: 73258
rta2.inews.co.uk — Cisco Umbrella Rank: 292885
12 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
271 KB
3 51.la
sdk.51.la — Cisco Umbrella Rank: 46121
collect-v6.51.la — Cisco Umbrella Rank: 35990
14 KB
2 anm.co.uk
hulkprod.anm.co.uk — Cisco Umbrella Rank: 12264
dmg-libs.anm.co.uk — Cisco Umbrella Rank: 193089
17 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 5959
794 B
1 138988h.com
138988h.com
1 bd51static.com
bd51static.com
943 B
34 11
Domain Requested by
13 xtem.org xtem.org
3 bat.bing.com xtem.org
bat.bing.com
3 www.googletagmanager.com xtem.org
www.googletagmanager.com
3 inews.co.uk 1 redirects xtem.org
2 collect-v6.51.la sdk.51.la
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com xtem.org
1 rta2.inews.co.uk inews.co.uk
1 dmg-libs.anm.co.uk xtem.org
1 hulkprod.anm.co.uk xtem.org
1 uk-script.dotmetrics.net xtem.org
1 138988h.com xtem.org
1 sdk.51.la xtem.org
1 bd51static.com xtem.org
34 14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
Subject Issuer Validity Valid
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
www.138988h.com
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
inews.co.uk
R11		 2024-07-21 -
2024-10-19		 3 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M03		 2024-07-23 -
2025-08-20		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
dmgprivacyint.co.uk
R11		 2024-07-24 -
2024-10-22		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh

This page contains 2 frames:

Primary Page: http://xtem.org/
Frame ID: 1AA7949CC9E10946862B2454B8DE79BC
Requests: 33 HTTP requests in this frame

Frame: https://138988h.com/webapp/html/xingyft/index.html
Frame ID: CDAA71A7BE1A895FF47B86969D14FE8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

168幸运飞行艇历史开奖查询结果-新168飞行艇开奖查询记录官网-幸运飞行艇官方开奖直播查询统一结果-inews

Page URL History Show full URLs

  1. http://xtem.org/ HTTP 307
    https://xtem.org/ HTTP 307
    http://xtem.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

41 %
HTTPS

60 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

1175 kB
Transfer

2523 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xtem.org/ HTTP 307
    https://xtem.org/ HTTP 307
    http://xtem.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bd51static.com/17wl.js HTTP 307
  • https://bd51static.com/17wl.js
Request Chain 24
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 26
  • http://inews.co.uk/geo/locationjson-v1.3.html HTTP 301
  • https://inews.co.uk/geo/locationjson-v1.3.html

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xtem.org/
Redirect Chain
  • http://xtem.org/
  • https://xtem.org/
  • http://xtem.org/
347 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c3b9b66347894a353b6099e3f5268da4cc6f001c656b8061531710cbeefc3ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 26 Jul 2024 05:29:08 GMT
ETag
W/"669a0198-56c8a"
Last-Modified
Fri, 19 Jul 2024 06:03:04 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
http://xtem.org/
Non-Authoritative-Reason
HttpsUpgrades
17wl.js
bd51static.com/
Redirect Chain
  • http://bd51static.com/17wl.js
  • https://bd51static.com/17wl.js
1 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bd51static.com/17wl.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H3
Server
172.67.209.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072e8734643d32181242da162addd46f80bbdf449faab7c6550cabde13dad42c

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 03:36:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8588
etag
W/"644b3f20-456"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPJ0a8st4G%2BwsgwOFSfzSq1gnRsR6pSKxww30wyUja5ROCLPbxH2zh%2BaG9CpVT0N9g85qrlTpN%2BiGr5FAnFMGQPquGLSKAw0q9Raaiq52A%2BlSyCOLkjif2dspduk4sJdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8a91fd88db03a043-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jul 2024 15:06:01 GMT

Redirect headers

Location
https://bd51static.com/17wl.js
Non-Authoritative-Reason
DNS
Cross-Origin-Resource-Policy
Cross-Origin
main.js
xtem.org/ 		1 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
http://xtem.org/main.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
735566526b6ede07ea9663dff07f6e74f4c2547023155625dcc94fbf333219c9

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Jul 2024 06:03:26 GMT
Server
nginx
ETag
W/"669a01ae-4cc"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 26 Jul 2024 17:29:09 GMT
locationjson-v1.3.json
xtem.org/json/ 		75 B
311 B 		Other
General
Check archive.org
Download Go to
Full URL
http://xtem.org/json/locationjson-v1.3.json
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
49e88d565c0abd7dec3abc95e843cdcc280576e89dec9666d8278df56b458d15

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Last-Modified
Thu, 18 Jul 2024 09:02:16 GMT
Server
nginx
ETag
"6698da18-4b"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75
f.txt
xtem.org/txt/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xtem.org/txt/f.txt
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f953e23d6ec8852a33837cf8a6954002aed3a19c957c36776d16470f9df49d7

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 09:02:16 GMT
Server
nginx
ETag
W/"6698da18-18bf0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain
Connection
keep-alive
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Red+Hat+Display:ital,wght@0,500;0,700;1,500;1,700;%7CBitter:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900;%7CSource+Serif+Pro:ital,wght@0,400;0,700;1,400;1,700;&display=swap
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20e033a3cebf1e5b8ff97f6372d3a3425fc024601a3123498e376aeaeee425cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jul 2024 05:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 05:29:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 05:29:09 GMT
ari-ci.js
xtem.org/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xtem.org/js/ari-ci.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43a0e90f00a0fd7d5630c5200c1ac0faac53efccb92197b2ee8cb5614d9b875d

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2024 09:15:17 GMT
Server
nginx
ETag
W/"668fa2a5-2fa5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 26 Jul 2024 17:29:09 GMT
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
154.85.69.6 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Ser
BC202_lt-obgp-fujian-xiamen-33-cache-2, BC4_DE-Frankfurt-Frankfurt-11-cache-1
client9dd1.js
xtem.org/js/ 		342 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xtem.org/js/client9dd1.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e6dce0ac1351e76cba4fdda6664f2e9dc5107ec09ec722dce74a80f02d6467f2

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Jul 2024 11:36:02 GMT
Server
nginx
ETag
W/"66965b22-5592e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 26 Jul 2024 17:29:09 GMT
index.html
138988h.com/webapp/html/xingyft/ Frame CDAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://138988h.com/webapp/html/xingyft/index.html
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.215.162.237 Hong Kong, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
237.162.215.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://xtem.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Jul 2024 05:29:12 GMT
etag
W/"6696eab0-d41c"
last-modified
Tue, 16 Jul 2024 21:48:32 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
css
fonts.googleapis.com/ 		17 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Red+Hat+Display:ital,wght@0,500;0,700;1,500;1,700;%7CBitter:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900;%7CSource+Serif+Pro:ital,wght@0,400;0,700;1,400;1,700;&display=swap
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20e033a3cebf1e5b8ff97f6372d3a3425fc024601a3123498e376aeaeee425cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 05:29:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 05:29:09 GMT
victoriaderbyshire.png
xtem.org/png/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/png/victoriaderbyshire.png
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2e71365506ba1607f3b57b9196d7ea9f260f4651b7babdea2b6155e133cde40c

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 14:50:50 GMT
Server
nginx
ETag
W/"6697da4a-1abbf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:09 GMT
coupleanger.png
xtem.org/png/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/png/coupleanger.png
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
733a33aa773f84b04096950402f08095d4b76678b40835486716a808b4bf8185

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Mar 2023 09:25:32 GMT
Server
nginx
ETag
W/"6426a70c-26142"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:10 GMT
andrewfisher.png
xtem.org/png/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/png/andrewfisher.png
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
da87a13a6f90beb4e0e388962dab424543f9722c6cac4d4cc3ec0ebec0c45cbf

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Apr 2024 13:06:00 GMT
Server
nginx
ETag
W/"661931b8-1968a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:10 GMT
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:ital,wght@0,500;0,700;1,500;1,700;%7CBitter:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900;%7CSource+Serif+Pro:ital,wght@0,400;0,700;1,400;1,700;&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xtem.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 00:35:45 GMT
x-content-type-options
nosniff
age
17604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:14:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Jul 2025 00:35:45 GMT
rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v36/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bitter/v36/rax8HiqOu8IVPmn7f4xp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Display:ital,wght@0,500;0,700;1,500;1,700;%7CBitter:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900;%7CSource+Serif+Pro:ital,wght@0,400;0,700;1,400;1,700;&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xtem.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 20:29:47 GMT
x-content-type-options
nosniff
age
32362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33804
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 16:04:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 20:29:47 GMT
sei_213180423feb8.jpg
xtem.org/jpg/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/jpg/sei_213180423feb8.jpg
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c35e20171e50d2f2294c7ff97b32e0e485471b598a664f2549577f4ca65a2df

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 09:02:49 GMT
Server
nginx
ETag
W/"6698da39-18958"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:10 GMT
sei_2132237866645.jpg
xtem.org/jpg/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/jpg/sei_2132237866645.jpg
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d60b96ca5dbd56d50d1bc4c8323f14a4462dbcf16dbeb08c72c88bf2e57597a

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 09:02:51 GMT
Server
nginx
ETag
W/"6698da3b-bc2a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:10 GMT
sei_213174466_ffa3ca2ba1.jpg
xtem.org/jpg/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtem.org/jpg/sei_213174466_ffa3ca2ba1.jpg
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
faa2588ee93ab749ed56c678d5ff3310a5eda5b61bb37d087ed8686dc2aafe5c

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 09:02:54 GMT
Server
nginx
ETag
W/"6698da3e-103ba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 25 Aug 2024 05:29:10 GMT
collect
collect-v6.51.la/v6/ 		0
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: http://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Server
154.85.69.11 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:11 GMT
Server
nginx
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin
http://xtem.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Ser
BC173_dx-lt-yd-zhejiang-huzhou-3-cache-13, BC7_DE-Frankfurt-Frankfurt-11-cache-1
collect
collect-v6.51.la/v6/ 		0
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: http://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Server
154.85.69.11 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
Server
nginx
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin
http://xtem.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Ser
BC166_dx-lt-yd-zhejiang-huzhou-3-cache-13, BC7_DE-Frankfurt-Frankfurt-11-cache-1
v2-inews-3.min.js
inews.co.uk/rta2/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inews.co.uk/rta2/v2-inews-3.min.js
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1e6f9a2affcfe7820675c9f459ebdd7c3b0ec908c51a7be439d1b8a1c37eabf2
Security Headers
Name Value
Strict-Transport-Security max-age=600 ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600 ; preload
last-modified
Tue, 20 Jun 2023 09:24:14 GMT
server
AkamaiNetStorage
etag
"de43477407f5d99c12c3e676821abfbd:1687253054.979927"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=8731
accept-ranges
bytes
timing-allow-origin
*
content-length
8979
expires
Fri, 26 Jul 2024 07:54:41 GMT
door.js
uk-script.dotmetrics.net/ 		69 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=xtem.org&t=home
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:10 GMT
content-encoding
br
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA6-C1
etag
".xtem.org.home.303.2024072605"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
zDinH-Q7szm_-2w0AqBWlJGOVrNXZo4_kQ_GQZxnNbECTq-4Hb-jPw==
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128755582-162
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
476226592d6231ba3ddc73c486d598ff424801213f2a4f0f6907609c7940474d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72240
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Jul 2024 05:29:10 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B1HE1LBHLM
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd8e26d573d28e3f8be03c0d86787fec4dc16e7f5498651effef9ca8267a77b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102273
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jul 2024 05:29:10 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 26 Jul 2024 05:29:10 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1F77258FB2FF42A9B387FD32A5810837 Ref B: FRA31EDGE0208 Ref C: 2024-07-26T05:29:10Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
register.js
hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/ 		89 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f1a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4bba766bc64b527806cff888cd6abf00ce09f3821b003bdb74d756accea51571

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rs-ops
mol-fe-web-push-notification-c7-fe:8080
date
Fri, 26 Jul 2024 05:29:10 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
16631
service-worker-allowed
/
expires
Fri, 26 Jul 2024 05:29:10 GMT
locationjson-v1.3.html
inews.co.uk/geo/
Redirect Chain
  • http://inews.co.uk/geo/locationjson-v1.3.html
  • https://inews.co.uk/geo/locationjson-v1.3.html
99 B
787 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inews.co.uk/geo/locationjson-v1.3.html
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Server
2a02:26f0:480:c::210:f192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9c0964c3f89999c6ed72b228e6c41667cd37ded6329aa3887fb0cd7ba394fd88
Security Headers
Name Value
Strict-Transport-Security max-age=600 ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=600 ; preload
date
Fri, 26 Jul 2024 05:29:10 GMT
x-content-type-options
nosniff
server
AkamaiNetStorage
etag
"b5906465ca62431dd725f7f15fc6ad30:1587397792.400734"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=82
content-length
99
expires
Fri, 26 Jul 2024 05:30:32 GMT

Redirect headers

Date
Fri, 26 Jul 2024 05:29:10 GMT
X-Content-Type-Options
nosniff
Server
AkamaiGHost
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Location
https://inews.co.uk/geo/locationjson-v1.3.html
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Expires
Fri, 26 Jul 2024 05:29:10 GMT
56378606.js
bat.bing.com/p/action/ 		335 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56378606.js
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de0255536f9888ea101fde3bf45aa5d149ac777eef46d01b2a651483505ca690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 26 Jul 2024 05:29:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F24162436494F62969721FE1224BDD9 Ref B: FRA31EDGE0208 Ref C: 2024-07-26T05:29:10Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
destination
www.googletagmanager.com/gtag/ 		296 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-B1HE1LBHLM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128755582-162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dfbad3d372b602151d730d8d8817cd2cdc0a8e9b0ab7182e63ba042efd089ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:29:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102302
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jul 2024 05:29:11 GMT
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56378606&Ver=2&mid=e2b618db-f383-4d7c-af30-e85023feb782&sid=fcd88f504b0f11ef9402d39d0ffc45ca&vid=fcd877e04b0f11efa9f6090950c33639&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=168%E5%B9%B8%E8%BF%90%E9%A3%9E%E8%A1%8C%E8%89%87%E5%8E%86%E5%8F%B2%E5%BC%80%E5%A5%96%E6%9F%A5%E8%AF%A2%E7%BB%93%E6%9E%9C-%E6%96%B0168%E9%A3%9E%E8%A1%8C%E8%89%87%E5%BC%80%E5%A5%96%E6%9F%A5%E8%AF%A2%E8%AE%B0%E5%BD%95%E5%AE%98%E7%BD%91-%E5%B9%B8%E8%BF%90%E9%A3%9E%E8%A1%8C%E8%89%87%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E7%9B%B4%E6%92%AD%E6%9F%A5%E8%AF%A2%E7%BB%9F%E4%B8%80%E7%BB%93%E6%9E%9C-inews&p=http%3A%2F%2Fxtem.org%2F&r=&lt=2816&evt=pageLoad&sv=1&cdb=AQAQ&rn=433093
Requested by
Host: xtem.org
URL: http://xtem.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jul 2024 05:29:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 53EC1D61EF324BCDACE6A87B65D51343 Ref B: FRA31EDGE0208 Ref C: 2024-07-26T05:29:11Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
dmg-libs.anm.co.uk/a/1.20.0/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dmg-libs.anm.co.uk/a/1.20.0/config.js
Requested by
Host: xtem.org
URL: http://xtem.org/js/client9dd1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:628d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/javascript
strict-transport-security
max-age=86400
content-encoding
gzip
cache-control
max-age=26714382
date
Fri, 26 Jul 2024 05:29:14 GMT
vary
Accept-Encoding
expires
Sat, 31 May 2025 10:08:56 GMT
3
rta2.inews.co.uk/s/ 		426 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://rta2.inews.co.uk/s/3
Requested by
Host: inews.co.uk
URL: https://inews.co.uk/rta2/v2-inews-3.min.js
Protocol
HTTP/1.1
Server
2a02:26f0:480:c::210:f185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a33d1531d26c85c95913ab928badf0e1454c5fb15a3f5ba4936abbcd757b008

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-rs-ops
metro-rta-c2-fe:3000
Date
Fri, 26 Jul 2024 05:29:14 GMT
ETag
W/"1aa-MRKYFSh2QqWNgUy4ZBT1S6HTUU0"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://xtem.org
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
Content-Length
426
Expires
Fri, 26 Jul 2024 05:29:14 GMT
favicon.ico
xtem.org/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
http://xtem.org/favicon.ico
Protocol
HTTP/1.1
Server
35.241.64.98 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.64.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
http://xtem.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:29:14 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6699fe54-e3b0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| PageContext object| adverts object| newsletterLists function| getEmailList function| getEmailListByClassName object| LA string| ss object| cX object| ari object| googletag object| OBREvents function| __pctx_connection__ number| laWaitTime object| dm object| dataLayer function| gtag object| customDimensions object| tp object| uetq object| SailthruUtil object| InewsSubscriptionActions object| rm_trans object| CustomHelper object| iNewsShareTools object| CookiesUtil object| NewsLetterCookiesUtil object| RTA function| UET function| UET_init function| UET_push object| ueto_4df3f77e5d object| google_tag_manager object| google_tag_data object| hulk function| onYouTubeIframeAPIReady object| PageCriteria object| gaGlobal

14 Cookies

Domain/Path Name / Value
xtem.org/ Name: __vtins__JWt5y7kp2GoqVv83
Value: %7B%22sid%22%3A%20%225027178a-bae8-5833-8300-b8a1553fabf9%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201721973550011%2C%20%22ct%22%3A%201721971750011%7D
xtem.org/ Name: __51uvsct__JWt5y7kp2GoqVv83
Value: 1
xtem.org/ Name: __51vcke__JWt5y7kp2GoqVv83
Value: 466e6e60-e655-51cd-87c0-fea4d9bf0c53
xtem.org/ Name: __51vuft__JWt5y7kp2GoqVv83
Value: 1721971750016
xtem.org/ Name: __vtins__K2zfbHgNSpmcnBGY
Value: %7B%22sid%22%3A%20%2201f23a0b-a1b3-5dab-b6fe-fb77dadde028%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201721973550024%2C%20%22ct%22%3A%201721971750024%7D
xtem.org/ Name: __51uvsct__K2zfbHgNSpmcnBGY
Value: 1
xtem.org/ Name: __51vcke__K2zfbHgNSpmcnBGY
Value: 5bdcadf1-317c-50f1-9a2f-a93612f81e69
xtem.org/ Name: __51vuft__K2zfbHgNSpmcnBGY
Value: 1721971750026
xtem.org/ Name: _pc_gdprConsent
Value: not_supported
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=9015b368-0100-4bcd-a3f8-27239fceac3f&Created=07/26/2024 05:29:10&UserMode=0&guid=ead0eefd-85b1-4a27-b9f8-166b8bb21a59&ver=1
.xtem.org/ Name: _uetsid
Value: fcd88f504b0f11ef9402d39d0ffc45ca
.xtem.org/ Name: _uetvid
Value: fcd877e04b0f11efa9f6090950c33639
.bing.com/ Name: MUID
Value: 286CAB7FDC966B282385BFB7DD1D6A08

3 Console Messages

Source Level URL
Text
network error URL: http://collect-v6.51.la/v6/collect?dt=4
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: http://collect-v6.51.la/v6/collect?dt=4
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: http://xtem.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

138988h.com
bat.bing.com
bd51static.com
collect-v6.51.la
dmg-libs.anm.co.uk
fonts.googleapis.com
fonts.gstatic.com
hulkprod.anm.co.uk
inews.co.uk
rta2.inews.co.uk
sdk.51.la
uk-script.dotmetrics.net
www.googletagmanager.com
xtem.org
154.85.69.11
154.85.69.6
172.67.209.186
2620:1ec:c11::237
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a02:26f0:480:23::1726:628d
2a02:26f0:480:c::210:f185
2a02:26f0:480:c::210:f190
2a02:26f0:480:c::210:f192
2a02:26f0:480:c::210:f1a1
35.215.162.237
35.241.64.98
99.86.4.88
072e8734643d32181242da162addd46f80bbdf449faab7c6550cabde13dad42c
1e6f9a2affcfe7820675c9f459ebdd7c3b0ec908c51a7be439d1b8a1c37eabf2
20e033a3cebf1e5b8ff97f6372d3a3425fc024601a3123498e376aeaeee425cc
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
2d60b96ca5dbd56d50d1bc4c8323f14a4462dbcf16dbeb08c72c88bf2e57597a
2e71365506ba1607f3b57b9196d7ea9f260f4651b7babdea2b6155e133cde40c
43a0e90f00a0fd7d5630c5200c1ac0faac53efccb92197b2ee8cb5614d9b875d
476226592d6231ba3ddc73c486d598ff424801213f2a4f0f6907609c7940474d
49e88d565c0abd7dec3abc95e843cdcc280576e89dec9666d8278df56b458d15
4bba766bc64b527806cff888cd6abf00ce09f3821b003bdb74d756accea51571
6c3b9b66347894a353b6099e3f5268da4cc6f001c656b8061531710cbeefc3ff
710837bbd0f471356c5ea8fa53770a38ad6e4ccb135168c90fdbc0f33aef0ad3
733a33aa773f84b04096950402f08095d4b76678b40835486716a808b4bf8185
735566526b6ede07ea9663dff07f6e74f4c2547023155625dcc94fbf333219c9
7c35e20171e50d2f2294c7ff97b32e0e485471b598a664f2549577f4ca65a2df
7dfbad3d372b602151d730d8d8817cd2cdc0a8e9b0ab7182e63ba042efd089ea
7f953e23d6ec8852a33837cf8a6954002aed3a19c957c36776d16470f9df49d7
9a33d1531d26c85c95913ab928badf0e1454c5fb15a3f5ba4936abbcd757b008
9c0964c3f89999c6ed72b228e6c41667cd37ded6329aa3887fb0cd7ba394fd88
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
cd8e26d573d28e3f8be03c0d86787fec4dc16e7f5498651effef9ca8267a77b5
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
da87a13a6f90beb4e0e388962dab424543f9722c6cac4d4cc3ec0ebec0c45cbf
de0255536f9888ea101fde3bf45aa5d149ac777eef46d01b2a651483505ca690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dce0ac1351e76cba4fdda6664f2e9dc5107ec09ec722dce74a80f02d6467f2
faa2588ee93ab749ed56c678d5ff3310a5eda5b61bb37d087ed8686dc2aafe5c