urlscan.io logo urlscan.io
SecurityTrails logo

telegraph.sextgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://darknet.na.to/
Effective URL: http://telegraph.sextgem.com/
Submission: On December 14 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 14 domains to perform 22 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is telegraph.sextgem.com.
This is the only time telegraph.sextgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 115.68.227.7 38700 (SMILESERV...)
1 54.36.158.42 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
3 145.239.87.148 16276 (OVH)
5 178.33.123.218 16276 (OVH)
1 109.206.162.83 50245 (SERVEREL-AS)
1 172.104.29.90 63949 (LINODE-AP...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.174.135.17 39572 (ADVANCEDH...)
1 2 2600:9000:210... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
22 16
1    115.68.227.7 (Korea, Republic Of)

ASN38700 (SMILESERV-AS-KR SMILESERV, KR)
darknet.na.to
1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
telegraph.sextgem.com
2    2606:4700:3036::6818:72e2 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl14439255.cpmprofitablenetwork.com
2    2606:4700:3035::6818:7f98 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popmyads.com
popmyads.com
3    145.239.87.148 (Poland)

ASN16276 (OVH, FR)
PTR: 148.ip-145-239-87.eu
telegcrack.com
5    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
1    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
terrapsps.com
1    172.104.29.90 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com
www.supercounters.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    2606:4700:3030::681c:980 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.clbjmp.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    213.174.135.17 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
thumb-p6.xhcdn.com
2    2600:9000:2104:fe00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Domain Requested by
3 xtgem.com telegraph.sextgem.com
3 telegcrack.com telegraph.sextgem.com
2 pixel.quantserve.com 1 redirects telegraph.sextgem.com
2 rules.quantcount.com 1 redirects telegraph.sextgem.com
2 widget.supercounters.com telegraph.sextgem.com
1 thumb-p6.xhcdn.com telegraph.sextgem.com
1 fonts.googleapis.com telegraph.sextgem.com
1 creative.clbjmp.com telegraph.sextgem.com
1 cif.images.xtstatic.com telegraph.sextgem.com
1 enif.images.xtstatic.com telegraph.sextgem.com
1 edge.quantserve.com telegraph.sextgem.com
1 www.supercounters.com widget.supercounters.com
1 terrapsps.com telegraph.sextgem.com
1 popmyads.com telegraph.sextgem.com
1 cdn.popmyads.com 1 redirects
1 pl14439255.cpmprofitablenetwork.com telegraph.sextgem.com
1 telegraph.sextgem.com darknet.na.to
1 darknet.na.to
22 18

This site contains links to these domains. Also see Links.

Domain
cpmlink.net
ouo.io
adultchat.mobie.in
sextgem.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
telegcrack.com
Let's Encrypt Authority X3		 2020-11-30 -
2021-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.xtgem.com
Let's Encrypt Authority X3		 2020-10-30 -
2021-01-28		 3 months crt.sh
*.xhcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-23 -
2021-10-22		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh

This page contains 5 frames:

Primary Page: http://telegraph.sextgem.com/
Frame ID: EF74043AE0DC37957EAF7605D3876B88
Requests: 22 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: EEE15AFEB5B7A0F521D7D860DB7A0E21
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: CEA3B03A3D1715797AF7E8CD2BD0E8F3
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
Frame ID: E768CE0F953A538BEDD6E390FB6A5BE5
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90ZWxlZ3JhcGguc2V4dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidGVsZWdyYXBoLnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: 4AE9FEE7FB9B6206900260C04AC26178
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://darknet.na.to/ Page URL
  2. http://telegraph.sextgem.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

22
Requests

45 %
HTTPS

47 %
IPv6

14
Domains

18
Subdomains

16
IPs

6
Countries

5107 kB
Transfer

5243 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://darknet.na.to/ Page URL
  2. http://telegraph.sextgem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cdn.popmyads.com/pma.js HTTP 301
  • https://popmyads.com/x/pma
Request Chain 23
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 24
  • http://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=1;et=1607960062939;tzo=-60;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article HTTP 301
  • https://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=1;et=1607960062939;tzo=-60;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
darknet.na.to/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://darknet.na.to/
Protocol
HTTP/1.1
Server
115.68.227.7 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.6.32
Resource Hash
5fbf3a9b2b124ac18c32e0790b3fc8606b575fb1b91863ed8db3099e23983322

Request headers

Host
darknet.na.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:42:40 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.6.32
P3P
CP=\"ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI\"
Expires
Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified
Mon, 14 Dec 2020 15:42:40 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Connection
close
Content-Length
1064
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set /
telegraph.sextgem.com/ 		39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://telegraph.sextgem.com/
Requested by
Host: darknet.na.to
URL: http://darknet.na.to/
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
ac574f89e960479ace49e0b450bee4b0ede77f138aaa5d89c04f8d32e5a8263c

Request headers

Host
telegraph.sextgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://darknet.na.to/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://darknet.na.to/

Response headers

Date
Mon, 14 Dec 2020 15:34:21 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=23c9a0eb7ba60494683c498cefcf4593; expires=Wed, 14-Dec-2022 15:34:21 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly _xta_vid=f1fa6c653b153c7d8ddbc9c256ce07ec-1607960062; expires=Mon, 14-Dec-2020 16:04:22 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
9069
Content-Type
text/html;charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.supercounters.com/ssl/online_i.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
5983
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
07037c80da0000d6fde139d000000001
Last-Modified
Tue, 11 Jul 2017 06:49:04 GMT
Server
cloudflare
ETag
W/"596474e0-109e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bbyo7I4GQfHaDzaWIasnnAX5lJm3w01D4%2BlHLl8Bjv2IWhcTwsTjb8vR3P%2FMgsWK8Nmzf%2BszgYZEl4ws1D1YSwfbthsdHeIXKoJ2oB2eLnmqYxgKaKnpOzQM%2B1YD%2FRNamsC%2BOg4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6018fd149b8bd6fd-FRA
6681482ac079a3a43337440e3bd22456.js
pl14439255.cpmprofitablenetwork.com/66/81/48/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl14439255.cpmprofitablenetwork.com/66/81/48/6681482ac079a3a43337440e3bd22456.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Dec 2020 15:34:22 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pma
popmyads.com/x/
Redirect Chain
  • https://cdn.popmyads.com/pma.js
  • https://popmyads.com/x/pma
83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/x/pma
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:7f98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 15:34:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UIhNXjk%2FvbWOJbxli0dlHrB3FNOjMFXW7MZoHIcwJ72QhnS0jDTfP5JgnbWLt5YZhoXPUqeL6WGT5qA4nrGsjY3lQXghpzChLrdZJzbOWv3AzjFg7n35PwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6018fd14cff7325c-FRA
cf-request-id
07037c80fc0000325cc2113000000001

Redirect headers

date
Mon, 14 Dec 2020 15:34:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
519
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pm4%2FnIbZ8qVHSednudQFD%2FjFqjRBQM2qDfoUn3rl9S%2FnBySLz0QwEVGNtGGCnrKfWMrr1R4rYpVy6p23BT1aq8drF0MhbEZEEqHSfS5571yivMP8ZXaRuTRewDBA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://popmyads.com/x/pma
cache-control
max-age=14400
cf-ray
6018fd14afbb325c-FRA
cf-request-id
07037c80ea0000325c961ab000000001
fonts.css
telegcrack.com/ 		210 KB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegcrack.com/fonts.css
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 , Poland, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips /
Resource Hash
a3bf31506502354e9f145ca0da7a5c29d58d82d6ad74beeba0bb7262303bc438

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:41 GMT
Last-Modified
Tue, 30 Oct 2018 03:29:16 GMT
Server
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips
ETag
"3477f-57969ca50bc68"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2
Content-Length
214911
btc.png
telegcrack.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegcrack.com/btc.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 , Poland, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips /
Resource Hash
1e26e95d7649fc3474705a55f9853cd78d3e418efacedce9e171e7d38060a928

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:41 GMT
Last-Modified
Thu, 07 Sep 2017 19:08:16 GMT
Server
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips
ETag
"80e-5589e2ec9a020"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2
Content-Length
2062
icon20x24px-Fireworks.png
telegcrack.com/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegcrack.com/icon20x24px-Fireworks.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.87.148 , Poland, ASN16276 (OVH, FR),
Reverse DNS
148.ip-145-239-87.eu
Software
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips /
Resource Hash
47bbb9eb0b0b73193856fe6f8ba611a5aafad51dcda21a7fefe2b4a5a53920ef

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:41 GMT
Last-Modified
Mon, 12 Nov 2018 02:13:15 GMT
Server
Apache/2.4.6 (CentOS) PHP/7.3.21 OpenSSL/1.0.2k-fips
ETag
"12f59-57a6e3e63dae0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2
Content-Length
77657
influenza-23.jpg
xtgem.com/images/influenza/smart/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/influenza/smart/influenza-23.jpg
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
b1da8870358753cd41bfdefede665c9114f4dba42a403d986905359095794ebd

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"14bd-59774aa04e000"
X-Cache
MISS
Content-Type
image/jpeg
Expires
Wed, 13 Jan 2021 15:34:22 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
5309
X-Cache-Hits
0
brt.js
terrapsps.com/t/9/fret/meow4/1255387/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://terrapsps.com/t/9/fret/meow4/1255387/brt.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b8ce173c584a8cbfe96ccf32d2f65fbea52c48cf7612970ef32d12d033beca6

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Nov 2020 13:08:05 GMT
Server
nginx
ETag
W/"5fa004b5-fd47"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Timing-Allow-Origin
*
fc.php
www.supercounters.com/ 		30 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=http%3A%2F%2Fdarknet.na.to%2F&url=http%3A%2F%2Ftelegraph.sextgem.com%2F&sw=1600&sh=1200&rand=38
Requested by
Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Server
172.104.29.90 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.12.2 / PHP/7.4.13
Resource Hash
6f30d9157bd9568de036adc6207638555d7a6cef0d178013027807c48cd0896e

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
e61c1c.png
widget.supercounters.com/images/online/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widget.supercounters.com/images/online/e61c1c.png
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
3504
Connection
keep-alive
Content-Length
568
cf-request-id
07037c81b90000d6fddc2f5000000001
Last-Modified
Fri, 21 Aug 2020 23:59:32 GMT
Server
cloudflare
ETag
"5f405fe4-238"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2XOdNEZR%2FzXaYbudR9aHZhRUjUO8H1%2BqdwlPO4yDZTGGxVlO9NJh5e79Q9M8hDoOQ5%2BsHG5xLWZ%2FefhBIL9XEMvUKHRiy7WGaIZYxkfT7WynjWKB4JEpDjxeZ%2FAWy2w6QATpTLw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6018fd15ff08d6fd-FRA
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Content-Encoding
gzip
Etag
"8q1rat7Mm9i+FVcOidF8/g=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Mon, 21 Dec 2020 15:34:22 GMT
tp.gif
enif.images.xtstatic.com/ Frame EEE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://telegraph.sextgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://telegraph.sextgem.com/

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Wed, 13 Jan 2021 15:34:22 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame CEA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://telegraph.sextgem.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://telegraph.sextgem.com/

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Wed, 13 Jan 2021 15:34:22 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
wrapper
creative.clbjmp.com/widgets/ Frame E768 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.clbjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:980 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
creative.clbjmp.com
:scheme
https
:path
/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&campaignId=cd09f3b94a6b71fa861b2aa1286abbed9f99e91227bed15c95d80106b267a382&b=8f0e4664.gif&path=%2Fsignup&language=en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://telegraph.sextgem.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://telegraph.sextgem.com/

Response headers

date
Mon, 14 Dec 2020 15:34:23 GMT
content-type
text/html
set-cookie
__cfduid=d83b01f7c2881f47d5cfcef13640159f11607960063; expires=Wed, 13-Jan-21 15:34:23 GMT; path=/; domain=.clbjmp.com; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 10 Dec 2020 14:43:32 GMT
expires
Mon, 14 Dec 2020 15:34:33 GMT
cache-control
max-age=10
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 0 }
cf-cache-status
DYNAMIC
cf-request-id
07037c83b3000096f8c9190000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6018fd191bcc96f8-FRA
content-encoding
br
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81e8023d4e7ece3d2dee8179706bb3e7b4c308cf54b16e351590d9d0512ca80c

Request headers

Origin
http://telegraph.sextgem.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f53089e15c3883217cfa9e97551b8d3a952c2869d99dea69a7e1543ed4d9d82f

Request headers

Origin
http://telegraph.sextgem.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53e62aea15e58d342e737f4a769819258968a39bcee433432fe1ae7bf4776a3d

Request headers

Origin
http://telegraph.sextgem.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce374a48ba0dba1231039953c1d43eb6fd8a64c48fef6b0f1b058c1e06adde4

Request headers

Origin
http://telegraph.sextgem.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/opentype
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:100,200,300,400,500,600,700,800,900
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 15:22:32 GMT
server
ESF
date
Mon, 14 Dec 2020 15:34:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Dec 2020 15:34:22 GMT
Cookie set __xt_authbar
xtgem.com/ Frame 4AE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC90ZWxlZ3JhcGguc2V4dGdlbS5jb21cL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoidGVsZWdyYXBoLnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://telegraph.sextgem.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://telegraph.sextgem.com/

Response headers

Date
Mon, 14 Dec 2020 15:34:23 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~1rk3kirihb3cpvdj456jindkc7; expires=Tue, 15-Dec-2020 15:34:23 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Wed, 13-Jan-2021 15:34:23 GMT; Max-Age=2592000; path=/ __lang=us; expires=Wed, 13-Jan-2021 15:34:23 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2795
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
076_1000.gif
thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/076_1000.gif
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.17 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 15:34:22 GMT
last-modified
Mon, 04 Jun 2018 20:38:19 GMT
server
nginx/1.14.2
etag
"5b15a33b-4831b2"
content-type
image/gif
expires
Tue, 15 Dec 2020 15:34:22 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
4731314
x-proxy-cache
HIT
close2.png
xtgem.com/images/ 		564 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"234-59774aa04e000"
X-Cache
MISS
Content-Type
image/png
Expires
Wed, 13 Jan 2021 15:34:22 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
0
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:fe00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 15:15:16 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
age
1159
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
XFqsh1yKHv710JDVqceJgMv4jwTboC3Hp_TIysKal6jV_6hhkNJ2cg==

Redirect headers

Date
Mon, 14 Dec 2020 15:34:22 GMT
Via
1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Sf37l7vZDiYekI7fR_CkmewyT4F1dTAd1Yc-91ewpmF_XS14A2Wltw==
pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce=1;qjs=1;qv=58f0669e-2020121...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce...
  • https://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;c...
35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=1;et=1607960062939;tzo=-60;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article
Requested by
Host: telegraph.sextgem.com
URL: http://telegraph.sextgem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://telegraph.sextgem.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Dec 2020 15:34:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=586822979;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Ftelegraph.sextgem.com%2F;ref=http%3A%2F%2Fdarknet.na.to%2F;fpan=1;fpa=P0-1937583376-1607960062939;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;d=sextgem.com;je=0;sr=1600x1200x24;dst=1;et=1607960062939;tzo=-60;ogl=image.https%3A%2F%2Ftelegcrack%252Ecom%2Frainbow%252Epng%2Curl.https%3A%2F%2Ftelegcrack%252Ecom%2F%2Ctitle.%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%B2%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D1%84%D0%B5%20-%20Telegra%252Eph%20Crack!%2Ctype.article
Date
Mon, 14 Dec 2020 15:34:22 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Tue, 15 Dec 2020 15:34:22 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg string| pmauid string| pmawid string| fq function| r1ff function| O7hh function| n3VV function| G7hh function| E188 function| H8OO function| R9RR function| L8OO object| _0x2a18 function| _0x5a85 string| a1818a object| PMAPOP number| realBrowser number| fqq object| _qevents boolean| cookies number| click_cnt function| ClickUnder function| K5aa function| J0II function| r0ii function| I5aa undefined| handleException function| h0kk function| _clpeoztzyig9p2ghquaalz number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

4 Cookies

Domain/Path Name / Value
telegraph.sextgem.com/ Name:
Value: test
.sextgem.com/ Name: _xta_vid
Value: f1fa6c653b153c7d8ddbc9c256ce07ec-1607960062
.sextgem.com/ Name: __qca
Value: P0-1937583376-1607960062939
.sextgem.com/ Name: _xta_uid
Value: 23c9a0eb7ba60494683c498cefcf4593

48 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.popmyads.com
cif.images.xtstatic.com
creative.clbjmp.com
darknet.na.to
edge.quantserve.com
enif.images.xtstatic.com
fonts.googleapis.com
pixel.quantserve.com
pl14439255.cpmprofitablenetwork.com
popmyads.com
rules.quantcount.com
telegcrack.com
telegraph.sextgem.com
terrapsps.com
thumb-p6.xhcdn.com
widget.supercounters.com
www.supercounters.com
xtgem.com
109.206.162.83
115.68.227.7
145.239.87.148
172.104.29.90
178.33.123.218
192.243.59.12
213.174.135.17
2600:9000:2104:fe00:6:44e3:f8c0:93a1
2606:4700:3030::681c:980
2606:4700:3035::6818:7f98
2606:4700:3036::6818:72e2
2620:116:800d:21:36a9:ecb:e518:b308
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:81d::200a
54.36.158.42
1e26e95d7649fc3474705a55f9853cd78d3e418efacedce9e171e7d38060a928
3b8ce173c584a8cbfe96ccf32d2f65fbea52c48cf7612970ef32d12d033beca6
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
47bbb9eb0b0b73193856fe6f8ba611a5aafad51dcda21a7fefe2b4a5a53920ef
4ce374a48ba0dba1231039953c1d43eb6fd8a64c48fef6b0f1b058c1e06adde4
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
53e62aea15e58d342e737f4a769819258968a39bcee433432fe1ae7bf4776a3d
5fbf3a9b2b124ac18c32e0790b3fc8606b575fb1b91863ed8db3099e23983322
6f30d9157bd9568de036adc6207638555d7a6cef0d178013027807c48cd0896e
81e8023d4e7ece3d2dee8179706bb3e7b4c308cf54b16e351590d9d0512ca80c
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f
93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3bf31506502354e9f145ca0da7a5c29d58d82d6ad74beeba0bb7262303bc438
ac574f89e960479ace49e0b450bee4b0ede77f138aaa5d89c04f8d32e5a8263c
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b1da8870358753cd41bfdefede665c9114f4dba42a403d986905359095794ebd
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
f53089e15c3883217cfa9e97551b8d3a952c2869d99dea69a7e1543ed4d9d82f