urlscan.io logo urlscan.io
SecurityTrails logo

1414.allow-to-continue.com Open in urlscan Pro
109.206.187.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dsp.wtf/d/19090512357dfe36d9e1b74be3b660461fed/145/zKcV41GLdgLi3pcB3ydb_SphyZWGkJreLvHsbkJhlH7QIoudCpuOI...
Effective URL: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zoneid=1601571&geo=de&p...
Submission Tags: falconsandbox
Submission: On May 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 109.206.187.4, located in Netherlands and belongs to SERVEREL-AS, NL. The main domain is 1414.allow-to-continue.com.
TLS certificate: Issued by R3 on May 8th 2021. Valid for: 3 months.
This is the only time 1414.allow-to-continue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 109.206.162.85 50245 (SERVEREL-AS)
3 109.206.162.86 50245 (SERVEREL-AS)
2 109.206.187.4 50245 (SERVEREL-AS)
5 2
Domain Requested by
3 hypermusk.com hypermusk.com
1 11.allow-to-continue.com 1414.allow-to-continue.com
1 1414.allow-to-continue.com hypermusk.com
1 dsp.wtf 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
hypermusk.com
R3		 2021-04-12 -
2021-07-11		 3 months crt.sh
*.allow-to-continue.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Frame ID: 1379066B89DEC0A1A14AEE667B4F5AD3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dsp.wtf/d/19090512357dfe36d9e1b74be3b660461fed/145/zKcV41GLdgLi3pcB3ydb_SphyZWGkJreL... HTTP 302
    http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712 Page URL
  2. https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_ip&ymid=697712&pb=147d0908adca4fece54d498c1c... Page URL
  3. https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zon... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

21 kB
Transfer

47 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dsp.wtf/d/19090512357dfe36d9e1b74be3b660461fed/145/zKcV41GLdgLi3pcB3ydb_SphyZWGkJreLvHsbkJhlH7QIoudCpuOIti3HMZXaoj_eeWoqKGbmedxx1hDY-HtgtUtlBC7hQeC88ZqM_dFPFAVRY0E2p4UuT6L7rVoQQVKVxzkB-2pIwd1z9_1mq2mrO1apFzutTrZtUwRa9DsJW127iUdlSnhtx0X4vR18ugps_n6kcuBH6zcZ0itecS8pneh0Yia9kAXxFo1gR5Ay-fcw69PpsDkYnOktj-_bU3FiiDzDZg_Yt3QJ4XLqv7xUIy1xEbUf29sspTyy8h4cFOegRxZOlp7UxM7h1MVEz81zj5nqhnolqKYy1cPrsaSytYqAg2VAkNyzW-0W_sST-SLIRAAobR2alB_tvKOiCaakGLxGtBPdwZAM4tjSDrHzLfcpFlYnPGIRhkSncjk6SAePgU6dysFVRkAlQSxBRzv0USk9TsaSDV07cKlCEOLuTIRYkLelsx2u_uiHrxJPoJ5Oc-Qnn2_tlksppKRuM8C0clOPTlWNfuFuj3XXtAeqSAkAOsA1GL3gpWYUy0YTxmbkTvRQaFy9sS-8E5zxX1eqJ1UUfzkwmZL0_3DnLFbEtLgFol93g== HTTP 302
    http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712 Page URL
  2. https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_ip&ymid=697712&pb=147d0908adca4fece54d498c1cf3ec8c1622511676&psp=Dnw2iSM_kmW0ZOK5xGxM5862MITExJrjjOvpPOLu8U-63iW33CdpL77EDZf4rctA00FYjiZLI1REqvr20xotLxEsl7-S9DfrG8SWl8HqKx5_oRNhQKT-VotLsbsI2KFBO6by4ol_Q_elc4UKR6kAIkrJGRrsSY54DcATLSOrpim9NIp1UeLLDWP7-f_C_nXJ0io-CF5cGqFU2nMCSEpRoeOdXpBvb8kcTUkvJz9kG6WfpHl6JM_Dlrlkg1aSbgeCiw0fvEmvN0cOGr8KL31u7h4B1_gl85cUM-5AA2CKMM9M4kYdVqqb858KOulPRQDihYfLTynUMs7tXZ21z1zp2ydQzud-jN8Dc3p93kpsWaFAlls7Mo2KpkGivN7cNLo4Uoyhg7Qj8hIrvI-AeT0xIEdlgU28T4LxFjcbPCIlwxAREW0gi8uoa8IcF4VdtYjXWUvpiOxrVma7sb55vemCDbiYtH-0A6VU1AeEtlUIda8Il5aSbb7Pvb8nKghPSmKDbC7xKWkSnPtC3jrNV1z0tDGOUm9tB7vAr8rv4t9vSz3WbEmd6GxmPi9Ru4MJS2A3d_6qmCLmSVz-XYYbouq__dYEQ6Q1Od4rjSNugaX4KCw_MD95CndUYORosOpA8A==&nojs=0&ix=0&t=1&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2 Page URL
  3. https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dsp.wtf/d/19090512357dfe36d9e1b74be3b660461fed/145/zKcV41GLdgLi3pcB3ydb_SphyZWGkJreLvHsbkJhlH7QIoudCpuOIti3HMZXaoj_eeWoqKGbmedxx1hDY-HtgtUtlBC7hQeC88ZqM_dFPFAVRY0E2p4UuT6L7rVoQQVKVxzkB-2pIwd1z9_1mq2mrO1apFzutTrZtUwRa9DsJW127iUdlSnhtx0X4vR18ugps_n6kcuBH6zcZ0itecS8pneh0Yia9kAXxFo1gR5Ay-fcw69PpsDkYnOktj-_bU3FiiDzDZg_Yt3QJ4XLqv7xUIy1xEbUf29sspTyy8h4cFOegRxZOlp7UxM7h1MVEz81zj5nqhnolqKYy1cPrsaSytYqAg2VAkNyzW-0W_sST-SLIRAAobR2alB_tvKOiCaakGLxGtBPdwZAM4tjSDrHzLfcpFlYnPGIRhkSncjk6SAePgU6dysFVRkAlQSxBRzv0USk9TsaSDV07cKlCEOLuTIRYkLelsx2u_uiHrxJPoJ5Oc-Qnn2_tlksppKRuM8C0clOPTlWNfuFuj3XXtAeqSAkAOsA1GL3gpWYUy0YTxmbkTvRQaFy9sS-8E5zxX1eqJ1UUfzkwmZL0_3DnLFbEtLgFol93g== HTTP 302
  • http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
hypermusk.com/1546341/
Redirect Chain
  • http://dsp.wtf/d/19090512357dfe36d9e1b74be3b660461fed/145/zKcV41GLdgLi3pcB3ydb_SphyZWGkJreLvHsbkJhlH7QIoudCpuOIti3HMZXaoj_eeWoqKGbmedxx1hDY-HtgtUtlBC7hQeC88ZqM_dFPFAVRY0E2p4UuT6L7rVoQQVKVxzkB-2pIwd...
  • http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712
Protocol
HTTP/1.1
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
ecd6a9bdadc39969c6cc08c5a189f68f784022516a3c1e169619f2fbc6c0120a

Request headers

Host
hypermusk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 31 May 2021 23:41:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
UID=21053118410c168f0a20fd476bb0e83d1df4; Path=/; SameSite=None; Expires=Tue, 31 May 2022 23:41:16 GMT; HttpOnly; Secure
Content-Encoding
gzip
Timing-Allow-Origin
*

Redirect headers

Server
nginx
Date
Mon, 31 May 2021 23:41:16 GMT
Content-Type
text/html; charset=utf-8
Content-Length
81
Connection
keep-alive
Location
http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712
Timing-Allow-Origin
*
submit.min.js
hypermusk.com/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hypermusk.com/submit.min.js?2.0
Requested by
Host: hypermusk.com
URL: http://hypermusk.com/1546341/?var=wrong_ip&ymid=697712
Protocol
HTTP/1.1
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
fe8dce72c86cc305a3312d4d7701ec8101241a0a1d3fcfdae3948b84643f9600

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hypermusk.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 23:41:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 09:53:15 GMT
Server
nginx
ETag
W/"60b0bd8b-7ddc"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Timing-Allow-Origin
*
Cookie set /
hypermusk.com/ 		896 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_ip&ymid=697712&pb=147d0908adca4fece54d498c1cf3ec8c1622511676&psp=Dnw2iSM_kmW0ZOK5xGxM5862MITExJrjjOvpPOLu8U-63iW33CdpL77EDZf4rctA00FYjiZLI1REqvr20xotLxEsl7-S9DfrG8SWl8HqKx5_oRNhQKT-VotLsbsI2KFBO6by4ol_Q_elc4UKR6kAIkrJGRrsSY54DcATLSOrpim9NIp1UeLLDWP7-f_C_nXJ0io-CF5cGqFU2nMCSEpRoeOdXpBvb8kcTUkvJz9kG6WfpHl6JM_Dlrlkg1aSbgeCiw0fvEmvN0cOGr8KL31u7h4B1_gl85cUM-5AA2CKMM9M4kYdVqqb858KOulPRQDihYfLTynUMs7tXZ21z1zp2ydQzud-jN8Dc3p93kpsWaFAlls7Mo2KpkGivN7cNLo4Uoyhg7Qj8hIrvI-AeT0xIEdlgU28T4LxFjcbPCIlwxAREW0gi8uoa8IcF4VdtYjXWUvpiOxrVma7sb55vemCDbiYtH-0A6VU1AeEtlUIda8Il5aSbb7Pvb8nKghPSmKDbC7xKWkSnPtC3jrNV1z0tDGOUm9tB7vAr8rv4t9vSz3WbEmd6GxmPi9Ru4MJS2A3d_6qmCLmSVz-XYYbouq__dYEQ6Q1Od4rjSNugaX4KCw_MD95CndUYORosOpA8A==&nojs=0&ix=0&t=1&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2
Requested by
Host: hypermusk.com
URL: http://hypermusk.com/submit.min.js?2.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.206.162.86 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
86.162.serverel.net
Software
nginx /
Resource Hash
7c5bc58f667cb732dd5d321d3f58f319dd217b159bc3985af4bd0b0bf6851544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
hypermusk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 31 May 2021 23:41:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
UID=2105311841ed0b555909b34702b8e038465a; Path=/; SameSite=None; Expires=Tue, 31 May 2022 23:41:16 GMT; HttpOnly; Secure OAZCCAP=ABeYZQAAAAAAAAAB; Path=/; SameSite=None; Expires=Wed, 30 Jun 2021 23:41:16 GMT; Secure OAZCBLOCK=ABeYZQAAAABgtXQc; Path=/; SameSite=None; Expires=Wed, 30 Jun 2021 23:41:16 GMT; Secure OXCCLK=AAShXgAAAAAAAAAB; Path=/; SameSite=None; Expires=Tue, 01 Jun 2021 23:41:16 GMT; Secure OXPCLK=AABZUAAAAAAAAAAB; Path=/; SameSite=None; Expires=Tue, 01 Jun 2021 23:41:16 GMT; Secure ppucnt=1; Path=/; SameSite=None; Expires=Tue, 01 Jun 2021 23:41:16 GMT; Secure
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Primary Request /
1414.allow-to-continue.com/loader/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Requested by
Host: hypermusk.com
URL: https://hypermusk.com/?r=dir&zoneid=1546341&var=wrong_ip&ymid=697712&pb=147d0908adca4fece54d498c1cf3ec8c1622511676&psp=Dnw2iSM_kmW0ZOK5xGxM5862MITExJrjjOvpPOLu8U-63iW33CdpL77EDZf4rctA00FYjiZLI1REqvr20xotLxEsl7-S9DfrG8SWl8HqKx5_oRNhQKT-VotLsbsI2KFBO6by4ol_Q_elc4UKR6kAIkrJGRrsSY54DcATLSOrpim9NIp1UeLLDWP7-f_C_nXJ0io-CF5cGqFU2nMCSEpRoeOdXpBvb8kcTUkvJz9kG6WfpHl6JM_Dlrlkg1aSbgeCiw0fvEmvN0cOGr8KL31u7h4B1_gl85cUM-5AA2CKMM9M4kYdVqqb858KOulPRQDihYfLTynUMs7tXZ21z1zp2ydQzud-jN8Dc3p93kpsWaFAlls7Mo2KpkGivN7cNLo4Uoyhg7Qj8hIrvI-AeT0xIEdlgU28T4LxFjcbPCIlwxAREW0gi8uoa8IcF4VdtYjXWUvpiOxrVma7sb55vemCDbiYtH-0A6VU1AeEtlUIda8Il5aSbb7Pvb8nKghPSmKDbC7xKWkSnPtC3jrNV1z0tDGOUm9tB7vAr8rv4t9vSz3WbEmd6GxmPi9Ru4MJS2A3d_6qmCLmSVz-XYYbouq__dYEQ6Q1Od4rjSNugaX4KCw_MD95CndUYORosOpA8A==&nojs=0&ix=0&t=1&x=1600&y=1200&wcks=1&wgl=0&cnvs=1&os=-120&md=0&lang=en-US&2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
8ec5a2f91bad79148f37afc5e1e9a2d8761829c7093ae66be18f3eea8c679542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
1414.allow-to-continue.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 31 May 2021 23:41:16 GMT
Content-Type
text/html
Last-Modified
Mon, 28 Dec 2020 16:44:58 GMT
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
ETag
W/"5fea0b8a-243f"
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
script.js
11.allow-to-continue.com/loader/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://11.allow-to-continue.com/loader/js/script.js
Requested by
Host: 1414.allow-to-continue.com
URL: https://1414.allow-to-continue.com/loader/?var=1546341&ymid=21053118411a347ba5942448709c3d4fab5a&rc=0&mrc=2&zoneid=1601571&geo=de&proxy=true&tburl=https://play-vids.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.187.4 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.187.4.serverel.net
Software
nginx /
Resource Hash
371f0879c06786843580c8f1fda8e55849c4cd24a470ccbd2e144c56a1e3f9d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1414.allow-to-continue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 23:41:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 03 Apr 2021 16:04:37 GMT
Server
nginx
ETag
W/"60689215-10ac"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
close

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| requestPermission string| url_string object| url string| source string| clickid string| proxy string| geo number| reloadCount string| BASE_SW_SCRIPT_SRC number| maxReloadCount number| zoneid string| trafficbackUrl string| src object| full_domain string| domain function| getReloadCount function| getRandomSubdomain function| changeSubdomain string| target_url function| back function| forward undefined| trafficbackUrlFinal undefined| _0xc81c undefined| _0x4817 undefined| _0x2e4d50 undefined| q

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://11.allow-to-continue.com/loader/js/script.js(Line 18)
Message:
allow-to-continue.com