urlscan.io logo urlscan.io
SecurityTrails logo

telegraph.sextgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://darknet.na.to/
Effective URL: http://telegraph.sextgem.com/
Submission: On February 13 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 30 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is telegraph.sextgem.com.
This is the only time telegraph.sextgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 115.68.227.7 38700 (SMILESERV...)
1 54.36.158.42 16276 (OVH)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
3 145.239.87.148 16276 (OVH)
5 141.94.172.213 16276 (OVH)
3 62.122.171.6 50245 (SERVEREL-AS)
1 172.104.29.90 63949 (LINODE-AP...)
1 2620:116:800d... 16509 (AMAZON-02)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.174.135.17 39572 (ADVANCEDH...)
1 2 2600:9000:215... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
30 17
1    115.68.227.7 (Korea, Republic Of)

ASN38700 (SMILESERV-AS-KR SMILESERV, KR)
darknet.na.to
1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
telegraph.sextgem.com
2    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl14439255.cpmprofitablenetwork.com
2    2606:4700:3032::ac43:a3af (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popmyads.com
popmyads.com
3    145.239.87.148 (Servian, France)

ASN16276 (OVH, FR)
PTR: 148.ip-145-239-87.eu
telegcrack.com
5    141.94.172.213 (France)

ASN16276 (OVH, FR)
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
3    62.122.171.6 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 62.122.171.6.serverel.net
terrapsps.com
1    172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com
www.supercounters.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
6    2606:4700:3036::ac43:9de1 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.clbjmp.com
go.clbjmp.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    213.174.135.17 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
thumb-p6.xhcdn.com
2    2600:9000:2156:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2606:4700::6812:1b5c (United States)

ASN13335 (CLOUDFLARENET, US)
video.ktkjmp.com
Apex Domain
Subdomains		 Transfer
6 clbjmp.com
creative.clbjmp.com
go.clbjmp.com
2 MB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 10389
pixel.quantserve.com — Cisco Umbrella Rank: 374
11 KB
3 terrapsps.com
terrapsps.com — Cisco Umbrella Rank: 645427
28 KB
3 xtgem.com
xtgem.com — Cisco Umbrella Rank: 268365
25 KB
3 telegcrack.com
telegcrack.com
289 KB
3 supercounters.com
widget.supercounters.com — Cisco Umbrella Rank: 197016
www.supercounters.com — Cisco Umbrella Rank: 188464
4 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
856 B
2 xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
656 B
2 popmyads.com
cdn.popmyads.com — Cisco Umbrella Rank: 553553
popmyads.com — Cisco Umbrella Rank: 70999
36 KB
1 ktkjmp.com
video.ktkjmp.com — Cisco Umbrella Rank: 30752
757 B
1 xhcdn.com
thumb-p6.xhcdn.com — Cisco Umbrella Rank: 186004
5 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 cpmprofitablenetwork.com
pl14439255.cpmprofitablenetwork.com
1 sextgem.com
telegraph.sextgem.com
9 KB
1 na.to
darknet.na.to
4 KB
30 15
Domain Requested by
4 creative.clbjmp.com telegraph.sextgem.com
creative.clbjmp.com
3 terrapsps.com telegraph.sextgem.com
terrapsps.com
3 xtgem.com telegraph.sextgem.com
3 telegcrack.com telegraph.sextgem.com
2 go.clbjmp.com creative.clbjmp.com
2 pixel.quantserve.com 1 redirects telegraph.sextgem.com
2 rules.quantcount.com 1 redirects telegraph.sextgem.com
2 widget.supercounters.com telegraph.sextgem.com
1 video.ktkjmp.com creative.clbjmp.com
1 thumb-p6.xhcdn.com telegraph.sextgem.com
1 fonts.googleapis.com telegraph.sextgem.com
1 cif.images.xtstatic.com telegraph.sextgem.com
1 enif.images.xtstatic.com telegraph.sextgem.com
1 edge.quantserve.com telegraph.sextgem.com
1 www.supercounters.com widget.supercounters.com
1 popmyads.com telegraph.sextgem.com
1 cdn.popmyads.com 1 redirects
1 pl14439255.cpmprofitablenetwork.com telegraph.sextgem.com
1 telegraph.sextgem.com darknet.na.to
1 darknet.na.to
30 20

This site contains links to these domains. Also see Links.

Domain
cpmlink.net
ouo.io
adultchat.mobie.in
sextgem.com
Subject Issuer Validity Valid
telegcrack.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-10 -
2022-07-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.xtgem.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.xhcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-10-22		 a year crt.sh
terrapsps.com
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
video.ktkjmp.com
Cloudflare Inc ECC CA-3		 2021-09-01 -
2022-08-31		 a year crt.sh

This page contains 5 frames:

Primary Page: http://telegraph.sextgem.com/
Frame ID: CF0AD48BFD87A202A1BAC2C59DCDDFCE
Requests: 24 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 511B73BE996B560145624EE18DCB5C00
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 1BC2E283881B92E716D50CB2EB84CABB
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
Frame ID: 701EB63952DE0791008FDD6C37A60390
Requests: 7 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90ZWxlZ3JhcGguc2V4dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidGVsZWdyYXBoLnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: 3B4961C59137ABCB250441E71728C50C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Поиск по Telegra.ph - Telegra.ph Crack!

Page URL History Show full URLs

  1. http://darknet.na.to/ Page URL
  2. http://telegraph.sextgem.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

30
Requests

50 %
HTTPS

50 %
IPv6

15
Domains

20
Subdomains

17
IPs

5
Countries

7038 kB
Transfer

7327 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://darknet.na.to/ Page URL
  2. http://telegraph.sextgem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cdn.popmyads.com/pma.js HTTP 301
  • https://popmyads.com/x/pma
Request Chain 25
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 26
  • http://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=0;et=1644773281137;tzo=0;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article HTTP 301
  • https://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=0;et=1644773281137;tzo=0;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
darknet.na.to/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://darknet.na.to/
Protocol
HTTP/1.1
Server
115.68.227.7 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.6.32
Resource Hash
1a2a1c8d96fb3dfcdda93372681cfec47c5df30a75d0c668b3f5a3cd0aba5476

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 13 Feb 2022 17:28:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.6.32
P3P
CP=\"ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI\"
Expires
Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified
Sun, 13 Feb 2022 17:28:26 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Connection
close
Content-Length
3432
Content-Type
text/html; charset=UTF-8
Primary Request /
telegraph.sextgem.com/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://telegraph.sextgem.com/
Requested by
Host: darknet.na.to
URL: http://darknet.na.to/
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
75d7d890a4c73f826b999016d373e825aa47b5a73d0989d7efe69376841fc71c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://darknet.na.to/

Response headers

Date
Sun, 13 Feb 2022 17:27:54 GMT
Vary
Host,Accept-Encoding
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
8979
Connection
close
Content-Type
text/html;charset=UTF-8
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.supercounters.com/ssl/online_i.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:59 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
565
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Tue, 11 Jul 2017 06:49:04 GMT
Server
cloudflare
ETag
W/"596474e0-109e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0vidDlWZ%2F0bZaZcrSXNPHtG5C9X7hFdkR6MN0qAzWAOkCZewp8vCpCokOntsgOeZZFIoN2oNz9Mx6%2Ffd8paWVv6eOGcgAa%2BAH%2FDWNrMytGzy1EHIrhvvNnF25ZLj%2BHT5%2BH1GAzVjuEFTsBlGymyRlGHY0C%2B7DQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6dcfc542da72918c-FRA
6681482ac079a3a43337440e3bd22456.js
pl14439255.cpmprofitablenetwork.com/66/81/48/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl14439255.cpmprofitablenetwork.com/66/81/48/6681482ac079a3a43337440e3bd22456.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 13 Feb 2022 17:28:00 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pma
popmyads.com/x/
Redirect Chain
  • https://cdn.popmyads.com/pma.js
  • https://popmyads.com/x/pma
92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/x/pma
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Server
2606:4700:3032::ac43:a3af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
bf0b2ae182d130ee38122d92e4aee80c9e19f6ac2d8843e0a5b9ec1279dc0257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:27:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSucInWvqXovH57HJLlJe%2FQlXtfhyS%2B%2FwbbuN3a65n41eXsy%2BwWjkTUxltO5t5ZiMweI0jGGxCiw4Mf6cf0Tl4c%2FjNRPoHODYMiIDlWWE7R243tPpAGqxVg8pNnKuriYcH3gOP%2B7F9W5Pvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6dcfc5443ee494f8-LIS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 13 Feb 2022 17:27:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
648
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FH5%2FxDauB92GLGhK8E1%2BqeULN%2Brrk5hEstE0oO0ejvPr3vSDtpTKmpQ6%2B6AWDir%2BTYc97DJoPZ3dHwgDZjqmScK3%2B0BBFPQoXa3xJRnPs3gE3Yps6%2B5cLshO%2FllKdLOFVCdRkS4QXnvHJNsPvfH"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://popmyads.com/x/pma
cache-control
max-age=14400
cf-ray
6dcfc543ad6694f8-LIS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.css
telegcrack.com/ 		210 KB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegcrack.com/fonts.css
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 Servian, France, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips /
Resource Hash
a3bf31506502354e9f145ca0da7a5c29d58d82d6ad74beeba0bb7262303bc438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:43 GMT
Last-Modified
Tue, 30 Oct 2018 03:29:16 GMT
Server
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips
ETag
"3477f-57969ca50bc68"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=3
Content-Length
214911
btc.png
telegcrack.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegcrack.com/btc.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 Servian, France, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips /
Resource Hash
1e26e95d7649fc3474705a55f9853cd78d3e418efacedce9e171e7d38060a928

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:43 GMT
Last-Modified
Thu, 07 Sep 2017 19:08:16 GMT
Server
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips
ETag
"80e-5589e2ec9a020"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=3
Content-Length
2062
icon20x24px-Fireworks.png
telegcrack.com/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegcrack.com/icon20x24px-Fireworks.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 Servian, France, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips /
Resource Hash
47bbb9eb0b0b73193856fe6f8ba611a5aafad51dcda21a7fefe2b4a5a53920ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:43 GMT
Last-Modified
Mon, 12 Nov 2018 02:13:15 GMT
Server
Apache/2.4.6 (CentOS) PHP/8.1.1 OpenSSL/1.0.2k-fips
ETag
"12f59-57a6e3e63dae0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=3
Content-Length
77657
indiandesibhabi.png
xtgem.com/images/xtvid/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/xtvid/indiandesibhabi.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:59 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"52ff-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
21247
Expires
Tue, 15 Mar 2022 17:27:59 GMT
brt.js
terrapsps.com/t/9/fret/meow4/1255387/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://terrapsps.com/t/9/fret/meow4/1255387/brt.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
956e42e4ae5359899b455870064ed88d02da128f2eeafeeb933d6d7e2d2fa3ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Feb 2022 13:58:02 GMT
Server
nginx
ETag
W/"6201256a-10d77"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
fc.php
www.supercounters.com/ 		29 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=http%3A%2F%2Fdarknet.na.to%2F&url=http%3A%2F%2Ftelegraph.sextgem.com%2F&sw=1600&sh=1200&rand=54
Requested by
Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.20.1 / PHP/7.4.13
Resource Hash
cb1069628c53cce5996610c8881924042ae76a0a81e517cd48223e851b4d738d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:59 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
e61c1c.png
widget.supercounters.com/images/online/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widget.supercounters.com/images/online/e61c1c.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:27:59 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
334
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
568
last-modified
Thu, 13 Jan 2022 06:43:21 GMT
Server
cloudflare
etag
"61dfca09-238"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4qDEGjHzdBUrbdbbZLoPM%2FpvxKsu%2BB4IyXNg8kGoG6TDbiyVWChKIgEfnZqEnJ80PGJWkwk0rk7vArY32z%2Fo6RQj097Pr%2FLlxUBe4Nqju%2FxbA3E7McnsHMDjAEDNFR%2FVTLIw9MgV6iuRZ4kUe7RWmsdqpTlhdY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6dcfc5446eec918c-FRA
quant.js
edge.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
Content-Encoding
gzip
Etag
"yoD6mq4JTyPdtDBolW+GUg=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sun, 20 Feb 2022 17:28:01 GMT
tp.gif
enif.images.xtstatic.com/ Frame 511B 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/

Response headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Accept-Ranges
bytes
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 15 Mar 2022 17:28:01 GMT
Connection
close
Content-Type
image/gif
tp.gif
cif.images.xtstatic.com/ Frame 1BC2 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/

Response headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Accept-Ranges
bytes
Content-Length
42
Cache-Control
max-age=2592000
Expires
Tue, 15 Mar 2022 17:28:01 GMT
Connection
close
Content-Type
image/gif
wrapper
creative.clbjmp.com/widgets/ Frame 701E 		709 B
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae83dd63cbc3778be58bb89ced6e575b29e6c6060b703edbef25963b36136358

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
content-type
text/html
last-modified
Fri, 11 Feb 2022 10:49:24 GMT
expires
Sun, 13 Feb 2022 17:28:11 GMT
cache-control
max-age=10
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dcfc54fbb196903-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81e8023d4e7ece3d2dee8179706bb3e7b4c308cf54b16e351590d9d0512ca80c

Request headers

Referer
Origin
http://telegraph.sextgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f53089e15c3883217cfa9e97551b8d3a952c2869d99dea69a7e1543ed4d9d82f

Request headers

Referer
Origin
http://telegraph.sextgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53e62aea15e58d342e737f4a769819258968a39bcee433432fe1ae7bf4776a3d

Request headers

Referer
Origin
http://telegraph.sextgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce374a48ba0dba1231039953c1d43eb6fd8a64c48fef6b0f1b058c1e06adde4

Request headers

Referer
Origin
http://telegraph.sextgem.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/opentype
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:100,200,300,400,500,600,700,800,900
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87eaac0ae93a3456c703d86755c66a4501b29e994edc922c5788b93bfd28a26a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Feb 2022 16:23:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Feb 2022 17:28:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Feb 2022 17:28:01 GMT
__xt_authbar
xtgem.com/ Frame 3B49 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90ZWxlZ3JhcGguc2V4dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidGVsZWdyYXBoLnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1ecee580c8b29a6fa20ac31ca99d53bfc66638186413a973c27c762238c23458

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/

Response headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2793
Content-Type
text/html; charset=UTF-8
076_1000.gif
thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/076_1000.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.17 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
last-modified
Mon, 04 Jun 2018 20:38:19 GMT
server
nginx/1.18.0
etag
"5b15a33b-4831b2"
content-type
image/gif
expires
Mon, 14 Feb 2022 17:28:01 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
4731314
x-proxy-cache
HIT
solid.gif
terrapsps.com/ 		43 B
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://terrapsps.com/solid.gif?z=1255387
Requested by
Host: terrapsps.com
URL: http://terrapsps.com/t/9/fret/meow4/1255387/brt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
x-route-id
stats.tag.loaded
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
1255387
terrapsps.com/get/ 		37 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://terrapsps.com/get/1255387?zoneid=1255387&jp=_clw6xsl45yygtqehyvnuvx&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=2
Requested by
Host: terrapsps.com
URL: http://terrapsps.com/t/9/fret/meow4/1255387/brt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-encoding
gzip
date
Sun, 13 Feb 2022 17:28:01 GMT
x-route-id
config
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript
close2.png
xtgem.com/images/ 		564 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"234-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
Expires
Tue, 15 Mar 2022 17:28:01 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Server
2600:9000:2156:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 04:49:34 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
age
45648
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
5PWbup-h5hWpdKczb-uXau_LfJcrb9V8r4q2o57uK-rXWmIBDGKqzw==

Redirect headers

Date
Sun, 13 Feb 2022 17:28:01 GMT
Via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
NBXQgXXimrHk1FP_lzTUeqqPK_VYvAeIyeadc4R__DMLrJc4W4ZNlw==
pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-2...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;n...
  • https://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=0;et=1644773281137;tzo=0;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 17:28:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1576057740;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;uht=2;fpan=1;fpa=P0-1814448816-1644773281137;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=0;et=1644773281137;tzo=0;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article
Date
Sun, 13 Feb 2022 17:28:01 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Mon, 14 Feb 2022 17:28:01 GMT
index.f82f26342e4c6f67b4f0.js
creative.clbjmp.com/widgets/wrapper/ Frame 701E 		187 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.clbjmp.com/widgets/wrapper/index.f82f26342e4c6f67b4f0.js
Requested by
Host: creative.clbjmp.com
URL: https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f79a782326a758a25027ae99d35a8aae13a868bc5b23317018de062ec21492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Fri, 11 Feb 2022 10:55:04 GMT
server
cloudflare
etag
W/"62064088-2ecb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMGS91QR7z8wypkDbJ3r%2ByuhHf0kd2Y2pfhFjgVBnxIPov5grYYU7nt2ZzssivYul%2Bun2ncAAG%2BcqQsJp8aNHGzjUZDFe3UeK09FIM7kAYpFgEd7XRZP3CR3GhJrHqUb4lti5JUFdRniiz02X8%2FI%2FCYO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
6dcfc5502c1f6903-FRA
expires
Sun, 13 Feb 2022 17:28:11 GMT
adsbygoogle.js
video.ktkjmp.com/ Frame 701E 		15 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.clbjmp.com
URL: https://creative.clbjmp.com/widgets/wrapper/index.f82f26342e4c6f67b4f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae00ef0c3cad865292bddd84e598ce65718d08deaa725d13943434c1e25a24b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
cf-cache-status
HIT
age
2847
content-length
15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TA7NHMH0CMW1QZYG
x-amz-id-2
Hdk2eYMCf89wPjxn8BTG1Sc3ZuIlGRtw21dF4+pjfeo0sgW6MFxcK0depgI0+WQZ7ooD3XypKc0=
last-modified
Fri, 12 Nov 2021 09:03:23 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1636707781/ctime:1636707779/gid:20/gname:staff/md5:5cb148ac593f7f7c3e9c91a2f826af19/mode:33188/mtime:1636707779/uid:501/uname:mikhailchubar
etag
"5cb148ac593f7f7c3e9c91a2f826af19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.clbjmp.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-amz-version-id
Yl.GJwNpYUCzLR8MtJYw3i7MpV0v1e7Q
accept-ranges
bytes
cf-ray
6dcfc55348b16983-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sun, 13 Feb 2022 21:28:01 GMT
config
go.clbjmp.com/ Frame 701E 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.clbjmp.com/config?url=https%3A%2F%2Fcreative.clbjmp.com%2Fwidgets%2Fwrapper%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154%26campaignId%3Dcd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382%26b%3D8f0e4664.gif%26path%3D%252Fsignup%26language%3Den
Requested by
Host: creative.clbjmp.com
URL: https://creative.clbjmp.com/widgets/wrapper/index.f82f26342e4c6f67b4f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f69efb35c40a984ae312d4b903368ce981be8f3bc374bf07a203864ed9c8538

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend
sa-go-echo-06.novalocal
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWMrJQ93BJK3uD4NHdWljVVjfHcncbsLcgtrQrRnKyRfqV%2Fst%2FjP48aue71%2BzzypTe75B0oR%2Ba3hBb6tz%2FBKnSLfv2KmnrOeD09sWnoHXQQ8CEJOWvNonVsCTPeLJyhNlW0MLiR1hDBBdl6K"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
6dcfc5539f46e839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
8f0e4664.gif
creative.clbjmp.com/b/ Frame 701E 		920 KB
921 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.clbjmp.com/b/8f0e4664.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6d6a7d616a219ff59d09865181024bf999e6eb1f61d73aa4d55b5607864e25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
attachment
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
941978
last-modified
Fri, 11 Feb 2022 10:49:27 GMT
server
cloudflare
etag
"62063f37-e5f9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9b62W0s8ELOCZGCePZl23ITw0kSvNxu9Oao7geJ80PvrXP41hy2jHfsxXmx%2FzbaovSaxEXhPVdOyETGTDEBn7UlDmJWWIjn7hs9pBrggw8KLykhtZtcRE0c64FBcZrHvvKmRi052WqW%2BtUBPF7Er4lO"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dcfc554adcc9226-FRA
expires
Sun, 13 Feb 2022 17:28:12 GMT
eye.gif
go.clbjmp.com/ Frame 701E 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.clbjmp.com/eye.gif?e=dXNlcklkPTM0Nzc4MzQwN2JjYWZmZDQzOTA0NGUxYzlkNDc3ODdkZjA0NGRlOWRlZjIwOThlNDhkMWI5MjUwYTcxYzkxNTQmY2FtcGFpZ25JZD1jZDA5ZjNiOTRhNmI3MWZhODYxYjJhYTEyODZhYmJlZDlmOTllOTEyMjdiZWQxNWM5NWQ4MDEwNmIyNjdhMzgyJnBhdGg9JTJGc2lnbnVwJmxhbmd1YWdlPWVuJmJhbm5lcj0xMjB4NjAwJTJGZW5nbGlzaCUyRjMuZ2lmJm1vZGVsc0NvdW50PTAmcmVmZXJyZXImaT0wJmliPTA%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend
sa-go-foxtrot-01.novalocal
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK4NR4xUgtxeuDV7USFqZWi4NXHl1NcYs3LAywSmV0TILDKSKbhZSCgJNCTsZf9WCWzRikHy4H5Tf5n7JwM8M8veQS2zVHtII2mNT7U%2B2WLNWeYJJTMzYhSEPJfdbDX%2FmkjqrAXcBoSC1CZn"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cf-ray
6dcfc55639519226-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103
server
cloudflare
8f0e4664.gif
creative.clbjmp.com/b/ Frame 701E 		920 KB
921 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.clbjmp.com/b/8f0e4664.gif
Requested by
Host: creative.clbjmp.com
URL: https://creative.clbjmp.com/widgets/wrapper/index.f82f26342e4c6f67b4f0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6d6a7d616a219ff59d09865181024bf999e6eb1f61d73aa4d55b5607864e25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 17:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-disposition
attachment
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
941978
last-modified
Fri, 11 Feb 2022 10:49:27 GMT
server
cloudflare
etag
"62063f37-e5f9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp%2FS3Iv3zQaYsAm46PDKV6rFTY0DzVkqsQZOw71ju%2By2Qxq4sy8vmFFp%2FdUVflypQyb08G9RJzXNDw5n8QS9qG%2FF5VsEWTH9H1XugDvLCKtGpvPlxTeCTT0KL97StFTc06zu6cuEJogqMTj37jujokZe"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dcfc55639529226-FRA
expires
Sun, 13 Feb 2022 17:28:12 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg string| pmauid string| pmawid string| fq function| C9AA function| b9ff function| H5GG function| g9ff function| o8LL function| o2 number| y6AAAA function| I8LL function| _0x34b1 function| _0x3e42 string| d661de8d22 function| d2KK object| KKWMKSAIIWASM number| realBrowser number| fqq object| _qevents boolean| cookies number| click_cnt function| ClickUnder number| L8llll function| F5PP function| G2y function| z5PP undefined| handleException function| d2ii function| _clw6xsl45yygtqehyvnuvx number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| zfgloadedpopup

7 Cookies

Domain/Path Name / Value
.sextgem.com/ Name: _xta_uid
Value: dbc2bcf24432c2d0bacede634c9e63ec
.sextgem.com/ Name: _xta_vid
Value: 8b31508275ee9ab32acd7aec293536eb-1644773278
.popmyads.com/ Name: __cf_bm
Value: vVQ6LnbWJEbe2BQFTxzcJK9FFfK3bD.zcjv_mLGtsqI-1644773279-0-ARizLbzW9dEFmv8So1lmUCJQ0I2kYJZIdCS0zy0TV4GRm98ZqbrQDri5HA+Ahis/YB93lnEXUEkkRhSPNIwunXU=
telegraph.sextgem.com/ Name:
Value: test
terrapsps.com/ Name: UID
Value: 22021312289c0678ce9da14ab3bc9e9ff7fe
.quantserve.com/ Name: mc
Value: 62093fa1-c6a76-572c8-a6968
.sextgem.com/ Name: __qca
Value: P0-1814448816-1644773281137

1 Console Messages

Source Level URL
Text
network error URL: http://pl14439255.cpmprofitablenetwork.com/66/81/48/6681482ac079a3a43337440e3bd22456.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.popmyads.com
cif.images.xtstatic.com
creative.clbjmp.com
darknet.na.to
edge.quantserve.com
enif.images.xtstatic.com
fonts.googleapis.com
go.clbjmp.com
pixel.quantserve.com
pl14439255.cpmprofitablenetwork.com
popmyads.com
rules.quantcount.com
telegcrack.com
telegraph.sextgem.com
terrapsps.com
thumb-p6.xhcdn.com
video.ktkjmp.com
widget.supercounters.com
www.supercounters.com
xtgem.com
115.68.227.7
141.94.172.213
145.239.87.148
172.104.29.90
192.243.59.20
213.174.135.17
2600:9000:2156:f400:6:44e3:f8c0:93a1
2606:4700:3032::ac43:a3af
2606:4700:3036::ac43:9de1
2606:4700::6812:1b5c
2620:116:800d:21:36a9:ecb:e518:b308
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:82b::200a
2a06:98c1:3121::7
54.36.158.42
62.122.171.6
0ae00ef0c3cad865292bddd84e598ce65718d08deaa725d13943434c1e25a24b
1a2a1c8d96fb3dfcdda93372681cfec47c5df30a75d0c668b3f5a3cd0aba5476
1e26e95d7649fc3474705a55f9853cd78d3e418efacedce9e171e7d38060a928
1ecee580c8b29a6fa20ac31ca99d53bfc66638186413a973c27c762238c23458
24f79a782326a758a25027ae99d35a8aae13a868bc5b23317018de062ec21492
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
47bbb9eb0b0b73193856fe6f8ba611a5aafad51dcda21a7fefe2b4a5a53920ef
4ce374a48ba0dba1231039953c1d43eb6fd8a64c48fef6b0f1b058c1e06adde4
53e62aea15e58d342e737f4a769819258968a39bcee433432fe1ae7bf4776a3d
6f69efb35c40a984ae312d4b903368ce981be8f3bc374bf07a203864ed9c8538
75d7d890a4c73f826b999016d373e825aa47b5a73d0989d7efe69376841fc71c
81e8023d4e7ece3d2dee8179706bb3e7b4c308cf54b16e351590d9d0512ca80c
87eaac0ae93a3456c703d86755c66a4501b29e994edc922c5788b93bfd28a26a
93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
956e42e4ae5359899b455870064ed88d02da128f2eeafeeb933d6d7e2d2fa3ec
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3bf31506502354e9f145ca0da7a5c29d58d82d6ad74beeba0bb7262303bc438
ae83dd63cbc3778be58bb89ced6e575b29e6c6060b703edbef25963b36136358
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
bf0b2ae182d130ee38122d92e4aee80c9e19f6ac2d8843e0a5b9ec1279dc0257
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6d6a7d616a219ff59d09865181024bf999e6eb1f61d73aa4d55b5607864e25
cb1069628c53cce5996610c8881924042ae76a0a81e517cd48223e851b4d738d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f53089e15c3883217cfa9e97551b8d3a952c2869d99dea69a7e1543ed4d9d82f