urlscan.io logo urlscan.io
SecurityTrails logo

fitflarehero.click Open in urlscan Pro
172.67.178.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://top10nutranews.com/hmro
Effective URL: https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
Submission: On May 30 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 172.67.178.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is fitflarehero.click.
TLS certificate: Issued by E1 on April 12th 2024. Valid for: 3 months.
This is the only time fitflarehero.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.29.132.16 22612 (NAMECHEAP...)
1 1 45.141.157.146 209696 (NILSAT)
2 172.67.178.36 13335 (CLOUDFLAR...)
2 1
Apex Domain
Subdomains		 Transfer
2 fitflarehero.click
fitflarehero.click
1 KB
1 lg-npltf.com
lg-npltf.com
3 KB
1 top10nutranews.com
top10nutranews.com
625 B
2 3
Domain Requested by
2 fitflarehero.click
1 lg-npltf.com 1 redirects
1 top10nutranews.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
fitflarehero.click
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
Frame ID: DB704D072C205E3884C3D366F3FBB567
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

1 kB
Transfer

1 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request HynmNV
fitflarehero.click/
Redirect Chain
  • https://top10nutranews.com/hmro
  • https://lg-npltf.com/?a=240244&c=381586&co=298388&mt=addma
  • https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
0
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88ba7279ee9e3fcb-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 00:01:01 GMT
expires
Thu, 30 May 2024 00:01:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqoePTOBk574pGM4k87uVeRhqaNDCG21LHcRxRRBvVDXvVKPueECSqNil5L3AlLc4Qz8M3MsowrWHgmQo6UyJP4NRAJFG01YZQqzaiHP50X5peXD87NAiTOfREDx3bYtA8%2BJ5qw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Thu, 30 May 2024 00:01:00 GMT
location
https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
server
nginx
favicon.ico
fitflarehero.click/ 		548 B
555 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fitflarehero.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitflarehero.click/HynmNV?sub1=380045fad7c64e61a704d834fbc7fa65261ba&sub2=240244&fbp=&sub6=&sub7={subSourceId}
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 00:01:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qXgzqWojCk4XHSkXfsz1wQE%2F9MTNifmiOk1TLc8kYWutOXdkpnTaoymr1b3A%2FLqepUhUpHFp0xhO2D3ZjAtX0CntRtw5fe0qz9gd8kZU5nvH2ICRVCLs8Owzi1qrn%2FMOnFsZW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
88ba727db8fd3fcb-SIN
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Domain/Path Name / Value
top10nutranews.com/ Name: prli_click_47
Value: hmro
top10nutranews.com/ Name: prli_visitor
Value: 6657c1bac9b75
.lg-npltf.com/ Name: gdm_sid_v1_3_001
Value: 86i10oYOdo/UAx+lHyHdvJX1WjnTI6apxEvoh+ckW9BqkAG0EsJjomFRdEfkzVoDk5KK/HQDuERPyG0egLqs5j3HDZq3PJswDmS/o3xdoQhrDu1coYd9v1dC+1tBug/IfCM2vlgvs89F7dN1de9+0d55/IQV1w+zmTsx/NZ7vLBwkNqmbdNip40n7YOOMhS0ChffsJddR4kYa+wWxVXFm02Qbx3kYBFPkrMIpqwl0glwRIvVrjh4UiWRYc5ijaVPe/ohIRNzpLIcr0K336+gv3d3RqxTfUjlbB0g/XQgb+3ab+vFfPGJ7UYpOcl31tz5YbVafhZgvfH6WBWhK25c8YFhc87wfD6sxbEAgnHa+pcqb0ZyKSQcJTTAtIWP0xvYfsxcGldGqI2bBtAt6Xf1djT1yl5Ejt7va1kcMWSd/0I9PxFpFLXixvQV6TRzrszA2o7HjIxtgWw0heqoi9ronK4oYKHIfhE9mZm1GlVhqT0iScyEkBTbGkkh0kGFv0ljnGfAeyEmVk9voegkielf4vd+rjCz6MBsJMcF10YVwMp7hUbweETl8nMmSYfqxqfqoI8b/TVgklEx7xIAAHrDwzB8sXxBG4wEhN6i4PDaaHabzY1glZCZnVFiAxFG6TandBvkdHZJadYRPFGi7ns9v1dsN0u0caeIl0ptOa+2qbvrwtfhMQtvlE8VdJ5QQJuxnOqZ/+0Yrq5e5xB/dX5/VOrrgascRcf7S8uehbjMFOynaN/urGVpupVL0ByG2jpn6cr6RccyDg/CVnzgBsh0fcBqJw2AeNrhMW99wjT4wLTmEmvOneIhJi7Fp+wLYlTYhj7MasDNiwcuJ3pQL4NNLWphmtW5jE5mVArzusuf68XW+5n1gFiSJkqUFhO7DLHN1/Vda30GzcB/WXZXSFd29HAnFME8LXAPGc0qkntNJl6/NK4ujdlhF09uHVddtO6Y/eUK5gf1QfwTtNWE1qOhGT694BVFPv4Q2qf6FtZ98KkS5vA+7Q71jv6Q1Wr5sP3MTIHxGYm+wu/cDdkn1Hzj+CpkZdUW1W6TaYQXARplZHpZH7KHh1bstTjAPLQL5VkC
.lg-npltf.com/ Name: gdm_click_freq_v1_1_001
Value: pUWKdrUDSAP7j7AyKBZmy9fvbyrxmh3+ZnvYLXBNoBIS50dpG8cD1DubJDdtlDTF
.lg-npltf.com/ Name: gdm_uid_v2_1_001
Value: Ac0A1pYQr11btZafYiRtEfJop9zZd2TkFl8Jk7EnPNcY0XMNESgE4WPk3MzEsMxU
.lg-npltf.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.lg-npltf.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.lg-npltf.com/ Name: gdm_click_adv_freq_v1_1_001
Value: ePDJnMs8zOHNvFB0bl95y7wzFCkSNCm0DX691eojONvLCEaiwPxdpmKSwXvTrnx8
.lg-npltf.com/ Name: gdm_click_freq_v2_1_001
Value: pUWKdrUDSAP7j7AyKBZmy9fvbyrxmh3+ZnvYLXBNoBIS50dpG8cD1DubJDdtlDTF
.lg-npltf.com/ Name: gdm_sid_v2_3_001
Value: 86i10oYOdo/UAx+lHyHdvJX1WjnTI6apxEvoh+ckW9BqkAG0EsJjomFRdEfkzVoDk5KK/HQDuERPyG0egLqs5j3HDZq3PJswDmS/o3xdoQhrDu1coYd9v1dC+1tBug/IfCM2vlgvs89F7dN1de9+0d55/IQV1w+zmTsx/NZ7vLBwkNqmbdNip40n7YOOMhS0ChffsJddR4kYa+wWxVXFm02Qbx3kYBFPkrMIpqwl0glwRIvVrjh4UiWRYc5ijaVPe/ohIRNzpLIcr0K336+gv3d3RqxTfUjlbB0g/XQgb+3ab+vFfPGJ7UYpOcl31tz5YbVafhZgvfH6WBWhK25c8YFhc87wfD6sxbEAgnHa+pcqb0ZyKSQcJTTAtIWP0xvYfsxcGldGqI2bBtAt6Xf1djT1yl5Ejt7va1kcMWSd/0I9PxFpFLXixvQV6TRzrszA2o7HjIxtgWw0heqoi9ronK4oYKHIfhE9mZm1GlVhqT0iScyEkBTbGkkh0kGFv0ljnGfAeyEmVk9voegkielf4vd+rjCz6MBsJMcF10YVwMp7hUbweETl8nMmSYfqxqfqoI8b/TVgklEx7xIAAHrDwzB8sXxBG4wEhN6i4PDaaHabzY1glZCZnVFiAxFG6TandBvkdHZJadYRPFGi7ns9v1dsN0u0caeIl0ptOa+2qbvrwtfhMQtvlE8VdJ5QQJuxnOqZ/+0Yrq5e5xB/dX5/VOrrgascRcf7S8uehbjMFOynaN/urGVpupVL0ByG2jpn6cr6RccyDg/CVnzgBsh0fcBqJw2AeNrhMW99wjT4wLTmEmvOneIhJi7Fp+wLYlTYhj7MasDNiwcuJ3pQL4NNLWphmtW5jE5mVArzusuf68XW+5n1gFiSJkqUFhO7DLHN1/Vda30GzcB/WXZXSFd29HAnFME8LXAPGc0qkntNJl6/NK4ujdlhF09uHVddtO6Y/eUK5gf1QfwTtNWE1qOhGT694BVFPv4Q2qf6FtZ98KkS5vA+7Q71jv6Q1Wr5sP3MTIHxGYm+wu/cDdkn1Hzj+CpkZdUW1W6TaYQXARplZHpZH7KHh1bstTjAPLQL5VkC
.lg-npltf.com/ Name: gdm_uid_v1_1_001
Value: Ac0A1pYQr11btZafYiRtEfJop9zZd2TkFl8Jk7EnPNcY0XMNESgE4WPk3MzEsMxU
.lg-npltf.com/ Name: gdm_click_adv_freq_v2_1_001
Value: ePDJnMs8zOHNvFB0bl95y7wzFCkSNCm0DX691eojONvLCEaiwPxdpmKSwXvTrnx8
fitflarehero.click/ Name: _subid
Value: 6cpu4kuf
fitflarehero.click/ Name: df45f
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wiY2FtcGFpZ25zXCI6e1wiMTY5XCI6MTcxNzAyNzI2MH0sXCJ0aW1lXCI6MTcxNzAyNzI2MH0ifQ.Uwl5SMbMMEUNma8QBzNb7CSESbM-QevRVXYG4PRStD0

1 Console Messages

Source Level URL
Text
network error URL: https://fitflarehero.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fitflarehero.click
lg-npltf.com
top10nutranews.com
172.67.178.36
45.141.157.146
66.29.132.16
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855