upscale-escorts-aa.com Open in urlscan Pro
172.67.145.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://upscale-escorts-aa.com/
Effective URL:
https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZX...
Submission: On June 28 via api (June 28th 2023, 8:11:33 am UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 9 HTTP transactions. The main IP is 172.67.145.254, located in United States and belongs to CLOUDFLARENET, US. The main domain is upscale-escorts-aa.com.
TLS certificate: Issued by GTS CA 1P5 on June 26th 2023. Valid for: 3 months.

This is the only time upscale-escorts-aa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.67.145.254 172.67.145.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	195.245.112.210 195.245.112.210	21100 (ITLDC-NL) (ITLDC-NL)
1	104.21.56.22 104.21.56.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
9	5

5 172.67.145.254 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upscale-escorts-aa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.245.112.210 (Dronten, Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: zkusk554.vds

4club.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.56.22 (None, )

ASN13335 (CLOUDFLARENET, US)

cloud.antibot.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	upscale-escorts-aa.com 1 redirects upscale-escorts-aa.com	43 KB
2	4club.today 4club.today	1 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9378	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433	92 KB
1	antibot.cloud cloud.antibot.cloud	653 B
9	5

	Domain	Requested by
5	upscale-escorts-aa.com	1 redirects upscale-escorts-aa.com
2	4club.today	upscale-escorts-aa.com
2	counter.yadro.ru	1 redirects upscale-escorts-aa.com
1	ajax.googleapis.com	upscale-escorts-aa.com
1	cloud.antibot.cloud	upscale-escorts-aa.com
9	5

This site contains links to these domains. Also see Links.

Domain
4club.today

Subject Issuer	Validity	Valid
upscale-escorts-aa.com GTS CA 1P5	`2023-06-26` - `2023-09-24`	3 months	crt.sh
4club.today R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
antibot.cloud E1	`2023-06-08` - `2023-09-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
Frame ID: 0F5D7EC3331364FA8D40A90B9EAE1A17
Requests: 8 HTTP requests in this frame

Frame: https://4club.today/yZXH38dT?sub_id_1=mainpage&sub_id_2=&sub_id_3=&sub_id_4=usa&sub_id_5=upscale+escorts&sub_id_6=escorts&sub_id_7=no-sub_top-cities&sub_id_8=redirect&sub_id_9=&sub_id_10=&sub_id_11=2023-06-25&keyword=
Frame ID: D848634F736E953AD723FAE65B6A9C9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upscale Escorts

Page URL History Show full URLs

https://upscale-escorts-aa.com/ Page URL
https://upscale-escorts-aa.com/ HTTP 302
https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBl... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

136 kB
Transfer

201 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://4club.today/yZXH38dT?sub_id_1=old_browser
Title: Click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://upscale-escorts-aa.com/ Page URL
https://upscale-escorts-aa.com/ HTTP 302
https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://counter.yadro.ru/hit;svegereg?r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235 HTTP 302
https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
upscale-escorts-aa.com/ 8 KB
4 KB 114ms
79ms Document
text/html 172.67.145.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upscale-escorts-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.145.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: ac3af3bfaae9fd59f5103ea78d95f788dbc41d090044a00ba6cfaaa415fb9cd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7de475956b2c2be4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 08:11:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTTyqHTmldnyDElPouJ5izZ5OvmrIv75Bsy1dN2a%2Bp%2Funul403Hs2y%2BM52oSWLSqqq7IWl19qfjDlK8kO5oV6paBloyc70n35sP%2FyKKbluUxVmYQXj6hrdGfoGuBHWY%2Fb8Yuy5zhT7lQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-powered-cms: AntiBot.Cloud (See: https://antibot.cloud/)
x-robots-tag: noindex

GET
H/1.1

200
OK

hit;svegereg
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;svegereg?r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235
https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235

43 B
528 B

48ms
48ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235

Requested by

Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upscale-escorts-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 08:11:29 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Jun 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 08:11:29 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//upscale-escorts-aa.com/;h;0.5681448563111235
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 27 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK cc6JVm Show response
4club.today/ 0
653 B 112ms
55ms Script
text/html 195.245.112.210
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=
Requested by: Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.210 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zkusk554.vds
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upscale-escorts-aa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 08:11:29 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H2 200 antibot7.php
cloud.antibot.cloud/ 72 B
653 B 144ms
53ms XHR
text/html 104.21.56.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.antibot.cloud/antibot7.php

Requested by

Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.56.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upscale-escorts-aa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded;

Response headers

date: Wed, 28 Jun 2023 08:11:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nj%2B6E5mS1jycnbtHMU%2BBoZXbrSW9S5aW2GNnnWr43ctPLprW0PWuE8bpgJCa%2BKVN1pW9x9mPoMWUbjZEHIOjzughRGzCIZW6NXxGIgWimPfLKarNM%2FQJmAHK0w%2FbwL9qL3JjKlzt"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7de4759d9a9f373c-FRA
access-control-allow-headers: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

Primary Request signup.php Show response
upscale-escorts-aa.com/pages/
Redirect Chain

https://upscale-escorts-aa.com/
https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3...

3 KB
2 KB

59ms
59ms

Document
text/html

172.67.145.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
Requested by: Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: a9099c1ee3123c12ff1e7a8e459309f2a7a5c07f8765ed4d4e8d2ecb95437037

Request headers

Referer: https://upscale-escorts-aa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de4759e2b77bbf2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 08:11:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIJjnOwAOaTT8UtuZYaQv2TSqWxkW9FRDq4E%2FCC3zARecgldtAmCCuJ3y0dIaX4l24mfSAEi9lEHuifRm9ekfet6aBMvZtBbxWemeMq5z2BX9P%2Bbu91qGArETGa8Hs718q3i3i7DDbUX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de4759dec922be4-FRA
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 08:11:30 GMT
location: /pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7vEfIzBokMI5yTrAei7iPxrZASssjeFYFbQII%2FjJNmDxePXuflb8kZe5TCpIG7x7bF%2FKSKW7gE0N5Fe6d1JNwxdRzvdgB22ymqymrItMvVeVfHlCS3vFxKht7QFT2zjI%2FAWeb2oTTA%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 91 KB
92 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Requested by

Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upscale-escorts-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 09:39:40 GMT
x-content-type-options: nosniff
age: 253910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93057
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 09:39:40 GMT

GET
H3 200 preloader.svg
upscale-escorts-aa.com/styles/ 1 KB
952 B 65ms
65ms Image
image/svg+xml 172.67.145.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upscale-escorts-aa.com/styles/preloader.svg
Requested by: Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f0c2c7934217401d04ac17863015ee8b15fa62905bd8c66d18e7d2f36d27ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 08:11:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Mar 2022 10:30:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6229d356-5e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9QkqT7ooy35upHVjVcTKnyX64HNewGP64sQ3aHWxq%2Fbi4Flk3cor9GdKQ7m4orzbFAsaXv3HXnvT3NEM5wzlUnbz5bvWy4aFv0adjOpg3rRJ%2FlWb7cIv31ZfWCYlCyy18Pc3%2FAqJ40r"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7de4759e8bf4bbf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery_s.js Show response
upscale-escorts-aa.com/styles/ 98 KB
36 KB 96ms
96ms Script
application/javascript 172.67.145.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upscale-escorts-aa.com/styles/jquery_s.js?ver=1.12.3
Requested by: Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af1b9f88525c2c46ea90ee1a0ef19a739ffa0e70bd9bb5615302beef6c756ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upscale-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=dXBzY2FsZSBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 08:11:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 25 Jun 2023 19:10:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6498911e-18664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=favGjTLMNZbbkob8D6qT0VBDShzusH3mlisvJcbj85Wdo6X0OpuhCot9hyS1%2BWjq53d66MlNhzdXMLmP0U3fmu4wuFGxRfQiUO3YNiIJUKeB%2BC7MF%2BwB%2FRGjYgAL2uh3DeLt9SODxSxo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7de4759eec5cbbf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK yZXH38dT Show response
4club.today/ Frame D848 0
653 B 46ms
46ms Document
text/html 195.245.112.210
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://4club.today/yZXH38dT?sub_id_1=mainpage&sub_id_2=&sub_id_3=&sub_id_4=usa&sub_id_5=upscale+escorts&sub_id_6=escorts&sub_id_7=no-sub_top-cities&sub_id_8=redirect&sub_id_9=&sub_id_10=&sub_id_11=2023-06-25&keyword=
Requested by: Host: upscale-escorts-aa.com
URL: https://upscale-escorts-aa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.210 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zkusk554.vds
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upscale-escorts-aa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 08:11:31 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upscale-escorts-aa.com/	1970-01-20 21:37:55	Name: antibot_uid Value: 4259b1439feb3d5fe4ade5298b9d4f56
upscale-escorts-aa.com/	1970-01-20 13:06:43	Name: antibot_country Value: DE
upscale-escorts-aa.com/	1970-01-20 13:06:43	Name: antibot_lang Value: de
upscale-escorts-aa.com/	1970-01-20 13:06:43	Name: antibot_ptr Value: 37.58.57.1
.yadro.ru/	1970-01-20 21:37:15	Name: FTID Value: 1ac-in1rHyua1ac-in001U30
.yadro.ru/	1970-01-20 21:37:15	Name: VID Value: 3jiZAV0ba6ua1ac-in001U3e
upscale-escorts-aa.com/	1970-01-20 13:06:43	Name: antibot_5ce2e49e3678b8a90012426167d80da8 Value: 2f55b426ce2189e0308da80f041cd4f1
upscale-escorts-aa.com/	1970-01-20 12:53:46	Name: antibot_referer Value: https%3A%2F%2Fupscale-escorts-aa.com%2F
upscale-escorts-aa.com/	1970-01-20 12:53:46	Name: antibot_hits Value: 2
upscale-escorts-aa.com/	1970-01-20 12:53:46	Name: antibot_unique_20230628 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://upscale-escorts-aa.com/(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://upscale-escorts-aa.com/(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4club.today
ajax.googleapis.com
cloud.antibot.cloud
counter.yadro.ru
upscale-escorts-aa.com
104.21.56.22
172.67.145.254
195.245.112.210
2a00:1450:4001:811::200a
88.212.201.198
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31f0c2c7934217401d04ac17863015ee8b15fa62905bd8c66d18e7d2f36d27ea
4af1b9f88525c2c46ea90ee1a0ef19a739ffa0e70bd9bb5615302beef6c756ab
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
a9099c1ee3123c12ff1e7a8e459309f2a7a5c07f8765ed4d4e8d2ecb95437037
ac3af3bfaae9fd59f5103ea78d95f788dbc41d090044a00ba6cfaaa415fb9cd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

upscale-escorts-aa.com Open in urlscan Pro 172.67.145.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

5 Countries

136 kBTransfer

201 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

10 Cookies

2 Console Messages

Indicators

upscale-escorts-aa.com Open in urlscan Pro
172.67.145.254 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

136 kB
Transfer

201 kB
Size

10
Cookies

9 HTTP transactions
0 data transactions