Submitted URL: https://gx.ax/c3X
Effective URL: https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Submission: On November 19 via manual from GB — Scanned from GB

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 8 HTTP transactions. The main IP is 176.123.10.32, located in Moldova and belongs to ALEXHOST, MD. The main domain is cjaej.bustydatng.com.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.
This is the only time cjaej.bustydatng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 185.50.25.23 198610 (BEGET-AS)
6 176.123.10.32 200019 (ALEXHOST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains
Transfer
6 bustydatng.com
cjaej.bustydatng.com
369 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 beget.tech
f97851cd.beget.tech
418 B
1 gx.ax
gx.ax
569 B
8 5
Domain Requested by
6 cjaej.bustydatng.com cjaej.bustydatng.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cjaej.bustydatng.com
1 f97851cd.beget.tech 1 redirects
1 gx.ax 1 redirects
8 5

This site contains no links.

Subject Issuer Validity Valid
bustydatng.com
R3
2023-10-14 -
2024-01-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Frame ID: 1F844979E168F98148B8D89D89BAF265
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

A WEBSITE JUST FOR FINDING FUCK HOT MOMS!

Page URL History Show full URLs

  1. https://gx.ax/c3X HTTP 302
    http://f97851cd.beget.tech/sex18/5 HTTP 302
    https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18 Page URL

Page Statistics

8
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

418 kB
Transfer

457 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gx.ax/c3X HTTP 302
    http://f97851cd.beget.tech/sex18/5 HTTP 302
    https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 5b753c35e5e25
cjaej.bustydatng.com/s/
Redirect Chain
  • https://gx.ax/c3X
  • http://f97851cd.beget.tech/sex18/5
  • https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
50 KB
19 KB
Document
General
Full URL
https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
0ed3cd496e658527c1a795476c964468f5497be2f0ff56b9fac3d773868127b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 22:17:02 GMT
Expires
0
Pragma
no-cache
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Nov 2023 22:17:01 GMT
Keep-Alive
timeout=30
Location
https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Server
nginx-reuseport/1.21.1
X-Powered-By
PHP/5.6.40
style.css
cjaej.bustydatng.com/bundle/205/assets/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
d6fb637252b171cbafebb84220756f96584fc7cd7fc372b3bb593a19dd86b641

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 22:17:02 GMT
Last-Modified
Tue, 27 Sep 2022 09:09:13 GMT
Server
openresty/1.19.3.1
ETag
"6332bdb9-105e"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4190
functions.js
cjaej.bustydatng.com/bundle/205/assets/js/
125 KB
126 KB
Script
General
Full URL
https://cjaej.bustydatng.com/bundle/205/assets/js/functions.js
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
ceba16df4065ef9663afc4c9ed7ce202ef156d70517ce315addd48b98d94b2f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 22:17:03 GMT
Last-Modified
Tue, 27 Sep 2022 09:09:16 GMT
Server
openresty/1.19.3.1
ETag
"6332bdbc-1f525"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128293
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
759e5176ab6cc0bcb3a80ff259ff59401ccf7df9fb06ab96014e94a665d8f694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cjaej.bustydatng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 22:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 22:17:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 22:17:03 GMT
step1.jpg
cjaej.bustydatng.com/bundle/205/assets/img/
100 KB
101 KB
Image
General
Full URL
https://cjaej.bustydatng.com/bundle/205/assets/img/step1.jpg
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
5b41702a63d7b1f722d9b611419162a64cb67ea3bbd3e391ca21ce5768df1142

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 22:17:03 GMT
Last-Modified
Tue, 27 Sep 2022 09:09:14 GMT
Server
openresty/1.19.3.1
ETag
"6332bdba-191e8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102888
step2.jpg
cjaej.bustydatng.com/bundle/205/assets/img/
118 KB
119 KB
Image
General
Full URL
https://cjaej.bustydatng.com/bundle/205/assets/img/step2.jpg
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
fafc46eb236dc71b9febbcc34c8968001dd25310f00b096f6276771c52205923

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cjaej.bustydatng.com/bundle/205/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 22:17:03 GMT
Last-Modified
Tue, 27 Sep 2022 09:09:15 GMT
Server
openresty/1.19.3.1
ETag
"6332bdbb-1d954"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121172
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cjaej.bustydatng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
273644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:16:19 GMT
track.php
cjaej.bustydatng.com/
0
254 B
XHR
General
Full URL
https://cjaej.bustydatng.com/track.php
Requested by
Host: cjaej.bustydatng.com
URL: https://cjaej.bustydatng.com/bundle/205/assets/js/functions.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 19 Nov 2023 22:17:03 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| sid boolean| exitPopunder string| fpDataEncoded string| cf function| Fingerprint2 function| fingerprintGo function| sendTrack function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

3 Cookies

Domain/Path Name / Value
f97851cd.beget.tech/ Name: qwerty_sex18
Value: 0
.bustydatng.com/ Name: s
Value: mz5fSlQtm8MmxdmahERlEPsFdpKavjNLTyud%2FLL6kNkeMVjA09W6Eb%2BxNNZD3bWausTtRa1yFAUmSH%2FlnPJ5EiB%2BNvmXHuNb%2BRe4X6mb1XhlUV4hPlN8QlyC2%2FXgoJEVK7p7gFKfGvrmAtfR6er8pKd%2FwHjRmZvrDtILBhHZLWyHmM%2B3cf3AYSYq%2FZK6Y3v64HZnBhMSdwVucwUZMdmpx11iHoQgkSBNVjteHJvTRGbMxp8GDoaFm%2BoAiCT4J6893P2VQj2NvJOetqDtzk6YJvMjYhE6nwaLfZiCYFTwk1mVwizM59LccWtdANR8DJ3qDk01JhxDbREe2T%2F3ft9hutJcPoKlVm6y7Rwu%2BMO7YKLaZ6uT8yjuPlUaaN5uz48VmyqNJcYGxOqfbqp0A4rl2Qy6Y02hUgyKMJFmV%2FCTaGWf3vG59cBg0rvsLUErzSogbcjKG3%2Br7tJs4lNDAHlk%2FMueXX52InsRUG0ZlKaIMrpV7%2FO5MYl7DXZtg6z6gi%2FwVgMfDu14k2ugKPcyN%2BrGkWPemkL%2F40c7GL8gMw8aFv0lJwKC%2FHpTkAaYULmgautTNOl5r3cC%2FRCYdrQJt8ZHnRdyf1Sxgg3ArDuSYF746zD9WNeI2rEq8TRyW4QKBMKy%2F%2FSzPQuyteyFakAQny2Y5k%2F4Y2Zu8SqV14IY1881SmzGe2Wzr85iLnpja0auIdY%2BSQ3yCLQsybaVKRjF0jp3rK4Y%2BCfFE%2FXEQMIQOrZ8TymLYxUmHC1L6kHITpXpFH%2BXly2nQMKkLBI8SjhKvSDrsT5%2FYrOXeJtzwRoMLF2JHjHxc3rznyUxvyf12TJB0dm3UjE3rWlu%2FwGiR%2FUq1f4WS6WFzmdhhl9gvfDQE4KPaKEqn349h7OW0vS9FeQOv%2Fks%2FvfH9k4a6najm69I8VjvkoNKgDzdU09s1i9apDADmbU3Ul3SjxNWKF6QQlhDwJ0tzP6rnMcbF5tO%2FhoZ9qvNkpV4q1NZF8JRfK%2Bszoel1gh9tkXzyKCIGgIPMkIFcoOYq8d4nSdvmCOoLHOOIbNBMBixJjR63NOKKzqXTeEwVKIzNaIG023nWP%2FgUkimZ3DWw63dSFx8SXAQzZIIOkkjOazLa23JGJamOQ2YiyPtxR2afBFr5q5DD54Fu9fkznj95CTlSwhVg4br84DRhUnA5Hd2dEH3mExb7oE3CD1jMYDNNeilqGyzNSGJim4Zuopf3D9rR8Kl%2B69KBZ5OZCRw2ByK4KGvQntHWS2pEkPDzS96Iz2dTIzVYei86rJEDyS9FBGmra1ykarX11HSJD4W4C62C1%2B654H6olKpaGMpvjUWJCJABNwwPHvnQKc4doPjVK63ffEQJgrpp6SFnKu9MNP1sHcji5Ldn6U305mE2vXh1jh2ELrveyA2dj69bblafhOG9lMgAf8U9ZsGxFZDhRhV%2F30hycd1lR7%2B%2BmBKgXvZDjiKobIUAkdWjMbLsqa0QS8vo%2FIPf8OsZRFzZ8eMGL873FDUq8dxgBLwld9ZRrxTId2WOoE7oxPBXFh0nYMumR5A3B2Dqp%2F1mW924pZ3lAdYAAxNPF2NZFYtTJmMfRSwON7y%2BJ1wZwKj5hMjptlGJjjaS5r2SYqUjEAlxo6tXO%2BthE8J38hxXvfSS1RVytCvwXMO5kzS2%2BNEtc2tCSOyNfTTCA%2B0EbCu5kePl7zYJIdwkx6eaI4%3D
cjaej.bustydatng.com/ Name: CF
Value: tCwShvKcVjOYoLlOZdPPKA__

1 Console Messages

Source Level URL
Text
rendering warning URL: https://cjaej.bustydatng.com/s/5b753c35e5e25?subsource=sex18(Line 5)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.