urlscan.io logo urlscan.io
SecurityTrails logo

cash-escorts-aa.com Open in urlscan Pro
104.21.12.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cash-escorts-aa.com/
Effective URL: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3...
Submission: On June 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 11 HTTP transactions. The main IP is 104.21.12.130, located in and belongs to CLOUDFLARENET, US. The main domain is cash-escorts-aa.com.
TLS certificate: Issued by GTS CA 1P5 on June 24th 2023. Valid for: 3 months.
This is the only time cash-escorts-aa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 104.21.12.130 13335 (CLOUDFLAR...)
1 2 88.212.201.204 39134 (UNITEDNET)
3 195.245.112.210 21100 (ITLDC-NL)
1 104.21.56.22 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 6
5    104.21.12.130 (None, )

ASN13335 (CLOUDFLARENET, US)
cash-escorts-aa.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
3    195.245.112.210 (Dronten, Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: zkusk554.vds
4club.today
1    104.21.56.22 (None, )

ASN13335 (CLOUDFLARENET, US)
cloud.antibot.cloud
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
5 cash-escorts-aa.com
cash-escorts-aa.com
43 KB
3 4club.today
4club.today
2 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9773
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
92 KB
1 antibot.cloud
cloud.antibot.cloud
651 B
0 besthookups.fun Failed
besthookups.fun Failed
11 6
Domain Requested by
5 cash-escorts-aa.com 1 redirects cash-escorts-aa.com
3 4club.today cash-escorts-aa.com
2 counter.yadro.ru 1 redirects cash-escorts-aa.com
1 ajax.googleapis.com cash-escorts-aa.com
1 cloud.antibot.cloud cash-escorts-aa.com
0 besthookups.fun Failed 4club.today
11 6

This site contains links to these domains. Also see Links.

Domain
4club.today
Subject Issuer Validity Valid
cash-escorts-aa.com
GTS CA 1P5		 2023-06-24 -
2023-09-22		 3 months crt.sh
4club.today
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
antibot.cloud
E1		 2023-06-08 -
2023-09-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Frame ID: 58598E1FF38CA7825932DA188F7650E4
Requests: 8 HTTP requests in this frame

Frame: https://besthookups.fun/?u=85wp605&o=4hltxqq&t=escorts&cid=39lscga36o4v3
Frame ID: 5631E82D98ED4CF622A6077BBAE9FF9E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cash Escorts

Page URL History Show full URLs

  1. https://cash-escorts-aa.com/ Page URL
  2. https://cash-escorts-aa.com/ HTTP 302
    https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2Nv... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

137 kB
Transfer

201 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cash-escorts-aa.com/ Page URL
  2. https://cash-escorts-aa.com/ HTTP 302
    https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://counter.yadro.ru/hit;svegereg?r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053 HTTP 302
  • https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cash-escorts-aa.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cash-escorts-aa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
5b0c581cacaccaec819e500498aab1176fab71459f188fe62c307867273f4406

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7dd423e01a4f373c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Jun 2023 08:39:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3V1uz0%2BC9zp9oVyhk0wLhJaLoBt0hz6%2B4mzurKEkyz1A6rPHTxLCCvsFHXNSHQBQEtsEauIyCc7DOtkBHJBscsO%2FAiEXXlZ3PxMkYlH3x7X051nmV2WLtGulRkzEHjiBWkEkgn%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
x-powered-cms
AntiBot.Cloud (See: https://antibot.cloud/)
x-robots-tag
noindex
hit;svegereg
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;svegereg?r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053
  • https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cash-escorts-aa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Jun 2023 08:39:32 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 25 Jun 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Jun 2023 08:39:32 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;svegereg?q;r;s1600*1200*24;uhttps%3A//cash-escorts-aa.com/;h;0.1869282514213053
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 25 Jun 2022 21:00:00 GMT
cc6JVm
4club.today/ 		0
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.245.112.210 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
zkusk554.vds
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cash-escorts-aa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Mon, 26 Jun 2023 08:39:32 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
antibot7.php
cloud.antibot.cloud/ 		72 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.antibot.cloud/antibot7.php
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cash-escorts-aa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded;

Response headers

date
Mon, 26 Jun 2023 08:39:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zg7rN8Iyamy6nbx2syXYHvsH5M4cNjtthDSvk09yab9U9GKMeNm%2BrcMh1%2BHi3FlYCymXgg%2FjLI72TaU5loruIZWzJ1NInzE8OA1wyrmndZcbBs44RftuP%2FVupXb%2BbuBHOjb3JHsq"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7dd423f33a7b39c8-FRA
access-control-allow-headers
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
Primary Request signup.php
cash-escorts-aa.com/pages/
Redirect Chain
  • https://cash-escorts-aa.com/
  • https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&su...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
726613fefac0167865c9febe7ed1d8ee090d2e1fd7f4549887dba1b054891cae

Request headers

Referer
https://cash-escorts-aa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7dd423f60f09373c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Jun 2023 08:39:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk6NBvExR0bmpy91pQ6xQhRGurhowbA1G8Cu1kVMyHiPPemFsLffwfpgPFCHH%2BSTkP0b%2FK7ZV6KNRqvuztbhk5GCse%2FVaYAqDrx22Fzp1kx%2B7SuGsKnzMoVdstfFZ8Cn6SNLx%2BSF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7dd423f5be74373c-FRA
content-type
text/html; charset=UTF-8
date
Mon, 26 Jun 2023 08:39:34 GMT
location
/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJVa75uLr51tA29zEKVDb15UERdEKiodLpS%2BeBUkLlKgksknpFxmZ35Yj%2Fi%2FoJfgjiQ1dxlLaF%2FKXemQz2UZb4oty8RkxafYgwpqikJZ8%2BD4acanjRM8%2BFWJ5B%2BrGsKvZACarAUL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cash-escorts-aa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 09:39:40 GMT
x-content-type-options
nosniff
age
82794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93057
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jun 2024 09:39:40 GMT
preloader.svg
cash-escorts-aa.com/styles/ 		1 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cash-escorts-aa.com/styles/preloader.svg
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f0c2c7934217401d04ac17863015ee8b15fa62905bd8c66d18e7d2f36d27ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 08:39:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 10 Mar 2022 10:30:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6229d34e-5e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoRsV9JSo6UOOQ%2BFU40JFFYVhDNH2XrSEBIWJTulG1tFmufLFl0jEqTIv%2BJR6k68jROrtM0IxkM9xHpnslzbpcFzo5cmFE2DTOJJDUwooVZPEd0tKlMlLjck47bb%2FkRXrPfMQs63"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7dd423f67e2f3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery_s.js
cash-escorts-aa.com/styles/ 		98 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cash-escorts-aa.com/styles/jquery_s.js?ver=1.12.3
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81c05f4b9c626121f96fdb5cbe8732e438af921f783a83536a486f01a241aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 08:39:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 24 Jun 2023 08:53:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6496aefe-18660"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pz%2Bc4wYh%2BwvWsYXtzSzPY3dLgrvN%2FATdS6wkJjcpi1d%2BsH52NC19S%2BCgg3I61rCZOABcleR3%2B8C%2BJIfGsAUbXUyY1KcpI%2BFlzHz%2B5d%2BxBsKyUK53C8S3XaGN%2BxoowpRMXtHVnm60"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7dd423f6eea63653-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
yZXH38dT
4club.today/ Frame 5631 		353 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4club.today/yZXH38dT?sub_id_1=mainpage&sub_id_2=&sub_id_3=&sub_id_4=usa&sub_id_5=cash+escorts&sub_id_6=escorts&sub_id_7=no-sub_top-cities&sub_id_8=redirect&sub_id_9=&sub_id_10=&sub_id_11=2023-06-24&keyword=
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.245.112.210 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
zkusk554.vds
Software
nginx /
Resource Hash
06cb804ad3d477fd9f747a5c5598c2b86ba45591d389443c798fcead34370d4d

Request headers

Referer
https://cash-escorts-aa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
353
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Jun 2023 08:39:34 GMT
Expires
0
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
gateway.php
4club.today/ Frame 5631 		358 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4club.today/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvYmVzdGhvb2t1cHMuZnVuXC8_dT04NXdwNjA1Jm89NGhsdHhxcSZ0PWVzY29ydHMmY2lkPTM5bHNjZ2EzNm80djMifQ.zGMrkhwGfjsn2-9Q1dIlev7OLrpQZi20i8zD7HfSpR8
Requested by
Host: cash-escorts-aa.com
URL: https://cash-escorts-aa.com/pages/signup.php?sub_id_1=bWFpbnBhZ2U%3D&sub_id_4=dXNh&sub_id_5=Y2FzaCBlc2NvcnRz&sub_id_6=ZXNjb3J0cw%3D%3D&sub_id_7=bm8tc3ViX3RvcC1jaXRpZXM%3D&sub_id_8=cmVkaXJlY3Q%3D&sub_id_9=&sub_id_11=MjAyMy0wNi0yNA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.245.112.210 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
zkusk554.vds
Software
nginx /
Resource Hash
06913b526bb4cd3dc585ed2b3487cf8fb9c1340c874bb32387a57a553b4ede16

Request headers

Referer
https://4club.today/yZXH38dT?sub_id_1=mainpage&sub_id_2=&sub_id_3=&sub_id_4=usa&sub_id_5=cash+escorts&sub_id_6=escorts&sub_id_7=no-sub_top-cities&sub_id_8=redirect&sub_id_9=&sub_id_10=&sub_id_11=2023-06-24&keyword=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Jun 2023 08:39:35 GMT
Expires
0
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
/
besthookups.fun/ Frame 5631 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
besthookups.fun
URL
https://besthookups.fun/?u=85wp605&o=4hltxqq&t=escorts&cid=39lscga36o4v3

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| $preloader object| $svg_anm string| sub_id_1 string| sub_id_2 string| sub_id_3 string| sub_id_4 string| sub_id_5 string| sub_id_6 string| sub_id_7 string| sub_id_8 string| sub_id_9 string| sub_id_10 string| sub_id_11 string| sub_id_16 function| _0x45f2c0 function| _0x536b function| _0x5e7c object| body

10 Cookies

Domain/Path Name / Value
cash-escorts-aa.com/ Name: antibot_uid
Value: 23df2e1767274e43f8a37fa3399c1e3c
cash-escorts-aa.com/ Name: antibot_country
Value: DE
cash-escorts-aa.com/ Name: antibot_lang
Value: de
cash-escorts-aa.com/ Name: antibot_ptr
Value: 193.32.248.222
.yadro.ru/ Name: FTID
Value: 1acKx42Kznua1acKx4002NXA
.yadro.ru/ Name: VID
Value: 3Z51Pg3COiua1acKx4002NY9
cash-escorts-aa.com/ Name: antibot_d870ce6f82f8971c0e922dde9c652279
Value: c31cdcc10a007ea6062f8813a4e0e502
cash-escorts-aa.com/ Name: antibot_referer
Value: https%3A%2F%2Fcash-escorts-aa.com%2F
cash-escorts-aa.com/ Name: antibot_hits
Value: 2
cash-escorts-aa.com/ Name: antibot_unique_20230626
Value: 1

2 Console Messages

Source Level URL
Text
javascript warning URL: https://cash-escorts-aa.com/(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cash-escorts-aa.com/(Line 4)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://4club.today/cc6JVm?&frm=script&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&sub_id_9=&sub_id_11=&keyword=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.