Report - press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/

Report Overview

Visited public
2025-06-21 11:49:32
Tags
Submit Tags
URL
press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
Finishing URL
press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/
IP / ASN
194.63.143.96
#50113 NTX Technologies s.r.o.
Title
Attention

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-18	467 B	6.4 kB	142.250.74.10
loadingscripts.com	unknown	2023-04-27	2023-04-29	2025-06-20	2.4 kB	116 kB	185.246.188.125
press-continue.564a5a0rut08.top	unknown	2024-07-27	2025-06-01	2025-06-17	5.0 kB	1.1 MB	194.63.143.61

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js	ScriptElement	2.8 kB	2023-03-29	2025-06-25
Pretty URL loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js IP 185.246.188.125 ASN #200651 FlokiNET ehf Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:47 Last Seen2025-06-25 11:01 Times Seen958 Hash 01a2c61eb40ce8e341a0801f78da7735 1cb39b0674bc20c3208c16c53c131e74704759ed 03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929 Loading...

	loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js	ScriptElement	1.8 kB	2023-05-25	2025-06-25
Pretty URL loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js IP 185.246.188.125 ASN #200651 FlokiNET ehf Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 20:42 Last Seen2025-06-25 11:01 Times Seen502 Hash 8dc402b92b1ed0b13627e2ba1b928cc7 35d1e71cdea9a15b778c6137baaaac1eda4aabb3 b1d3e86c81061bd76770790bf5e2f0ffa7b45f2c4e3fc3400a7142bf9b3a53fb Loading...

	press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/	ScriptElement	112 B	2023-05-25	2025-06-25
Pretty URL press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ IP 194.63.143.96 ASN #50113 NTX Technologies s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 20:42 Last Seen2025-06-25 11:01 Times Seen496 Hash 7b556b5c53e6044f936419f783c82ae8 cf28d9e5c2e04442d6aba982caa3ebb601a99ac3 7ce041c3470f00f3cfa8146f92a512b45fd1cd480b8cc397e91e30b457ca2bd3 Loading...

	press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/	ScriptElement	281 B	2023-03-08	2025-06-22
Pretty URL press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ IP 194.63.143.96 ASN #50113 NTX Technologies s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:39 Last Seen2025-06-22 12:02 Times Seen258 Hash 798eedd8ae39afa34b8e105e4a104bc7 610297e468632eb07629da7d1271ad63cae51661 8aec80ebfc35d71f78311f3f0eccd03d3ab141bb4e7890cba6fe71631c9bacb0 Loading...

	press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/	ScriptElement	1.6 kB	2023-03-08	2025-06-22
Pretty URL press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ IP 194.63.143.96 ASN #50113 NTX Technologies s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:39 Last Seen2025-06-22 12:02 Times Seen258 Hash c04082450026da68c701a71154753008 c24fd70ad744a7667c0bd03afa99ac2962542524 e6dbeaee41683943b1c88da7ddb778c9994c56dc4c0620106c21265809e1a4ad Loading...

HTTP Transactions (15)

	URL	IP	Response	Size
	GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg	185.246.188.125	200 OK	1.3 kB
URL GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg IP 185.246.188.125:443 ASN #200651 FlokiNET ehf Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subjectloadingscripts.com Fingerprint71:A6:DA:CB:CF:22:35:90:12:E5:64:E2:22:F5:97:5C:AC:E2:F2:84 ValidityThu, 19 Jun 2025 22:16:31 GMT - Wed, 17 Sep 2025 22:16:30 GMT File type SVG Scalable Vector Graphics image Size 1.3 kB (1279 bytes) Hash 369850b9873659adf0951d845f57dba1 a64257186daa33b6b318943a457b6cf8d80b26b6 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21 HTTP Headers `GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg HTTP/1.1 Host: loadingscripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/svg+xml Content-Length: 1279 Last-Modified: Wed, 24 May 2023 13:06:32 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "646e0bd8-4ff" Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/loading.svg	194.63.143.61	200 OK	386 B
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/loading.svg IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type SVG Scalable Vector Graphics image Size 386 B (386 bytes) Hash 484f8bcb59050331f28ec35ae84c3ef0 e083f687af91382e8485515369daffde1899a12a d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451 HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/loading.svg HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/svg+xml Content-Length: 386 Last-Modified: Mon, 15 Jul 2024 09:36:24 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed98-182" Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/bg.gif	194.63.143.61	200 OK	854 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/bg.gif IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type GIF image data, version 87a, 600 x 338 Size 854 kB (854531 bytes) Hash fb515d8640e8153526073e3dba53cef1 065dcee1850b622ab7e96586cc5ae737dd335587 306d7910500ae32624462375434beaab45581fdfb743af6f3efa5b096a403721 HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/bg.gif HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/gif Content-Length: 854531 Last-Modified: Mon, 15 Jul 2024 09:36:24 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed98-d0a03" Accept-Ranges: bytes`

	GET loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js	185.246.188.125	200 OK	2.8 kB
URL GET loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js IP 185.246.188.125:443 ASN #200651 FlokiNET ehf Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subjectloadingscripts.com Fingerprint71:A6:DA:CB:CF:22:35:90:12:E5:64:E2:22:F5:97:5C:AC:E2:F2:84 ValidityThu, 19 Jun 2025 22:16:31 GMT - Wed, 17 Sep 2025 22:16:30 GMT File type JavaScript source, ASCII text, with very long lines (2801), with no line terminators Size 2.8 kB (2801 bytes) Hash 01a2c61eb40ce8e341a0801f78da7735 1cb39b0674bc20c3208c16c53c131e74704759ed 03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929 HTTP Headers `GET /progress_p/pwa_links/default_scripts/notification.js HTTP/1.1 Host: loadingscripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: application/javascript Content-Length: 2801 Last-Modified: Fri, 24 Mar 2023 17:31:52 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "641dde88-af1" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/animate.css	194.63.143.96	200 OK	79 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/animate.css IP 194.63.143.96:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type ASCII text Size 79 kB (79391 bytes) Hash 97d64faca1f1a0422ecf3ae998026899 61bc4cbfc9fc6e0db503aa67ba92c7c768a4c7e1 d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/animate.css HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: text/css Last-Modified: Mon, 15 Jul 2024 09:36:23 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 ETag: W/"6694ed97-1361f" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js	185.246.188.125	200 OK	1.8 kB
URL GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js IP 185.246.188.125:443 ASN #200651 FlokiNET ehf Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subjectloadingscripts.com Fingerprint71:A6:DA:CB:CF:22:35:90:12:E5:64:E2:22:F5:97:5C:AC:E2:F2:84 ValidityThu, 19 Jun 2025 22:16:31 GMT - Wed, 17 Sep 2025 22:16:30 GMT File type ASCII text, with CRLF line terminators Size 1.8 kB (1801 bytes) Hash 8dc402b92b1ed0b13627e2ba1b928cc7 35d1e71cdea9a15b778c6137baaaac1eda4aabb3 b1d3e86c81061bd76770790bf5e2f0ffa7b45f2c4e3fc3400a7142bf9b3a53fb HTTP Headers `GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js HTTP/1.1 Host: loadingscripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: application/javascript Content-Length: 1801 Last-Modified: Thu, 25 May 2023 12:47:54 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "646f58fa-709" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes`

	GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif	185.246.188.125	200 OK	104 kB
URL GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif IP 185.246.188.125:443 ASN #200651 FlokiNET ehf Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subjectloadingscripts.com Fingerprint71:A6:DA:CB:CF:22:35:90:12:E5:64:E2:22:F5:97:5C:AC:E2:F2:84 ValidityThu, 19 Jun 2025 22:16:31 GMT - Wed, 17 Sep 2025 22:16:30 GMT File type GIF image data, version 89a, 188 x 188 Size 104 kB (104467 bytes) Hash 2d00d3926dd5bb55e7ab4100bacb86a7 9d3c247c6e1fe672b8ba0849f30ed18c45176883 0175bfd9afe9543559c705914fac010a6d609017f0a2edcffe599549561fb5d0 HTTP Headers `GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif HTTP/1.1 Host: loadingscripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/gif Content-Length: 104467 Last-Modified: Thu, 25 May 2023 10:24:54 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "646f3776-19813" Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/alertmicrosoft1.mp3	194.63.143.61	206 Partial Content	51 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/alertmicrosoft1.mp3 IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type Audio file with ID3 version 2.4.0, contains: - MPEG ADTS, layer III, v2, 48 kbps, 24 kHz, Monaural Size 51 kB (51165 bytes) Hash fab1bbb4cc471451600f345364157ac7 9c14c555d07a32ce52fabcd4398e476ada6bbb1f 68d390582507c5639dc5b624fd8e3b302678428fecb1ccedb75b23e90a8cdfbf HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/alertmicrosoft1.mp3 HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: audio/mpeg Content-Length: 51165 Last-Modified: Mon, 15 Jul 2024 09:36:23 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed97-c7dd" Content-Range: bytes 0-51164/51165`

	GET fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap	142.250.74.10	200 OK	5.7 kB
URL GET fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap IP 142.250.74.10:443 ASN #15169 GOOGLE Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86 ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT File type ASCII text, with very long lines (1572) Size 5.7 kB (5746 bytes) Hash f16142d531f42f7e8a6acfef5cca07de db7a93e4c246b8b8d624d8225e9245166fe7dc24 f6a29411897001b8f35b4a207de032c1d678c3f9ef601608a41d5b41c8b9f264 HTTP Headers `GET /css2?family=Roboto:wght@300&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 21 Jun 2025 11:49:10 GMT date: Sat, 21 Jun 2025 11:49:10 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css	185.246.188.125	200 OK	4.1 kB
URL GET loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css IP 185.246.188.125:443 ASN #200651 FlokiNET ehf Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subjectloadingscripts.com Fingerprint71:A6:DA:CB:CF:22:35:90:12:E5:64:E2:22:F5:97:5C:AC:E2:F2:84 ValidityThu, 19 Jun 2025 22:16:31 GMT - Wed, 17 Sep 2025 22:16:30 GMT File type ASCII text, with CRLF line terminators Size 4.1 kB (4071 bytes) Hash 79d9dfa9f91948462f9069fd3e5f61ae 6c8c5a83d3c8180a16dd7e6c3065c81ad38bcc94 8c8549291722875346b6e050a092cdda6088d579aba282a66304299616c55871 HTTP Headers `GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css HTTP/1.1 Host: loadingscripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: text/css Last-Modified: Thu, 25 May 2023 12:41:31 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 ETag: W/"646f577b-fe7" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/new_free.svg	194.63.143.96	200 OK	1.5 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/new_free.svg IP 194.63.143.96:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type SVG Scalable Vector Graphics image Size 1.5 kB (1545 bytes) Hash add28f2b5b2a568a5d5b49bd7b40ec03 66ad7a5ce73b4f84f2f54e5e6150cd5cc923d25e 89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/new_free.svg HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/svg+xml Content-Length: 1545 Last-Modified: Mon, 15 Jul 2024 09:36:25 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed99-609" Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/1.png	194.63.143.61	200 OK	50 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/1.png IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type PNG image data, 980 x 980, 8-bit/color RGBA, non-interlaced Size 50 kB (49867 bytes) Hash 1143a7b3bc5051147099facc8dc1432e 3a01609fb60f785d3233a788dff4351a1d79d4c9 ff708dfd7d816c51832a47cebfaf051422ddd0ab0d96588b55a1a2b89c1f3f73 HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/1.png HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/png Content-Length: 49867 Last-Modified: Mon, 15 Jul 2024 09:36:23 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed97-c2cb" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/fav.png	194.63.143.61	200 OK	545 B
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/fav.png IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Size 545 B (545 bytes) Hash 418a1f510d301f62a0976ebcf9cda640 89b5dbdf41afda654ad9f95e1b2672ffe4c51c20 34ca666275595ea71b9787f7269141b947e95af772221947f5ddb060448ed77f HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/fav.png HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:11 GMT Content-Type: image/png Content-Length: 545 Last-Modified: Mon, 15 Jul 2024 09:36:24 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed98-221" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/	194.63.143.96	200 OK	23 kB
URL User Request GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ IP 194.63.143.96:443 ASN #50113 NTX Technologies s.r.o. Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type HTML document, ASCII text, with very long lines (1849) Size 23 kB (23333 bytes) Hash 03277e8bff4782de05f2267fc761775d 7ed2779735fe3f6f1e54677634827027c9e724cb 6e0ba1505692b64b38399a6f247f7b50c44c5f8ed925741ea1e196c49874a00b HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.21.6 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: text/html Last-Modified: Mon, 15 Jul 2024 09:36:20 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 ETag: W/"6694ed94-5b25" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/qr2.png	194.63.143.61	200 OK	7.2 kB
URL GET press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/qr2.png IP 194.63.143.61:443 ASN #50113 NTX Technologies s.r.o. Requested by https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Certificate IssuerLet's Encrypt Subject564a5a0rut08.top Fingerprint10:54:07:65:70:3F:59:27:DD:EE:41:D1:6C:EB:2E:5D:31:20:EF:2F ValiditySat, 24 May 2025 20:40:01 GMT - Fri, 22 Aug 2025 20:40:00 GMT File type PNG image data, 1160 x 1160, 8-bit/color RGB, non-interlaced Size 7.2 kB (7190 bytes) Hash d697f8240f634a6bf3c59af9fada4fd4 703d294b81b2ff5a5f47dc4279c837a6aa8cead5 f18af212bbafbb0b86b7aff29d1d0b217e341e564041dabbed3563b8d692b2db HTTP Headers GET /e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/assets/qr2.png HTTP/1.1 Host: press-continue.564a5a0rut08.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://press-continue.564a5a0rut08.top/e102479204fcec81f6dfb01f2462a2dfa451531d/ww1/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sat, 21 Jun 2025 11:49:10 GMT Content-Type: image/png Content-Length: 7190 Last-Modified: Mon, 15 Jul 2024 09:36:25 GMT Connection: keep-alive Keep-Alive: timeout=10 ETag: "6694ed99-1c16" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Access-Control-Allow-Origin: * Accept-Ranges: bytes`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate