urlscan.io logo urlscan.io
SecurityTrails logo

clickshere.xyz Open in urlscan Pro
91.209.226.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsbyj03y4f.80days.us/
Effective URL: https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M...
Submission: On April 23 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 11 HTTP transactions. The main IP is 91.209.226.54, located in and belongs to . The main domain is clickshere.xyz.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.
This is the only time clickshere.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 91.148.141.242 203380 (DAINTERNA...)
1 172.67.8.141 13335 (CLOUDFLAR...)
1 52.219.176.10 16509 (AMAZON-02)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 67.212.184.147 32475 (SINGLEHOP...)
2 3 51.68.82.147 16276 (OVH)
1 91.209.226.54 ()
11 6
4    91.148.141.242 (Sofia, Bulgaria)

ASN203380 (DAINTERNATIONALGROUP, BG)
PTR: e-relab.mobi
newsbyj03y4f.80days.us
back.lacentral.vip
2fu.us
1    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    52.219.176.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
newsamerican001.s3.us-east-2.amazonaws.com
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
byassets.com
3    67.212.184.147 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
my.contentrightnow.com
3    51.68.82.147 (United Kingdom)

ASN16276 (OVH, FR)
www.trimbuilder.foundation
1    91.209.226.54 (None, )

ASN- ()
clickshere.xyz
Domain Requested by
3 www.trimbuilder.foundation 2 redirects my.contentrightnow.com
3 my.contentrightnow.com 2fu.us
2 newsbyj03y4f.80days.us
1 clickshere.xyz www.trimbuilder.foundation
1 byassets.com 1 redirects
1 2fu.us newsamerican001.s3.us-east-2.amazonaws.com
1 newsamerican001.s3.us-east-2.amazonaws.com newsbyj03y4f.80days.us
1 whos.amung.us
1 back.lacentral.vip newsbyj03y4f.80days.us
11 9

This site contains no links.

Subject Issuer Validity Valid
80days.us
R3		 2024-04-04 -
2024-07-03		 3 months crt.sh
*.lacentral.vip
R3		 2024-02-28 -
2024-05-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-11 -
2024-06-09		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-02-29 -
2025-02-12		 a year crt.sh
*.2fu.us
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
my.contentrightnow.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
www.trimbuilder.foundation
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
clickshere.xyz
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M7361096448076677166*sl_5768231-bead7*ed6a4849f130260d51e45931175f353642eafeea*4400-9b24e4fz*4400
Frame ID: 961572C58F40951A7DF8F6BBEAD8F330
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://newsbyj03y4f.80days.us/ Page URL
  2. https://newsamerican001.s3.us-east-2.amazonaws.com/video04.html Page URL
  3. https://byassets.com/?k=d2a859bc5d198958d4cc7b39d48b3bd3&type=mainstream&subtype=global&data1=JEL... HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website... Page URL
  5. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website... HTTP 302
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website... HTTP 302
    https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404... Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

6
IPs

3
Countries

15 kB
Transfer

19 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsbyj03y4f.80days.us/ Page URL
  2. https://newsamerican001.s3.us-east-2.amazonaws.com/video04.html Page URL
  3. https://byassets.com/?k=d2a859bc5d198958d4cc7b39d48b3bd3&type=mainstream&subtype=global&data1=JELTAXPC HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400 Page URL
  5. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400&eyeg=f015b9c826eb8e269238999a5c7e43f2&eyer=0.8871550756563267&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400&eyeg=3&eyer=0.8871550756563267&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M7361096448076677166*sl_5768231-bead7*ed6a4849f130260d51e45931175f353642eafeea*4400-9b24e4fz*4400 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://byassets.com/?k=d2a859bc5d198958d4cc7b39d48b3bd3&type=mainstream&subtype=global&data1=JELTAXPC HTTP 302
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
newsbyj03y4f.80days.us/ 		509 B
717 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsbyj03y4f.80days.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS
e-relab.mobi
Software
nginx/1.20.1 / PHP/8.0.30
Resource Hash
cac7cd249ae4de6ac1669b81c6f8986d8d483e30746ff6db37ec54698445677e

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Apr 2024 16:13:41 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.30
fbmultiplepais
back.lacentral.vip/api/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://back.lacentral.vip:3069/api/scripts/fbmultiplepais?contador=ogprovenza&owner=corbatica&isbot=false&before=true&selectedcountry=
Requested by
Host: newsbyj03y4f.80days.us
URL: https://newsbyj03y4f.80days.us/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS
e-relab.mobi
Software
/ Express
Resource Hash
6b175194951512a31b652399e027a4613f8d2e95544f4d3d9baec810ec710373

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newsbyj03y4f.80days.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 23 Apr 2024 16:13:42 GMT
Connection
keep-alive
X-Powered-By
Express
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
application/javascript
/
whos.amung.us/pingjs/ 		31 B
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=ogprovenza&t=La%20Central&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=5806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newsbyj03y4f.80days.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:13:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
878f24740ece4bbd-BUF
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
favicon.ico
newsbyj03y4f.80days.us/ 		196 B
371 B 		Other
General
Check archive.org
Download Go to
Full URL
https://newsbyj03y4f.80days.us/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS
e-relab.mobi
Software
nginx/1.20.1 /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newsbyj03y4f.80days.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 16:13:42 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
video04.html
newsamerican001.s3.us-east-2.amazonaws.com/ 		858 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsamerican001.s3.us-east-2.amazonaws.com/video04.html
Requested by
Host: newsbyj03y4f.80days.us
URL: https://newsbyj03y4f.80days.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.176.10 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
9cb7ba82401058c5b73ad7afe90f7bf4e5e18d7483a5730331aec212902d5b5f

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://newsbyj03y4f.80days.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Length
858
Content-Type
text/html
Date
Tue, 23 Apr 2024 16:13:44 GMT
ETag
"16c483ba7b586a165353e4ae288d5ffa"
Last-Modified
Tue, 23 Apr 2024 15:42:37 GMT
Server
AmazonS3
x-amz-id-2
ahDjEFhQXdxEBFRY2I23zgJRXHjKPP3xd1Y+c7GasEPIeo704JSBGCVQZSMba8mYbSo9YNAV+xE=
x-amz-request-id
CH1Z5HJ95Y0DDGX4
x-amz-server-side-encryption
AES256
index.php
2fu.us/ 		123 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2fu.us/index.php?username=jojo&counter=ogmonaco
Requested by
Host: newsamerican001.s3.us-east-2.amazonaws.com
URL: https://newsamerican001.s3.us-east-2.amazonaws.com/video04.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG),
Reverse DNS
e-relab.mobi
Software
nginx/1.20.1 / PHP/8.0.30
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newsamerican001.s3.us-east-2.amazonaws.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2024 16:13:44 GMT
Server
nginx/1.20.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
/
my.contentrightnow.com/
Redirect Chain
  • https://byassets.com/?k=d2a859bc5d198958d4cc7b39d48b3bd3&type=mainstream&subtype=global&data1=JELTAXPC
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by
Host: 2fu.us
URL: https://2fu.us/index.php?username=jojo&counter=ogmonaco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
cd797d3eedeb5fe46b20bd7dc3b4124289d75fa041d16b48cd46adf7fbd85ac7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://newsamerican001.s3.us-east-2.amazonaws.com/video04.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 16:13:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Apr 2024 16:13:44 GMT
Location
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
favicon.ico
my.contentrightnow.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:13:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 24 Apr 2024 16:13:44 GMT
favicon.ico
my.contentrightnow.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:13:44 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 24 Apr 2024 16:13:44 GMT
/
www.trimbuilder.foundation/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://my.contentrightnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Tue, 23 Apr 2024 16:13:46 GMT
Transfer-Encoding
chunked
Primary Request 3
clickshere.xyz/go/4995/
Redirect Chain
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400&eyeg=f015b9c826eb8e269238999a5c7e43f2&eyer=0.88715507565...
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400&eyeg=3&eyer=0.8871550756563267&eyei=0&eyew=1600&eyeh=120...
  • https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M7361096448076677166*sl_5768231-bead7*ed6a4849f130260d51e45931175f353642eafeea*...
275 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M7361096448076677166*sl_5768231-bead7*ed6a4849f130260d51e45931175f353642eafeea*4400-9b24e4fz*4400
Requested by
Host: www.trimbuilder.foundation
URL: https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7361096448076677166&website=4400-9b24e4fz&placement=4400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
275
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 16:13:46 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 23 Apr 2024 16:13:46 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Apr 2024 16:13:46 GMT
Location
https://clickshere.xyz/go/4995/3?subid2=902&subid1=330002547201cf34096cf1ffe471be24972720423-202404-flb*5768231-bead7*M7361096448076677166*sl_5768231-bead7*ed6a4849f130260d51e45931175f353642eafeea*4400-9b24e4fz*4400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://newsbyj03y4f.80days.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)