urlscan.io logo urlscan.io
SecurityTrails logo

press-continue.4k7kca7aj0s4.top Open in urlscan Pro
185.246.188.125  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yapabbreviate.com/fi3z10te8?key=bd55be0c11073ab84b4de8d554212a02
Effective URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Submission: On December 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.246.188.125, located in Netherlands and belongs to FlokiNET FlokiNET ehf, IS. The main domain is press-continue.4k7kca7aj0s4.top.
TLS certificate: Issued by R11 on November 24th 2024. Valid for: 3 months.
This is the only time press-continue.4k7kca7aj0s4.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 3 192.243.59.13 39572 (ADVANCEDH...)
1 10 185.246.188.125 200651 (FlokiNET ...)
5 194.63.143.61 50113 (SuperServ...)
1 142.251.179.95 15169 (GOOGLE)
18 5
Apex Domain
Subdomains		 Transfer
10 4k7kca7aj0s4.top
press-continue.4k7kca7aj0s4.top
956 KB
5 loadingscripts.com
loadingscripts.com — Cisco Umbrella Rank: 106163
110 KB
3 yapabbreviate.com
yapabbreviate.com
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
0 proftrafficcounter.com Failed
proftrafficcounter.com Failed
18 5
Domain Requested by
10 press-continue.4k7kca7aj0s4.top 1 redirects press-continue.4k7kca7aj0s4.top
5 loadingscripts.com press-continue.4k7kca7aj0s4.top
3 yapabbreviate.com 1 redirects
1 fonts.googleapis.com loadingscripts.com
0 proftrafficcounter.com Failed yapabbreviate.com
18 5

This site contains no links.

Subject Issuer Validity Valid
yapabbreviate.com
R10		 2024-10-20 -
2025-01-18		 3 months crt.sh
4k7kca7aj0s4.top
R11		 2024-11-24 -
2025-02-22		 3 months crt.sh
loadingscripts.com
R11		 2024-10-21 -
2025-01-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Frame ID: 44AD4BB46779A6F6AE392549142AE6CF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention

Page URL History Show full URLs

  1. https://yapabbreviate.com/fi3z10te8?key=bd55be0c11073ab84b4de8d554212a02 Page URL
  2. https://yapabbreviate.com/api/users?pii=&in=false&uuid=&token=L2ZpM3oxMHRlOD9rZXk9YmQ1NWJlMGMxMTA3M2Fi... HTTP 302
    https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1 HTTP 301
    https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1071 kB
Transfer

1160 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yapabbreviate.com/fi3z10te8?key=bd55be0c11073ab84b4de8d554212a02 Page URL
  2. https://yapabbreviate.com/api/users?pii=&in=false&uuid=&token=L2ZpM3oxMHRlOD9rZXk9YmQ1NWJlMGMxMTA3M2FiODRiNGRlOGQ1NTQyMTJhMDImcHN0PTE3MzM4NDE3NTMmcm10Yz10JnNodT04OWQxOTI1MDcxZGJmOWY3MzI0ZTljNzNiMzUzOTRlMzczNDA2ZmMxNDU2ODI3ZmNhZDYyY2Q3NWVkZTJiM2NjOGRlMDdkYjJmNTUyODJhM2VmMGM4NjRmYzJiYjg1NjBhMzExMTk2ODgwMWMzMjcwYTkzNGI2NWExMDM1MjEwN2Y4NGYwYWI1YWM3MWIzMDA1NjUwNTE5MWI1YmUxMjhmY2M5NjZkYmE1ODI3NzJiZTRhMzc0OQ HTTP 302
    https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1 HTTP 301
    https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
fi3z10te8
yapabbreviate.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yapabbreviate.com/fi3z10te8?key=bd55be0c11073ab84b4de8d554212a02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
f29c96f30bc0ae85eef5004b76c39a9ac5902915147a8801f254f39e31ca1770
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache max-age=0, private, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 10 Dec 2024 14:41:33 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Host
yapabbreviate.com
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
X-Request-ID
3f7accea9790e4b86759768dbd1f2399
stats
proftrafficcounter.com/ 		0
0
favicon.ico
yapabbreviate.com/ 		0
382 B 		Other
General
Check archive.org
Download Go to
Full URL
https://yapabbreviate.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://yapabbreviate.com/api/users?token=L2ZpM3oxMHRlOD9rZXk9YTk2OWNhNWM5YWQyNjExNzYyZjExYjc5YTUyNmUyZDImc3VibWV0cmljPTI0NTYyNjk2

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
919737934688d39e44fc5139acd54f33
Cache-Control
no-cache, max-age=0, private, no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Content-Length
0
Date
Tue, 10 Dec 2024 14:41:33 GMT
Content-Type
image/x-icon
Server
nginx/1.19.5
Primary Request /
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Redirect Chain
  • https://yapabbreviate.com/api/users?pii=&in=false&uuid=&token=L2ZpM3oxMHRlOD9rZXk9YmQ1NWJlMGMxMTA3M2FiODRiNGRlOGQ1NTQyMTJhMDImcHN0PTE3MzM4NDE3NTMmcm10Yz10JnNodT04OWQxOTI1MDcxZGJmOWY3MzI0ZTljNzNiMzU...
  • https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1
  • https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
6e0ba1505692b64b38399a6f247f7b50c44c5f8ed925741ea1e196c49874a00b

Request headers

Referer
https://yapabbreviate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 10 Dec 2024 14:41:34 GMT
ETag
W/"6694ed94-5b25"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Keep-Alive
timeout=10
Last-Modified
Mon, 15 Jul 2024 09:36:20 GMT
Server
nginx/1.23.4
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Tue, 10 Dec 2024 14:41:34 GMT
Keep-Alive
timeout=10
Location
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Server
nginx/1.23.4
animate.css
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		78 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/animate.css
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6694ed97-1361f"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin
*
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:34 GMT
Content-Type
text/css
Last-Modified
Mon, 15 Jul 2024 09:36:23 GMT
Server
nginx/1.23.4
style.css
loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.63.143.61 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
8c8549291722875346b6e050a092cdda6088d579aba282a66304299616c55871

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"646f577b-fe7"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin
*
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
text/css
Last-Modified
Thu, 25 May 2023 12:41:31 GMT
Server
nginx/1.15.10
pwa_custom.js
loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.63.143.61 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
b1d3e86c81061bd76770790bf5e2f0ffa7b45f2c4e3fc3400a7142bf9b3a53fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

Cache-Control
max-age=315360000
ETag
"646f58fa-709"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1801
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
application/javascript
Last-Modified
Thu, 25 May 2023 12:47:54 GMT
Server
nginx/1.15.10
notification.js
loadingscripts.com/progress_p/pwa_links/default_scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.63.143.61 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

Cache-Control
max-age=315360000
ETag
"641dde88-af1"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2801
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
application/javascript
Last-Modified
Fri, 24 Mar 2023 17:31:52 GMT
Server
nginx/1.15.10
new_free.svg
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/new_free.svg
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

ETag
"6694ed99-609"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1545
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 15 Jul 2024 09:36:25 GMT
Server
nginx/1.23.4
loading.svg
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		386 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/loading.svg
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

ETag
"6694ed98-182"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
386
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 15 Jul 2024 09:36:24 GMT
Server
nginx/1.23.4
qr2.png
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/qr2.png
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
f18af212bbafbb0b86b7aff29d1d0b217e341e564041dabbed3563b8d692b2db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

Cache-Control
max-age=315360000
ETag
"6694ed99-1c16"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
7190
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
image/png
Last-Modified
Mon, 15 Jul 2024 09:36:25 GMT
Server
nginx/1.23.4
1.png
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/1.png
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
ff708dfd7d816c51832a47cebfaf051422ddd0ab0d96588b55a1a2b89c1f3f73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

Cache-Control
max-age=315360000
ETag
"6694ed97-c2cb"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
49867
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
image/png
Last-Modified
Mon, 15 Jul 2024 09:36:23 GMT
Server
nginx/1.23.4
bg.gif
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		835 KB
835 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/bg.gif
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
306d7910500ae32624462375434beaab45581fdfb743af6f3efa5b096a403721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

ETag
"6694ed98-d0a03"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
854531
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
image/gif
Last-Modified
Mon, 15 Jul 2024 09:36:24 GMT
Server
nginx/1.23.4
alertmicrosoft1.mp3
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		50 KB
50 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/alertmicrosoft1.mp3
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
68d390582507c5639dc5b624fd8e3b302678428fecb1ccedb75b23e90a8cdfbf

Request headers

Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

ETag
"6694ed97-c7dd"
Connection
keep-alive
Content-Range
bytes 0-51164/51165
Keep-Alive
timeout=10
Content-Length
51165
Date
Tue, 10 Dec 2024 14:41:35 GMT
Content-Type
audio/mpeg
Last-Modified
Mon, 15 Jul 2024 09:36:23 GMT
Server
nginx/1.23.4
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: loadingscripts.com
URL: https://loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f95.1e100.net
Software
ESF /
Resource Hash
7cc6012f5a5ab1b73b2ea693bfdf2b456a36eabb2775d5bf523e7fdfcb6f1c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 14:41:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 14:41:36 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 10 Dec 2024 14:34:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
close.svg
loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.63.143.61 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

ETag
"646e0bd8-4ff"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1279
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:36 GMT
Content-Type
image/svg+xml
Last-Modified
Wed, 24 May 2023 13:06:32 GMT
Server
nginx/1.15.10
download-gif.gif
loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif
Requested by
Host: press-continue.4k7kca7aj0s4.top
URL: https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.63.143.61 Moscow Oblast, Russian Federation, ASN50113 (SuperServersDatacenter NTX Technologies s.r.o., CZ),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
0175bfd9afe9543559c705914fac010a6d609017f0a2edcffe599549561fb5d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/

Response headers

ETag
"646f3776-19813"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104467
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:36 GMT
Content-Type
image/gif
Last-Modified
Thu, 25 May 2023 10:24:54 GMT
Server
nginx/1.15.10
fav.png
press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/ 		545 B
913 B 		Other
General
Check archive.org
Download Go to
Full URL
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/fav.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.246.188.125 , Netherlands, ASN200651 (FlokiNET FlokiNET ehf, IS),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
34ca666275595ea71b9787f7269141b947e95af772221947f5ddb060448ed77f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://press-continue.4k7kca7aj0s4.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Response headers

Cache-Control
max-age=315360000
ETag
"6694ed98-221"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
545
Keep-Alive
timeout=10
Date
Tue, 10 Dec 2024 14:41:36 GMT
Content-Type
image/png
Last-Modified
Mon, 15 Jul 2024 09:36:24 GMT
Server
nginx/1.23.4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| eddOptions function| showDontLeavePopup

7 Cookies

Domain/Path Name / Value
yapabbreviate.com/ Name: u_pl24562696
Value: 1
yapabbreviate.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDU2MjY5NiwiayI6ImJkNTViZTBjMTEwNzNhYjg0YjRkZThkNTU0MjEyYTAyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MjkyMzgxLCJwaWQiOjIyMTczMjIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImZpM3oxMHRlOCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjE0MzYyODQsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTM2MTQyLCJibiI6IkNocm9tZSIsImJ2IjoiMTMxIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MjIzLCJjIjoiVVMiLCJuIjoiVW5pdGVkIFN0YXRlcyJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlZlcml6b24gSW50ZXJuZXQgU2VydmljZXMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ._CFfMQSoJS5pssg6lbvr--vsHF4Kxy0YMGIXxE7N1so
yapabbreviate.com/ Name: cjs
Value: t
yapabbreviate.com/ Name: pdhtkv
Value: true
yapabbreviate.com/ Name: uncs
Value: 1
yapabbreviate.com/ Name: pdhtkv28
Value: true
yapabbreviate.com/ Name: uncs28
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubdomains