urlscan.io logo urlscan.io
SecurityTrails logo

1414.allow-to-continue.com Open in urlscan Pro
109.206.187.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://offer.securedateonline83.com//rm?u=1-59-654685
Effective URL: https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=ht...
Submission: On February 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 9 domains to perform 10 HTTP transactions. The main IP is 109.206.187.4, located in Netherlands and belongs to SERVEREL-AS, NL. The main domain is 1414.allow-to-continue.com.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.
This is the only time 1414.allow-to-continue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.222.14.200 16276 (OVH)
1 1 3.1.106.60 16509 (AMAZON-02)
1 4 18.185.3.153 16509 (AMAZON-02)
1 1 104.26.10.73 13335 (CLOUDFLAR...)
1 1 172.67.183.58 13335 (CLOUDFLAR...)
1 172.64.195.5 13335 (CLOUDFLAR...)
1 2 31.220.17.60 47583 (AS-HOSTINGER)
3 109.206.162.83 50245 (SERVEREL-AS)
2 109.206.187.4 50245 (SERVEREL-AS)
10 5
1    51.222.14.200 (France)

ASN16276 (OVH, FR)
PTR: vps-899d6f33.vps.ovh.ca
offer.securedateonline83.com
1    3.1.106.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-106-60.ap-southeast-1.compute.amazonaws.com
cpalover.go2oh.net
4    18.185.3.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
bxaw.2track.info
1    104.26.10.73 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.gold
1    172.67.183.58 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.armorads.com
1    172.64.195.5 (United States)

ASN13335 (CLOUDFLARENET, US)
bercioles.com
2    31.220.17.60 (United States)

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl65.hosting24.com
snowkois.onceti.com
ec.onceti.com
3    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
bukash2jf8jfpw09.com
2    109.206.187.4 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.187.4.serverel.net
1414.allow-to-continue.com
11.allow-to-continue.com
Domain Requested by
4 bxaw.2track.info 1 redirects bxaw.2track.info
3 bukash2jf8jfpw09.com ec.onceti.com
bukash2jf8jfpw09.com
1 11.allow-to-continue.com 1414.allow-to-continue.com
1 1414.allow-to-continue.com bukash2jf8jfpw09.com
1 ec.onceti.com bercioles.com
1 snowkois.onceti.com 1 redirects
1 bercioles.com bxaw.2track.info
1 tracking.armorads.com 1 redirects
1 ads.gold 1 redirects
1 cpalover.go2oh.net 1 redirects
1 offer.securedateonline83.com 1 redirects
10 11

This site contains no links.

Subject Issuer Validity Valid
*.2track.info
Sectigo RSA Domain Validation Secure Server CA		 2020-02-20 -
2021-02-19		 a year crt.sh
bukash2jf8jfpw09.com
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
*.allow-to-continue.com
R3		 2021-01-08 -
2021-04-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=https://streamyourvid.com/NPR/new/
Frame ID: 1BB58275364A3EC693C95721C44D872D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://offer.securedateonline83.com//rm?u=1-59-654685 HTTP 302
    https://cpalover.go2oh.net/click?aff_id=1&offer_id=6 HTTP 302
    http://bxaw.2track.info/ HTTP 308
    https://bxaw.2track.info/ Page URL
  2. https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=00016c3b6913-f382-447b-90fa-... HTTP 302
    http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6... HTTP 302
    http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601... Page URL
  3. http://snowkois.onceti.com/ HTTP 301
    http://ec.onceti.com/index.php?page=itemsnwkos34&id=918 Page URL
  4. https://bukash2jf8jfpw09.com/PVZ/PVZ.php?c=1602047 Page URL
  5. https://bukash2jf8jfpw09.com/?r=dir&zoneid=1602047&pb=5c621401e558040abd2f9915dcccfe011612430631&psp=tU03... Page URL
  6. https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zon... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

5
IPs

5
Countries

41 kB
Transfer

94 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offer.securedateonline83.com//rm?u=1-59-654685 HTTP 302
    https://cpalover.go2oh.net/click?aff_id=1&offer_id=6 HTTP 302
    http://bxaw.2track.info/ HTTP 308
    https://bxaw.2track.info/ Page URL
  2. https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=00016c3b6913-f382-447b-90fa-222010fbd6d6&pubid=47331 HTTP 302
    http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f HTTP 302
    http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd Page URL
  3. http://snowkois.onceti.com/ HTTP 301
    http://ec.onceti.com/index.php?page=itemsnwkos34&id=918 Page URL
  4. https://bukash2jf8jfpw09.com/PVZ/PVZ.php?c=1602047 Page URL
  5. https://bukash2jf8jfpw09.com/?r=dir&zoneid=1602047&pb=5c621401e558040abd2f9915dcccfe011612430631&psp=tU03iJtaXtr7YZ7QqH6sSBT3mbvC6NK_INMCmxN1wtr6D8C99BwxVr-bQDHCfOqAM1aOod4-aHM4jAnYV_zb5YpPS2I82Smcik8h6RPFCQPidiPQ2UtQoccAHDaV1HKfR-vLZNqK3tRUPzwGtjmwJbY4jVQRHO8oBPgvl6HzeLBnEKXGBvdoJ4rEO36BN5RvHK4LGY4wknBl6xPUz-6E_qBVfcf0Cd0SVbGxqgFIlxeDXBCwGlIvYo5PB5mB8sSHorB6MoIE8PUBs-0pzwbreDfuGoIAKnMDnGJ7jYuAV5xZzXua27s5QGHd3u7VcWhE4IDYeKKeVbaObH6vaoDtKhxS-MjfmSL3vJEGyVnS5C3CXfM1YbQsL6GHaFrIAeD5Kf96-yMJKKSLYBSNtRpHLM-idV88pG_pAFrWtETWpba17MLGxIPCLTlgt9WcEu5ECB8az4jBzrzNY-p10IEVH2x21xlski6Ka59JL6rQW0pyZZuhjS-pPvUNNPZXKcpOiuSDboppgRWbK5AgWYIXhYNf9zCcY1x19kEPg7UVBbOUt03_WIgrehf7CukhYpj2bT85WchIGxS39sIQYQyEYwjGrkv3&nojs=0&ix=0&t=1&x=1600&y=1200&0 Page URL
  6. https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=https://streamyourvid.com/NPR/new/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://offer.securedateonline83.com//rm?u=1-59-654685 HTTP 302
  • https://cpalover.go2oh.net/click?aff_id=1&offer_id=6 HTTP 302
  • http://bxaw.2track.info/ HTTP 308
  • https://bxaw.2track.info/
Request Chain 3
  • https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=00016c3b6913-f382-447b-90fa-222010fbd6d6&pubid=47331 HTTP 302
  • http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f HTTP 302
  • http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd
Request Chain 4
  • http://snowkois.onceti.com/ HTTP 301
  • http://ec.onceti.com/index.php?page=itemsnwkos34&id=918

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bxaw.2track.info/
Redirect Chain
  • http://offer.securedateonline83.com//rm?u=1-59-654685
  • https://cpalover.go2oh.net/click?aff_id=1&offer_id=6
  • http://bxaw.2track.info/
  • https://bxaw.2track.info/
622 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bxaw.2track.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
82ac931fe138415fbc7027e5277e432267fc484a8d8639766d685605b0b3c4f4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bxaw.2track.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.15.6
date
Thu, 04 Feb 2021 07:23:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
63899e6419f2bd16d47594b16290b19a
x-xss-protection
1; mode=block
set-cookie
client_uid=a11424b6-3c0d-408f-ad05-a14442cbf217; path=/; HttpOnly sub_id=107038; path=/; HttpOnly visit=00016c3b6913-f382-447b-90fa-222010fbd6d6; path=/; HttpOnly
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx/1.15.6
Date
Thu, 04 Feb 2021 07:23:48 GMT
Content-Type
text/html
Content-Length
171
Connection
keep-alive
Location
https://bxaw.2track.info/
app-82678cda9863caa8591333ab2acb279b.js
bxaw.2track.info/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bxaw.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Requested by
Host: bxaw.2track.info
URL: https://bxaw.2track.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
5bccdc112e476c480b826163183d81410a4c6a85ef05a90376618c2054c1ed59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bxaw.2track.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:23:48 GMT
cache-control
public, max-age=31536000
vary
Accept-Encoding
server
nginx/1.15.6
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
data
bxaw.2track.info/post/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bxaw.2track.info/post/data
Requested by
Host: bxaw.2track.info
URL: https://bxaw.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.185.3.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-3-153.eu-central-1.compute.amazonaws.com
Software
nginx/1.15.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bxaw.2track.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 Feb 2021 07:23:49 GMT
x-content-type-options
nosniff
server
nginx/1.15.6
cross-origin-window-policy
deny
x-download-options
noopen
strict-transport-security
max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
content-length
0
x-xss-protection
1; mode=block
x-request-id
e34eb43ac612e5168da37f0cc249303c
Cookie set redirect
bercioles.com/
Redirect Chain
  • https://ads.gold/c/e54c3e1b-9482-11e6-93c9-0279a6a6ea5f?click_id=00016c3b6913-f382-447b-90fa-222010fbd6d6&pubid=47331
  • http://tracking.armorads.com/sl?id=5fae8910127bd6bcbd272052&pid=122&sub8=e54c3e1b-9482-11e6-93c9-0279a6a6ea5f
  • http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd
Requested by
Host: bxaw.2track.info
URL: https://bxaw.2track.info/js/app-82678cda9863caa8591333ab2acb279b.js?vsn=d
Protocol
HTTP/1.1
Server
172.64.195.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
bercioles.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bxaw.2track.info/

Response headers

Date
Thu, 04 Feb 2021 07:23:49 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4d6555af064eb334812dfef7b987318e1612423429; expires=Sat, 06-Mar-21 07:23:49 GMT; path=/; domain=.bercioles.com; HttpOnly; SameSite=Lax
referrer-policy
origin
vary
accept-encoding
CF-Cache-Status
DYNAMIC
cf-request-id
080d86165400004a747734b000000001
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F3OEdj2TUxAKES1AMEmmnzVcZ7qcKuiAM5fECpxUUZM9v6TA%2B1M%2F1C5%2BCvZR4txzDwM2UsfnVPWAW8cvNKWRcy6DrP3bd12kmwHUvf1l"}]}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
61c2a603bd154a74-FRA
Content-Encoding
gzip

Redirect headers

Date
Thu, 04 Feb 2021 07:23:49 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbf370e485455a6de4f6877bae95fc02a1612423429; expires=Sat, 06-Mar-21 07:23:49 GMT; path=/; domain=.armorads.com; HttpOnly; SameSite=Lax afclick=601ba10576bb380001ede0bd; Expires=Fri, 04 Feb 2022 07:23:49 GMT; Secure; SameSite=None
Location
http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd
Referer
Referrer-Policy
no-referrer
CF-Cache-Status
DYNAMIC
cf-request-id
080d8616030000722d2b04e000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rG%2F%2F9IhfqzWfGQugcOanqtXSg4VvUTy5l3dJtCXLfQS7gGT%2F35J46AYjHNseNBPZwHAem1lNSHY3KrsCF9s%2BiMo%2BfR4zEgTswhgKFzkIzpY%2FqGdymNc%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
61c2a6033d82722d-AMS
Cookie set index.php
ec.onceti.com/
Redirect Chain
  • http://snowkois.onceti.com/
  • http://ec.onceti.com/index.php?page=itemsnwkos34&id=918
389 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ec.onceti.com/index.php?page=itemsnwkos34&id=918
Requested by
Host: bercioles.com
URL: http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd
Protocol
HTTP/1.1
Server
31.220.17.60 , United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl65.hosting24.com
Software
LiteSpeed / PHP/5.4.45
Resource Hash
3c0e0a1f52aea3cac1e830521dcab655a6fd1a5f824b79d1698fee084531ffe6

Request headers

Host
ec.onceti.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://bercioles.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bercioles.com/redirect?id=83&auth=0a904cf320bc62f394bb75243cc32c4fca089cc6&sid=122&clk=601ba10576bb380001ede0bd

Response headers

Connection
Keep-Alive
X-Powered-By
PHP/5.4.45
Set-Cookie
osclass=6vl0qja6acjet7c63jv8g4ljd5; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html
Content-Length
312
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Thu, 04 Feb 2021 07:23:50 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
705
Date
Thu, 04 Feb 2021 07:23:49 GMT
Server
LiteSpeed
Location
http://ec.onceti.com/index.php?page=itemsnwkos34&id=918
Cookie set PVZ.php
bukash2jf8jfpw09.com/PVZ/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bukash2jf8jfpw09.com/PVZ/PVZ.php?c=1602047
Requested by
Host: ec.onceti.com
URL: http://ec.onceti.com/index.php?page=itemsnwkos34&id=918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7d6a273668d644e9533735bb9925f3183bc378da4699cdfc5ed41037c81aa14d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
bukash2jf8jfpw09.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://ec.onceti.com/index.php?page=itemsnwkos34&id=918
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ec.onceti.com/index.php?page=itemsnwkos34&id=918

Response headers

Server
nginx
Date
Thu, 04 Feb 2021 07:23:51 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
UID=2102040223e6a8913be87f4218ab56903b12; Path=/; SameSite=None; Expires=Fri, 04 Feb 2022 07:23:51 GMT; HttpOnly; Secure
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
submit.min.js
bukash2jf8jfpw09.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bukash2jf8jfpw09.com/submit.min.js?2.0
Requested by
Host: bukash2jf8jfpw09.com
URL: https://bukash2jf8jfpw09.com/PVZ/PVZ.php?c=1602047
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7351e476afde8fddb10eb41e77181dee75661af6555b0a1c56a388f96f267b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 07:23:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Jul 2020 14:18:00 GMT
Server
nginx
ETag
W/"5f218518-73a7"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Cookie set /
bukash2jf8jfpw09.com/ 		890 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bukash2jf8jfpw09.com/?r=dir&zoneid=1602047&pb=5c621401e558040abd2f9915dcccfe011612430631&psp=tU03iJtaXtr7YZ7QqH6sSBT3mbvC6NK_INMCmxN1wtr6D8C99BwxVr-bQDHCfOqAM1aOod4-aHM4jAnYV_zb5YpPS2I82Smcik8h6RPFCQPidiPQ2UtQoccAHDaV1HKfR-vLZNqK3tRUPzwGtjmwJbY4jVQRHO8oBPgvl6HzeLBnEKXGBvdoJ4rEO36BN5RvHK4LGY4wknBl6xPUz-6E_qBVfcf0Cd0SVbGxqgFIlxeDXBCwGlIvYo5PB5mB8sSHorB6MoIE8PUBs-0pzwbreDfuGoIAKnMDnGJ7jYuAV5xZzXua27s5QGHd3u7VcWhE4IDYeKKeVbaObH6vaoDtKhxS-MjfmSL3vJEGyVnS5C3CXfM1YbQsL6GHaFrIAeD5Kf96-yMJKKSLYBSNtRpHLM-idV88pG_pAFrWtETWpba17MLGxIPCLTlgt9WcEu5ECB8az4jBzrzNY-p10IEVH2x21xlski6Ka59JL6rQW0pyZZuhjS-pPvUNNPZXKcpOiuSDboppgRWbK5AgWYIXhYNf9zCcY1x19kEPg7UVBbOUt03_WIgrehf7CukhYpj2bT85WchIGxS39sIQYQyEYwjGrkv3&nojs=0&ix=0&t=1&x=1600&y=1200&0
Requested by
Host: bukash2jf8jfpw09.com
URL: https://bukash2jf8jfpw09.com/submit.min.js?2.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9606d414895c58c18370b1fbca89e58a8b977cdb0716f3c12acdb27e26195ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
bukash2jf8jfpw09.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
UID=2102040223e6a8913be87f4218ab56903b12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 04 Feb 2021 07:23:51 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
OXCCLK=ABIeRQAAAAAAAAAB; Path=/; SameSite=None; Expires=Fri, 05 Feb 2021 07:23:51 GMT; Secure OXPCLK=AABvoAAAAAAAAAAB; Path=/; SameSite=None; Expires=Fri, 05 Feb 2021 07:23:51 GMT; Secure ppucnt=1; Path=/; SameSite=None; Expires=Fri, 05 Feb 2021 07:23:51 GMT; Secure
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Primary Request /
1414.allow-to-continue.com/loader/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=https://streamyourvid.com/NPR/new/
Requested by
Host: bukash2jf8jfpw09.com
URL: https://bukash2jf8jfpw09.com/?r=dir&zoneid=1602047&pb=5c621401e558040abd2f9915dcccfe011612430631&psp=tU03iJtaXtr7YZ7QqH6sSBT3mbvC6NK_INMCmxN1wtr6D8C99BwxVr-bQDHCfOqAM1aOod4-aHM4jAnYV_zb5YpPS2I82Smcik8h6RPFCQPidiPQ2UtQoccAHDaV1HKfR-vLZNqK3tRUPzwGtjmwJbY4jVQRHO8oBPgvl6HzeLBnEKXGBvdoJ4rEO36BN5RvHK4LGY4wknBl6xPUz-6E_qBVfcf0Cd0SVbGxqgFIlxeDXBCwGlIvYo5PB5mB8sSHorB6MoIE8PUBs-0pzwbreDfuGoIAKnMDnGJ7jYuAV5xZzXua27s5QGHd3u7VcWhE4IDYeKKeVbaObH6vaoDtKhxS-MjfmSL3vJEGyVnS5C3CXfM1YbQsL6GHaFrIAeD5Kf96-yMJKKSLYBSNtRpHLM-idV88pG_pAFrWtETWpba17MLGxIPCLTlgt9WcEu5ECB8az4jBzrzNY-p10IEVH2x21xlski6Ka59JL6rQW0pyZZuhjS-pPvUNNPZXKcpOiuSDboppgRWbK5AgWYIXhYNf9zCcY1x19kEPg7UVBbOUt03_WIgrehf7CukhYpj2bT85WchIGxS39sIQYQyEYwjGrkv3&nojs=0&ix=0&t=1&x=1600&y=1200&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
8ec5a2f91bad79148f37afc5e1e9a2d8761829c7093ae66be18f3eea8c679542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
1414.allow-to-continue.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 04 Feb 2021 07:23:51 GMT
Content-Type
text/html
Last-Modified
Mon, 28 Dec 2020 16:44:58 GMT
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
ETag
W/"5fea0b8a-243f"
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
script.js
11.allow-to-continue.com/loader/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://11.allow-to-continue.com/loader/js/script.js
Requested by
Host: 1414.allow-to-continue.com
URL: https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=https://streamyourvid.com/NPR/new/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
51797883ca06e91d07245256145a63a0e335e82ab84d7508d87d28eac2ada2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1414.allow-to-continue.com/loader/?var=1602047&ymid=2102040223545c55479b7e41d083ffdfffae&rc=0&mrc=2&zoneid=1601571&tburl=https://streamyourvid.com/NPR/new/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 07:23:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 28 Dec 2020 16:44:59 GMT
Server
nginx
ETag
W/"5fea0b8b-9e0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
close

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| requestPermission string| url_string object| url string| source string| clickid number| reloadCount string| BASE_SW_SCRIPT_SRC number| maxReloadCount number| zoneid string| trafficbackUrl string| src object| full_domain string| domain function| getReloadCount function| getRandomSubdomain function| changeSubdomain string| target_url function| back function| forward undefined| trafficbackUrlFinal

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://11.allow-to-continue.com/loader/js/script.js(Line 16)
Message:
allow-to-continue.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block