www.kushgems.com Open in urlscan Pro
173.249.59.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kushgems.com/
Effective URL:
http://www.kushgems.com/
Submission: On December 15 via api (December 15th 2018, 12:21:45 am UTC) from DE

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 28 HTTP transactions. The main IP is 173.249.59.55, located in Auburn, United States and belongs to CONTABO, DE. The main domain is www.kushgems.com.

This is the only time www.kushgems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	173.249.59.55 173.249.59.55	51167 (CONTABO) (CONTABO)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	93.93.53.199 93.93.53.199	34655 (DOCLER-AS) (DOCLER-AS)
2	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
2	93.93.51.195 93.93.51.195	34655 (DOCLER-AS) (DOCLER-AS)
4	91.208.175.118 91.208.175.118	47836 (ACWEB-AS) (ACWEB-AS)
1	104.20.2.47 104.20.2.47	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.20.3.47 104.20.3.47	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
28	8

16 173.249.59.55 (Auburn, United States) 2 redirects

ASN51167 (CONTABO, DE)
PTR: ip-55-59-249-173.static.contabo.net

kushgems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kushgems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.93.53.199 (Luxembourg) 1 redirects

ASN34655 (DOCLER-AS, HU)

promo.awempire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, HU)

awempt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.ptawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.93.51.195 (Luxembourg)

ASN34655 (DOCLER-AS, HU)

static.awempire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.208.175.118 (Rotterdam, Netherlands)

ASN47836 (ACWEB-AS, NL)

img6.wlresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.2.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.3.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kushgems.com 2 redirects kushgems.com www.kushgems.com	279 KB
4	wlresources.com img6.wlresources.com	57 KB
3	gstatic.com fonts.gstatic.com	29 KB
3	awempire.com 1 redirects promo.awempire.com static.awempire.com	48 KB
2	statcounter.com www.statcounter.com c.statcounter.com	11 KB
1	ptawe.com pt.ptawe.com
1	awempt.com awempt.com	6 KB
1	googleapis.com fonts.googleapis.com	1 KB
28	8

	Domain	Requested by
14	www.kushgems.com	www.kushgems.com
4	img6.wlresources.com	www.kushgems.com
3	fonts.gstatic.com	www.kushgems.com
2	static.awempire.com	www.kushgems.com
2	kushgems.com	2 redirects
1	pt.ptawe.com	awempt.com
1	c.statcounter.com	www.kushgems.com
1	www.statcounter.com	www.kushgems.com
1	awempt.com	www.kushgems.com
1	promo.awempire.com	1 redirects
1	fonts.googleapis.com	www.kushgems.com
28	11

This site contains links to these domains. Also see Links.

Domain
brendiwest.kushgems.com

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
awempt.com Let's Encrypt Authority X3	`2018-10-30` - `2019-01-28`	3 months	crt.sh
*.awempire.com COMODO RSA Domain Validation Secure Server CA	`2018-03-27` - `2019-03-29`	a year	crt.sh
*.wlresources.com COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.statcounter.com Go Daddy Secure Certificate Authority - G2	`2018-01-16` - `2019-01-17`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://www.kushgems.com/
Frame ID: ECEF3071332661798189D4DE4809C40C
Requests: 18 HTTP requests in this frame

Frame: http://www.kushgems.com/spl.php?id=BrendiWest
Frame ID: DA8FD7ACD35B27B461B0945DA19A9F02
Requests: 9 HTTP requests in this frame

Frame: http://pt.ptawe.com/live-feed/?width=400&height=400&site=jasmin&cobrandId=&muted=1&subAffId=%7BSUBAFFID%7D&hideConsole=1&categoryName=girl&psid=jasminshows&psprogram=revs&pstool=202_1&preferredPerformers%5B0%5D=BrendiWest&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=1&vp%5BchatAutoHide%5D=0
Frame ID: 81CFD67BF4E04A7F99F123E3290EE05A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kushgems.com/ HTTP 301
http://www.kushgems.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

HeadJS (JavaScript Libraries) Expand

Overall confidence: 50%
Detected patterns

env /^head$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

28
Requests

43 %
HTTPS

22 %
IPv6

8
Domains

11
Subdomains

8
IPs

4
Countries

430 kB
Transfer

1336 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://brendiwest.kushgems.com/
Title: BrendiWest chat webcam

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kushgems.com/ HTTP 301
http://www.kushgems.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://promo.awempire.com/live_feeds/script_basic_livefeed.php?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs&campaignId=&category=girl&muted=1&subAffId={SUBAFFID} HTTP 302
https://awempt.com/embed/lf?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs&campaignId=&category=girl&muted=1&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1

Request Chain 15

http://kushgems.com/spl.php?id=BrendiWest HTTP 301
http://www.kushgems.com/spl.php?id=BrendiWest

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.kushgems.com/
Redirect Chain

http://kushgems.com/
http://www.kushgems.com/

74 KB
13 KB

351ms
175ms

Document
text/html

173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash: e4918f9d4c56c7e9ceb9e014bc9b3cd3994e7fd1cde8606a378fd1f5f6204c11

Request headers

Host: www.kushgems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.36
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Connection: keep-alive
Keep-Alive: timeout=60
Location: http://www.kushgems.com/

GET
H/1.1 200
OK style.css
www.kushgems.com/ 555 KB
52 KB 52ms
51ms Stylesheet
text/css 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/style.css
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: 1c80ec740ebc93f9cf2e6eb1794e2c3ecdc798ae7e28bc4a1d0fe84e5bc6a614

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kushgems.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 16:41:27 GMT
Server: nginx
ETag: W/"a481f1-8adb1-5715cd9ba7f7d"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery.js Show response
www.kushgems.com/ 90 KB
32 KB 83ms
28ms Script
text/javascript 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/jquery.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: 389b2539668e2778162893bfe351fc68ff8d433fbc2df5b6b216cc4852799846

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 16:41:27 GMT
Server: nginx
ETag: W/"a48d0a-169f4-5715cd9c01915"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery1.js Show response
www.kushgems.com/ 98 KB
33 KB 85ms
30ms Script
text/javascript 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/jquery1.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: e47761cc6bb29daddf6839b63dd694d9ca6315e6df0b7990c356729ce87085f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 16:41:26 GMT
Server: nginx
ETag: W/"a481f0-1897d-5715cd9afbd95"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Keep-Alive: timeout=60

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.kushgems.com
URL: http://www.kushgems.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

987172a4dc7b5df69db29e5f7ed6570194f7a081e01381f379b06d6962b835a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 15 Dec 2018 00:21:29 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 15 Dec 2018 00:21:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Sat, 15 Dec 2018 00:21:29 GMT

GET
H/1.1 200
OK min.js Show response
www.kushgems.com/ 192 B
398 B 71ms
16ms Script
text/html 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/min.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash: 604fd91ebc298e107020e2b34a7f9a06cb16c44db2e0d43b2dbdd6331e61687a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Content-Length: 192
Keep-Alive: timeout=60
Content-Type: text/html; charset=UTF-8

GET
H2

200

lf Show response
awempt.com/embed/
Redirect Chain

https://promo.awempire.com/live_feeds/script_basic_livefeed.php?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jas...
https://awempt.com/embed/lf?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs...

6 KB
6 KB

69ms
20ms

Script
application/javascript

93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://awempt.com/embed/lf?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs&campaignId=&category=girl&muted=1&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software: unknown /
Resource Hash: 26a0d44181ed348e3e37313a76fed7b08c583411c015b5d2f8a28668b3299877

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sat, 15 Dec 2018 00:21:29 GMT
cache-control: no-cache
server: unknown
x-real-source: -
content-type: application/javascript

Redirect headers

Date: Sat, 15 Dec 2018 00:21:29 GMT
Content-Encoding: gzip
Server: unknown
Vary: Accept-Encoding
Content-Type: text/html
Location: //awempt.com/embed/lf?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs&campaignId=&category=girl&muted=1&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Connection: close
Content-Length: 20

GET
H/1.1 200
OK ximage.jpg
static.awempire.com/jsm/BrendiWest/ 47 KB
47 KB 54ms
18ms Image
image/jpeg 93.93.51.195
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.awempire.com/jsm/BrendiWest/ximage.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.93.51.195 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software: unknown /
Resource Hash: 0e9c87165cfbf12434bd18a47b5fa67a758fd259b0e583624ea4c635bd240dad

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:29 GMT
Last-Modified: Wed, 08 Jun 2011 12:19:41 GMT
Server: unknown
ETag: "4def68dd-bc50"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Real-Source: sad5
Connection: close
Accept-Ranges: bytes
Content-Length: 48208
Expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H2 200 TrisaDavis-sex-cam-live-show-76-615676.jpg
img6.wlresources.com/model/ 12 KB
12 KB 73ms
13ms Image
image/jpeg 91.208.175.118
ACWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img6.wlresources.com/model/TrisaDavis-sex-cam-live-show-76-615676.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.175.118 Rotterdam, Netherlands, ASN47836 (ACWEB-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1d48fab92b30098ab1491121bea06b2cda7253e058e88d78ed490fe23551e076

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

serv: cdn34
date: Sat, 15 Dec 2018 00:21:29 GMT
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 14:21:25 GMT
server: nginx
etag: W/"5c126ae5-3052"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=604800
expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H2 200 JodyWow-sex-cam-live-show-66-623866.jpg
img6.wlresources.com/model/ 13 KB
14 KB 73ms
13ms Image
image/jpeg 91.208.175.118
ACWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img6.wlresources.com/model/JodyWow-sex-cam-live-show-66-623866.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.175.118 Rotterdam, Netherlands, ASN47836 (ACWEB-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 16c9d321a2752cb788b5a2306f6d42193fbd8a28f3a5c6c0e42b3958be0a8531

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

serv: cdn34
date: Sat, 15 Dec 2018 00:21:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Dec 2018 07:18:34 GMT
server: nginx
etag: W/"5c0a1eca-3552"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=604800
expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H2 200 SexySissi-sex-cam-live-show-86-146086.jpg
img6.wlresources.com/model/ 10 KB
10 KB 73ms
14ms Image
image/jpeg 91.208.175.118
ACWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img6.wlresources.com/model/SexySissi-sex-cam-live-show-86-146086.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.175.118 Rotterdam, Netherlands, ASN47836 (ACWEB-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 09d90ca9616c7fafafe43aa965f772aa20a0a0f202cbce9e23423e9902049875

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

serv: cdn34
date: Sat, 15 Dec 2018 00:21:29 GMT
content-encoding: gzip
last-modified: Sat, 11 Nov 2017 11:35:50 GMT
server: nginx
etag: W/"5a06e096-26aa"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=604800
expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H2 200 Aleska-sex-cam-live-show-56-545256.jpg
img6.wlresources.com/model/ 21 KB
21 KB 72ms
13ms Image
image/jpeg 91.208.175.118
ACWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img6.wlresources.com/model/Aleska-sex-cam-live-show-56-545256.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.175.118 Rotterdam, Netherlands, ASN47836 (ACWEB-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 891855a12e7cb091d98ef281c75a7893df0d024ab82b31b935767ce0193543e4

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

serv: cdn34
date: Sat, 15 Dec 2018 00:21:29 GMT
content-encoding: gzip
last-modified: Tue, 09 Oct 2018 17:12:16 GMT
server: nginx
etag: W/"5bbce170-5360"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=604800
expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 28 KB
10 KB 42ms
9ms Script
application/x-javascript 104.20.2.47
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 15 Dec 2018 00:21:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Dec 2018 15:56:10 GMT
server: cloudflare
etag: W/"5c06a39a-71d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 4894c0199bd66457-FRA
expires: Sat, 15 Dec 2018 12:21:29 GMT

GET
H/1.1 200
OK d382835809b146bb56762409d17e00c6.jpeg
www.kushgems.com/images/ 139 KB
139 KB 16ms
16ms Image
image/jpeg 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.kushgems.com/images/d382835809b146bb56762409d17e00c6.jpeg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: 0cd384c8cb09ecebe44d8acde6ec4958f56597a5bdfb7bc9354f73e054a390c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.kushgems.com/
Cookie: splashpagecookie=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Last-Modified: Thu, 19 Jul 2018 16:41:30 GMT
Server: nginx
ETag: "a638a2-22ad0-5715cd9f175cd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 142032

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v9/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: www.kushgems.com
URL: http://www.kushgems.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: http://www.kushgems.com

Response headers

date: Wed, 12 Dec 2018 18:35:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:28:43 GMT
server: sffe
age: 193542
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11404
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 18:35:47 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.kushgems.com
URL: http://www.kushgems.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: http://www.kushgems.com

Response headers

date: Wed, 12 Dec 2018 18:35:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 193536
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 18:35:53 GMT

GET
H/1.1

200
OK

spl.php Show response
www.kushgems.com/ Frame DA8F
Redirect Chain

http://kushgems.com/spl.php?id=BrendiWest
http://www.kushgems.com/spl.php?id=BrendiWest

2 KB
1 KB

17ms
17ms

Document
text/html

173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/spl.php?id=BrendiWest
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash: 9c80116a8806d4312c3b03f1eeedab800307592f1e0b222bcb8cf6998860264a

Request headers

Host: www.kushgems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.kushgems.com/
Accept-Encoding: gzip, deflate
Cookie: splashpagecookie=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.kushgems.com/

Response headers

Server: nginx
Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.36
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 331
Connection: keep-alive
Keep-Alive: timeout=60
Location: http://www.kushgems.com/spl.php?id=BrendiWest

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.kushgems.com
URL: http://www.kushgems.com/jquery.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

349c9eaeb1ddfca43b899f7479defefa32bb049c49f25c9ccaa6432cf0ffab95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin: http://www.kushgems.com

Response headers

date: Wed, 12 Dec 2018 08:04:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 231400
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9432
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 08:04:49 GMT

GET
H/1.1 200
OK t.php
c.statcounter.com/ 49 B
602 B 330ms
291ms Image
image/gif 104.20.3.47
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.statcounter.com/t.php?sc_project=11786170&java=1&security=edbc2947&u1=11F9D5A923224F49A788519320D306FE&sc_random=0.44661017945001213&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//www.kushgems.com/&t=Wild%20live%20sex%20chat%20with%20BrendiWest&sc_snum=1&sess=4ea83c&p=0&invisible=1
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/
Protocol: HTTP/1.1
Server: 104.20.3.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.kushgems.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:29 GMT
Server: cloudflare
CF-RAY: 4894c01a5778c2ba-FRA
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK style1.css
www.kushgems.com/ Frame DA8F 39 KB
6 KB 22ms
21ms Stylesheet
text/css 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/style1.css
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: f3534b9c8d9463ecd3296a6ecadfbc5e90c0c6479696a6a29000e6eb19dc4e85

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 17:19:35 GMT
Server: nginx
ETag: W/"a48d4b-9c14-5715d621f2f5a"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK style1.responsive.css
www.kushgems.com/ Frame DA8F 4 KB
1 KB 18ms
17ms Stylesheet
text/css 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/style1.responsive.css
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: e6f55ed10cb6c739cf771335bf8880cfea02a23bda78bd14408fecd681b473eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 17:19:36 GMT
Server: nginx
ETag: W/"a48d4d-f87-5715d6232c6fa"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery.js Show response
www.kushgems.com/ Frame DA8F 90 KB
0 83ms
28ms Script
text/javascript 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/jquery.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx /
Resource Hash: 389b2539668e2778162893bfe351fc68ff8d433fbc2df5b6b216cc4852799846

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 16:41:27 GMT
Server: nginx
ETag: W/"a48d0a-169f4-5715cd9c01915"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Keep-Alive: timeout=60

GET
H/1.1 404
Not Found script.js
www.kushgems.com/ Frame DA8F 0
0 20ms
19ms Script
text/html 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/script.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Content-Length: 0
Keep-Alive: timeout=60
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found script.responsive.js
www.kushgems.com/ Frame DA8F 0
0 17ms
17ms Script
text/html 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/script.responsive.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Content-Length: 0
Keep-Alive: timeout=60
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ximage.jpg
static.awempire.com/jsm/BrendiWest/ Frame DA8F 47 KB
0 54ms
18ms Image
image/jpeg 93.93.51.195
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.awempire.com/jsm/BrendiWest/ximage.jpg
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.93.51.195 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software: unknown /
Resource Hash: 0e9c87165cfbf12434bd18a47b5fa67a758fd259b0e583624ea4c635bd240dad

Request headers

Response headers

Date: Sat, 15 Dec 2018 00:21:29 GMT
Last-Modified: Wed, 08 Jun 2011 12:19:41 GMT
Server: unknown
ETag: "4def68dd-bc50"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Real-Source: sad5
Connection: close
Accept-Ranges: bytes
Content-Length: 48208
Expires: Sat, 22 Dec 2018 00:21:29 GMT

GET
H/1.1 404
Not Found script.js
www.kushgems.com/ Frame DA8F 0
0 16ms
16ms Script
text/html 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/script.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Content-Length: 0
Keep-Alive: timeout=60
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found script.responsive.js
www.kushgems.com/ Frame DA8F 0
0 17ms
17ms Script
text/html 173.249.59.55
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kushgems.com/script.responsive.js
Requested by: Host: www.kushgems.com
URL: http://www.kushgems.com/spl.php?id=BrendiWest
Protocol: HTTP/1.1
Server: 173.249.59.55 Auburn, United States, ASN51167 (CONTABO, DE),
Reverse DNS: ip-55-59-249-173.static.contabo.net
Software: nginx / PHP/5.6.36
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.kushgems.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
Cookie: splashpagecookie=1; sc_is_visitor_unique=rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.kushgems.com/spl.php?id=BrendiWest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 15 Dec 2018 00:21:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Content-Length: 0
Keep-Alive: timeout=60
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
pt.ptawe.com/live-feed/ Frame 81CF 0
0 52ms
30ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.ptawe.com/live-feed/?width=400&height=400&site=jasmin&cobrandId=&muted=1&subAffId=%7BSUBAFFID%7D&hideConsole=1&categoryName=girl&psid=jasminshows&psprogram=revs&pstool=202_1&preferredPerformers%5B0%5D=BrendiWest&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=1&vp%5BchatAutoHide%5D=0
Requested by: Host: awempt.com
URL: https://awempt.com/embed/lf?performerId=&performerList=BrendiWest&forcedPerformer=0&width=400&height=400&chatMode=always&bgColor=&site=jasmin&cobrandId=&psId=jasminshows&psTool=202_1&psProgram=revs&campaignId=&category=girl&muted=1&subAffId=%7BSUBAFFID%7D&legacyRedirect=1&hideConsole=1
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, HU),
Reverse DNS
Software: unknown /
Resource Hash

Request headers

Host: pt.ptawe.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.kushgems.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.kushgems.com/

Response headers

Server: unknown
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Cache-Control: no-cache
Date: Sat, 15 Dec 2018 00:21:29 GMT
X-Real-Source: -
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.kushgems.com/	1970-01-19 14:38:25	Name: sc_is_visitor_unique Value: rx11786170.1544833289.11F9D5A923224F49A788519320D306FE.1.1.1.1.1.1.1.1.1
			.kushgems.com/	1970-01-18 21:08:39	Name: splashpagecookie Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awempt.com
c.statcounter.com
fonts.googleapis.com
fonts.gstatic.com
img6.wlresources.com
kushgems.com
promo.awempire.com
pt.ptawe.com
static.awempire.com
www.kushgems.com
www.statcounter.com
104.20.2.47
104.20.3.47
173.249.59.55
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
91.208.175.118
93.93.51.191
93.93.51.195
93.93.53.199
09d90ca9616c7fafafe43aa965f772aa20a0a0f202cbce9e23423e9902049875
0cd384c8cb09ecebe44d8acde6ec4958f56597a5bdfb7bc9354f73e054a390c2
0e9c87165cfbf12434bd18a47b5fa67a758fd259b0e583624ea4c635bd240dad
16c9d321a2752cb788b5a2306f6d42193fbd8a28f3a5c6c0e42b3958be0a8531
1c80ec740ebc93f9cf2e6eb1794e2c3ecdc798ae7e28bc4a1d0fe84e5bc6a614
1d48fab92b30098ab1491121bea06b2cda7253e058e88d78ed490fe23551e076
26a0d44181ed348e3e37313a76fed7b08c583411c015b5d2f8a28668b3299877
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
349c9eaeb1ddfca43b899f7479defefa32bb049c49f25c9ccaa6432cf0ffab95
389b2539668e2778162893bfe351fc68ff8d433fbc2df5b6b216cc4852799846
58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1
604fd91ebc298e107020e2b34a7f9a06cb16c44db2e0d43b2dbdd6331e61687a
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
891855a12e7cb091d98ef281c75a7893df0d024ab82b31b935767ce0193543e4
9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b
987172a4dc7b5df69db29e5f7ed6570194f7a081e01381f379b06d6962b835a2
9c80116a8806d4312c3b03f1eeedab800307592f1e0b222bcb8cf6998860264a
e47761cc6bb29daddf6839b63dd694d9ca6315e6df0b7990c356729ce87085f1
e4918f9d4c56c7e9ceb9e014bc9b3cd3994e7fd1cde8606a378fd1f5f6204c11
e6f55ed10cb6c739cf771335bf8880cfea02a23bda78bd14408fecd681b473eb
f3534b9c8d9463ecd3296a6ecadfbc5e90c0c6479696a6a29000e6eb19dc4e85

www.kushgems.com Open in urlscan Pro 173.249.59.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

43 %HTTPS

22 %IPv6

8 Domains

11 Subdomains

8 IPs

4 Countries

430 kBTransfer

1336 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kushgems.com Open in urlscan Pro
173.249.59.55 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

43 %
HTTPS

22 %
IPv6

8
Domains

11
Subdomains

8
IPs

4
Countries

430 kB
Transfer

1336 kB
Size

2
Cookies

28 HTTP transactions
0 data transactions