urlscan.io logo urlscan.io
SecurityTrails logo

1414.allow-to-continue.com Open in urlscan Pro
109.206.187.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ribunews.com/d/2102140828e07c1fe1be0c41dd964f46f66a/145/PHizhuPizh375TlctaNImRnaqcbP6JDIJfZau1bqXS6vOTJ-_XemM...
Effective URL: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zoneid=1601571&geo=de&p...
Submission Tags: falconsandbox
Submission: On June 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 109.206.187.4, located in Netherlands and belongs to SERVEREL-AS, NL. The main domain is 1414.allow-to-continue.com.
TLS certificate: Issued by R3 on May 8th 2021. Valid for: 3 months.
This is the only time 1414.allow-to-continue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 109.206.162.83 50245 (SERVEREL-AS)
3 109.206.162.86 50245 (SERVEREL-AS)
2 109.206.187.4 50245 (SERVEREL-AS)
5 2
Domain Requested by
3 hypermusk.com hypermusk.com
1 11.allow-to-continue.com 1414.allow-to-continue.com
1 1414.allow-to-continue.com hypermusk.com
1 ribunews.com 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
hypermusk.com
R3		 2021-06-11 -
2021-09-09		 3 months crt.sh
*.allow-to-continue.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Frame ID: 4C45A1449F0177A46BA1A4E22F3838AD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ribunews.com/d/2102140828e07c1fe1be0c41dd964f46f66a/145/PHizhuPizh375TlctaNImRnaqcbP6JDIJ... HTTP 302
    http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333 Page URL
  2. https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_user_agent&ymid=878333&pb=696b79f8efabb093d5... Page URL
  3. https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zon... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

21 kB
Transfer

47 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ribunews.com/d/2102140828e07c1fe1be0c41dd964f46f66a/145/PHizhuPizh375TlctaNImRnaqcbP6JDIJfZau1bqXS6vOTJ-_XemMtCzK_Rnabe5T6DKpahhaQInge_05psDg2lPaTprVR3ql9Etr9pPvkyHHVkHc3iLCCubgGgXwt6A7xX2GWoXHNY16BkN-uA_byGCiYcuVSb7OE_PZ1FZ5SBV-vT33zksZIX3RylfdZCeuH2thERcKH7zKUfgZZ3IyIPju7NTj9zuPteiDOqhkHJNbf1I3t4MlsHciToSYE9J728cRCqN1e9JnlZLZGLqSc2RDNBxT-vIpjUGMbe-HnXetwRXIl_t9DW8HF2aQtbavUMcCWGpHhJsMGt3U6XxNufZUKNZAuyv09cvd7y1SwmiKb-dX8JGz37RWsmrsV7kFTslXF24mAkKv4kgDWdiwWSnT9tf2GUa61h6uVHeAg9FIL--P5WafekdifTjXOEaUZ7aQ3Qe6F8t9zbfms1e8FskNC5Ro3sc8QIxpQIoB2DR_6rXp0-Pax--WJNSUHrn-dhYseVx5uZkMtGiFbOOrXB8XroIBDsgDXM-kATgXG3Qs0iwuveyPJqHeVAZCgF_qUyRf72NL117cLxgAgofisLpysoN0z7E5eKAU7OidtUxc0oUkTK6XEgRGf_BnniQ8-61MnmstsSKEevnkuZY60d0Ed1Up3dvhE70qH_U-noHvY0g3r0YbPg7k8FkDCjK3T-VVx2UA-oJUhlLAeErhCMoJdAryli_wJoMzAYo8zIyCDzitPgNw9SIOY5810zNfGoJ0hzcemg8PiJ9anWsuqK_Gsf0qO2CcPpABNVTbTXF8ilILvbalLyzA6Xdzk3sbeUykArT5tIDAz3fVKxu5Z7fYsPJ0qbkyutNVT15PhgjCoKIsejGapl6IKbF2NvVZNRfkWfH0rPG_wvYIN9ROBjlejFsegcnG81tiydsb-co7WKSClsY81LPpq7WZG1n2Q==?var=878333&pb=d4e2645f5764fb0a7788994c6c6636601613316488&psp=rKtOptF247lcle3OdNCKXLva4qVFJDkBYtGUgPBwZEgTSEIqcerq_f4ZC-NlmtytIEOqD28_BTBM8vQTGWEqyI3c6zADNoHJDQeArZ7VKE__qOAXp4z3W-WBxsbOtwPf6LLwb57nX8hJ4XkMojxLDodR4H_EA2LnmOjLqsk0iJejtpyAJaudGGc0Cz9l7PYC1r7mK1RAj0UVWNNzmcrxuLIp0PKeXV6PpH6OMnusl36a46tmMP4nyUWWEfG5Jy8hKVRaw4jxoLUy4Yz8nsWr4-Czzg6WhIzYT6XsbzcK5rmCZKJvoI19P6kmMGTdJCEz-Pl51xgx56XM0O0W5pV9Yebvt62fXVRZcp8EWILLuySSTWk_VMHI5VgH_QZtdIlO4FNJ-44wjBjYH3fRvIwUY5UXF50N54D_Lu0rKwPKzDp5h51iyPewmuznfKq2QAFi4hOR3bocKvGJbuRUTTqvonIeXkQHDFcF0VGnKbfWsKSBpLVuPyvLmc25oR64bm2zfzNwF3fiqAgCyz6SR3uNO65Q9Ivnr4Hkgtc7113lWJgnZ6BvxGUVpEElNbOYPM6QTWoIxpZHbJPf-FjGdDBk8wDLB_Pj_-wZGdI-9e55XbQjT7eMuIlAyaoRX2_PJtISg5qKt55Bi4gGWGLNZfg6FUL9XCtwC1VNABBrLAtGKZHBC15CVRY727zO--PMDL5Mh-4sQIKSjEYtoKv_FwCKZtdiS3ZR-uAXTRKfArhjWdkkyvPV8KBIiiuEYUXArYEI3Jwa-uf_LWYefh5P6Ji8eD4Td63kKgNavzCIwJHoEKOJUBx0_TNnI5v6H9QQ1-z6u0qbS-YT2_TMdjQVTYJdNpWEp-bglzx7Ut_8P4X1YVfCtaj0UWZ1Nrd3EB-60M5bmhKZdIR0W-74a1PtpAoOL4Hst5DJDlthr23OIY6rxVl1ag50qp4%3D&nojs=0&ix HTTP 302
    http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333 Page URL
  2. https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_user_agent&ymid=878333&pb=696b79f8efabb093d5ab08ac3c268a071624114548&psp=ZSSGhwkmVSTM5rZS-y4I8oT5WeIMHvfqNXsoFI3rs8Xx8HHaNtFik9psd_1mWBxg0C6txvMWXZu2thPbDg9Kmblm-lcRx8lkgP_cWQhFuMc9sA5D47dEB6r5x1YYfzkZMOnv1CqbS3GSaxvhJmO2Z-Q2STqwXt1GoO2LTvXvt3mUtYqmkRjVEwAM8a7fZaq0m53UCVjBbxdSSz28PS3kaJe-eRxOGmKIfHAU2deKGwSREpmAgK_E6LSVGsv5wqDKlBDhQ3JawYtSavjiZfu2ilN8nJFls4Vqs8tYWV_dgYJd03gXRkMyDEt0hakAdQ54n_6FvmNeELa-6OroKToLiHX7x7F3BPpsGgLnUP539-KuamCTSw8NeKQsEF70Ose6lXWRryIq5Ow0FX_5T1tmquFKmKFSuOAFbVLM4uINuwE3q385qV54BNBtgtHaO0sfKV4pko2EMlVndQeJustVwmdGjRp21_FkQnp7SHIQA3nxUEenmgBhQwjTrbE41JF3XcNDgcuA6XT32uz2-idEzCOaf8aJKkhCUgamH-dLao5Yre8stEsiQo9zI1j311dENKZqVUM7LJPEsTv4zSUis6-puIwBtI1Y0LRlO82jsJNazgmh2Zj7uX3FFkBXuw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2 Page URL
  3. https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ribunews.com/d/2102140828e07c1fe1be0c41dd964f46f66a/145/PHizhuPizh375TlctaNImRnaqcbP6JDIJfZau1bqXS6vOTJ-_XemMtCzK_Rnabe5T6DKpahhaQInge_05psDg2lPaTprVR3ql9Etr9pPvkyHHVkHc3iLCCubgGgXwt6A7xX2GWoXHNY16BkN-uA_byGCiYcuVSb7OE_PZ1FZ5SBV-vT33zksZIX3RylfdZCeuH2thERcKH7zKUfgZZ3IyIPju7NTj9zuPteiDOqhkHJNbf1I3t4MlsHciToSYE9J728cRCqN1e9JnlZLZGLqSc2RDNBxT-vIpjUGMbe-HnXetwRXIl_t9DW8HF2aQtbavUMcCWGpHhJsMGt3U6XxNufZUKNZAuyv09cvd7y1SwmiKb-dX8JGz37RWsmrsV7kFTslXF24mAkKv4kgDWdiwWSnT9tf2GUa61h6uVHeAg9FIL--P5WafekdifTjXOEaUZ7aQ3Qe6F8t9zbfms1e8FskNC5Ro3sc8QIxpQIoB2DR_6rXp0-Pax--WJNSUHrn-dhYseVx5uZkMtGiFbOOrXB8XroIBDsgDXM-kATgXG3Qs0iwuveyPJqHeVAZCgF_qUyRf72NL117cLxgAgofisLpysoN0z7E5eKAU7OidtUxc0oUkTK6XEgRGf_BnniQ8-61MnmstsSKEevnkuZY60d0Ed1Up3dvhE70qH_U-noHvY0g3r0YbPg7k8FkDCjK3T-VVx2UA-oJUhlLAeErhCMoJdAryli_wJoMzAYo8zIyCDzitPgNw9SIOY5810zNfGoJ0hzcemg8PiJ9anWsuqK_Gsf0qO2CcPpABNVTbTXF8ilILvbalLyzA6Xdzk3sbeUykArT5tIDAz3fVKxu5Z7fYsPJ0qbkyutNVT15PhgjCoKIsejGapl6IKbF2NvVZNRfkWfH0rPG_wvYIN9ROBjlejFsegcnG81tiydsb-co7WKSClsY81LPpq7WZG1n2Q==?var=878333&pb=d4e2645f5764fb0a7788994c6c6636601613316488&psp=rKtOptF247lcle3OdNCKXLva4qVFJDkBYtGUgPBwZEgTSEIqcerq_f4ZC-NlmtytIEOqD28_BTBM8vQTGWEqyI3c6zADNoHJDQeArZ7VKE__qOAXp4z3W-WBxsbOtwPf6LLwb57nX8hJ4XkMojxLDodR4H_EA2LnmOjLqsk0iJejtpyAJaudGGc0Cz9l7PYC1r7mK1RAj0UVWNNzmcrxuLIp0PKeXV6PpH6OMnusl36a46tmMP4nyUWWEfG5Jy8hKVRaw4jxoLUy4Yz8nsWr4-Czzg6WhIzYT6XsbzcK5rmCZKJvoI19P6kmMGTdJCEz-Pl51xgx56XM0O0W5pV9Yebvt62fXVRZcp8EWILLuySSTWk_VMHI5VgH_QZtdIlO4FNJ-44wjBjYH3fRvIwUY5UXF50N54D_Lu0rKwPKzDp5h51iyPewmuznfKq2QAFi4hOR3bocKvGJbuRUTTqvonIeXkQHDFcF0VGnKbfWsKSBpLVuPyvLmc25oR64bm2zfzNwF3fiqAgCyz6SR3uNO65Q9Ivnr4Hkgtc7113lWJgnZ6BvxGUVpEElNbOYPM6QTWoIxpZHbJPf-FjGdDBk8wDLB_Pj_-wZGdI-9e55XbQjT7eMuIlAyaoRX2_PJtISg5qKt55Bi4gGWGLNZfg6FUL9XCtwC1VNABBrLAtGKZHBC15CVRY727zO--PMDL5Mh-4sQIKSjEYtoKv_FwCKZtdiS3ZR-uAXTRKfArhjWdkkyvPV8KBIiiuEYUXArYEI3Jwa-uf_LWYefh5P6Ji8eD4Td63kKgNavzCIwJHoEKOJUBx0_TNnI5v6H9QQ1-z6u0qbS-YT2_TMdjQVTYJdNpWEp-bglzx7Ut_8P4X1YVfCtaj0UWZ1Nrd3EB-60M5bmhKZdIR0W-74a1PtpAoOL4Hst5DJDlthr23OIY6rxVl1ag50qp4%3D&nojs=0&ix HTTP 302
  • http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
hypermusk.com/1546341/
Redirect Chain
  • https://ribunews.com/d/2102140828e07c1fe1be0c41dd964f46f66a/145/PHizhuPizh375TlctaNImRnaqcbP6JDIJfZau1bqXS6vOTJ-_XemMtCzK_Rnabe5T6DKpahhaQInge_05psDg2lPaTprVR3ql9Etr9pPvkyHHVkHc3iLCCubgGgXwt6A7xX2G...
  • http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333
Protocol
HTTP/1.1
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
60442261315d7ff9ac965c75fdc863aecd1c5e1ee850288c3330874e8c0b051d

Request headers

Host
hypermusk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
UID=2106190755074c631e873b4ca9b08803362c; Path=/; SameSite=None; Expires=Sun, 19 Jun 2022 12:55:48 GMT; HttpOnly; Secure
Content-Encoding
gzip
Timing-Allow-Origin
*

Redirect headers

Server
nginx
Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Type
text/html; charset=utf-8
Content-Length
89
Connection
keep-alive
Location
http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333
X-Content-Type-Options
nosniff
submit.min.js
hypermusk.com/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hypermusk.com/submit.min.js?2.0
Requested by
Host: hypermusk.com
URL: http://hypermusk.com/1546341/?var=wrong_user_agent&ymid=878333
Protocol
HTTP/1.1
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
1513289ea273cd822d56a4393350d55a7b79229dde91bf14561325b88df64810

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hypermusk.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 13:58:40 GMT
Server
nginx
ETag
W/"60bf7790-7c40"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Timing-Allow-Origin
*
Cookie set /
hypermusk.com/ 		896 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_user_agent&ymid=878333&pb=696b79f8efabb093d5ab08ac3c268a071624114548&psp=ZSSGhwkmVSTM5rZS-y4I8oT5WeIMHvfqNXsoFI3rs8Xx8HHaNtFik9psd_1mWBxg0C6txvMWXZu2thPbDg9Kmblm-lcRx8lkgP_cWQhFuMc9sA5D47dEB6r5x1YYfzkZMOnv1CqbS3GSaxvhJmO2Z-Q2STqwXt1GoO2LTvXvt3mUtYqmkRjVEwAM8a7fZaq0m53UCVjBbxdSSz28PS3kaJe-eRxOGmKIfHAU2deKGwSREpmAgK_E6LSVGsv5wqDKlBDhQ3JawYtSavjiZfu2ilN8nJFls4Vqs8tYWV_dgYJd03gXRkMyDEt0hakAdQ54n_6FvmNeELa-6OroKToLiHX7x7F3BPpsGgLnUP539-KuamCTSw8NeKQsEF70Ose6lXWRryIq5Ow0FX_5T1tmquFKmKFSuOAFbVLM4uINuwE3q385qV54BNBtgtHaO0sfKV4pko2EMlVndQeJustVwmdGjRp21_FkQnp7SHIQA3nxUEenmgBhQwjTrbE41JF3XcNDgcuA6XT32uz2-idEzCOaf8aJKkhCUgamH-dLao5Yre8stEsiQo9zI1j311dENKZqVUM7LJPEsTv4zSUis6-puIwBtI1Y0LRlO82jsJNazgmh2Zj7uX3FFkBXuw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2
Requested by
Host: hypermusk.com
URL: http://hypermusk.com/submit.min.js?2.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
60bd986039660ab02bd032286721d3a6a2c543e212001103ae1ac9e7bd51998d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
hypermusk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
UID=2106190755e9a19d060ad4468ab4a276389c; Path=/; SameSite=None; Expires=Sun, 19 Jun 2022 12:55:48 GMT; HttpOnly; Secure OAZCCAP=ABeYZQAAAAAAAAAB; Path=/; SameSite=None; Expires=Mon, 19 Jul 2021 12:55:48 GMT; Secure OAZCBLOCK=ABeYZQAAAABgzelU; Path=/; SameSite=None; Expires=Mon, 19 Jul 2021 12:55:48 GMT; Secure OXCCLK=AAShXgAAAAAAAAAB; Path=/; SameSite=None; Expires=Sun, 20 Jun 2021 12:55:48 GMT; Secure OXPCLK=AABZUAAAAAAAAAAB; Path=/; SameSite=None; Expires=Sun, 20 Jun 2021 12:55:48 GMT; Secure ppucnt=1; Path=/; SameSite=None; Expires=Sun, 20 Jun 2021 12:55:48 GMT; Secure
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Primary Request /
1414.allow-to-continue.com/loader/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Requested by
Host: hypermusk.com
URL: https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_user_agent&ymid=878333&pb=696b79f8efabb093d5ab08ac3c268a071624114548&psp=ZSSGhwkmVSTM5rZS-y4I8oT5WeIMHvfqNXsoFI3rs8Xx8HHaNtFik9psd_1mWBxg0C6txvMWXZu2thPbDg9Kmblm-lcRx8lkgP_cWQhFuMc9sA5D47dEB6r5x1YYfzkZMOnv1CqbS3GSaxvhJmO2Z-Q2STqwXt1GoO2LTvXvt3mUtYqmkRjVEwAM8a7fZaq0m53UCVjBbxdSSz28PS3kaJe-eRxOGmKIfHAU2deKGwSREpmAgK_E6LSVGsv5wqDKlBDhQ3JawYtSavjiZfu2ilN8nJFls4Vqs8tYWV_dgYJd03gXRkMyDEt0hakAdQ54n_6FvmNeELa-6OroKToLiHX7x7F3BPpsGgLnUP539-KuamCTSw8NeKQsEF70Ose6lXWRryIq5Ow0FX_5T1tmquFKmKFSuOAFbVLM4uINuwE3q385qV54BNBtgtHaO0sfKV4pko2EMlVndQeJustVwmdGjRp21_FkQnp7SHIQA3nxUEenmgBhQwjTrbE41JF3XcNDgcuA6XT32uz2-idEzCOaf8aJKkhCUgamH-dLao5Yre8stEsiQo9zI1j311dENKZqVUM7LJPEsTv4zSUis6-puIwBtI1Y0LRlO82jsJNazgmh2Zj7uX3FFkBXuw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
8ec5a2f91bad79148f37afc5e1e9a2d8761829c7093ae66be18f3eea8c679542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
1414.allow-to-continue.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Type
text/html
Last-Modified
Mon, 28 Dec 2020 16:44:58 GMT
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
ETag
W/"5fea0b8a-243f"
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
script.js
11.allow-to-continue.com/loader/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://11.allow-to-continue.com/loader/js/script.js
Requested by
Host: 1414.allow-to-continue.com
URL: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=2106190755abd5bd5e0b8344d0abe7bfbf01&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
9755adb16cfe2475c837e800d263d92d5aaa45ac4c39911623dd1e64a485d2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1414.allow-to-continue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 12:55:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 17 Jun 2021 19:23:34 GMT
Server
nginx
ETag
W/"60cba136-1240"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
close

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| requestPermission string| url_string object| url string| source string| clickid string| proxy string| geo number| reloadCount string| BASE_SW_SCRIPT_SRC number| maxReloadCount number| zoneid string| trafficbackUrl string| src object| full_domain string| domain function| getReloadCount function| getRandomSubdomain function| changeSubdomain string| target_url function| back function| forward undefined| trafficbackUrlFinal undefined| _0x36b6 undefined| _0x445039 undefined| _0x250555 undefined| _0x214b61 undefined| _0x3d8c9c undefined| _0x156884 function| _0x13dd

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://11.allow-to-continue.com/loader/js/script.js(Line 18)
Message:
allow-to-continue.com