xrclicks.xyz Open in urlscan Pro
2606:4700:3037::681b:86d6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response xrclicks.xyz/	1 KB 1 KB	379ms 364ms	Document text/html	2606:4700:3037::681b:86d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xrclicks.xyz/ Protocol HTTP/1.1 Server 2606:4700:3037::681b:86d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea3659648f84ebafda408b1e0ef2ad23029b7b91cd7d8453a651ea07020ef66e Request headers Host xrclicks.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 16:34:19 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d6c60ce1d3286bbf0e29ef52ed69359ff1600274059; expires=Fri, 16-Oct-20 16:34:19 GMT; path=/; domain=.xrclicks.xyz; HttpOnly; SameSite=Lax Last-Modified Wed, 01 Jul 2020 02:15:00 GMT Vary Accept-Encoding CF-Cache-Status DYNAMIC cf-request-id 05395d6749000096e6afb5f200000001 Server cloudflare CF-RAY 5d3bfe854cd696e6-FRA Content-Encoding gzip
GET H2	200	propush.js Show response xrclicks.xyz/	501 B 558 B	355ms 338ms	Script application/javascript	2606:4700:3037::681b:86d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xrclicks.xyz/propush.js Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681b:86d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c520e7f6f4518f921e6e49090bbeb15d4ba2f8a9c6e05bf4152eb86752abcff1 Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 16 Sep 2020 16:34:19 GMT content-encoding br cf-cache-status MISS last-modified Wed, 01 Jul 2020 02:13:17 GMT server cloudflare etag W/"5efbf13d-1f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 cf-ray 5d3bfe87ac402c4e-FRA cf-request-id 05395d68c900002c4e5d9c0200000001 expires Thu, 17 Sep 2020 04:34:19 GMT
GET H/1.1	404 Not Found	jquery.js xrclicks.xyz/	0 0	325ms 325ms	Script text/html	2606:4700:3037::681b:86d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xrclicks.xyz/jquery.js Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol HTTP/1.1 Server 2606:4700:3037::681b:86d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 16:34:19 GMT Content-Encoding gzip CF-Cache-Status MISS Server cloudflare Vary Accept-Encoding Content-Type text/html Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5d3bfe878e5c96e6-FRA cf-request-id 05395d68b9000096e6afb78200000001
GET H/1.1	200 OK	tag.min.js Show response foapsovi.net/pfe/current/	41 KB 13 KB	99ms 75ms	Script application/javascript	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://foapsovi.net/pfe/current/tag.min.js?z=3409321&ymid=null Requested by Host: xrclicks.xyz URL: https://xrclicks.xyz/propush.js Protocol HTTP/1.1 Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 4f62b77c874fa73cc4979daa80e8d279e138a939019f29309d406e7be8d3528e Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 16 Sep 2020 16:34:19 GMT Content-Encoding gzip Last-Modified Mon, 14 Sep 2020 15:52:40 GMT Server nginx ETag W/"5f5f91c8-a35a" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	404 Not Found	jquery.js xrclicks.xyz/	0 0	12ms 11ms	Script text/html	2606:4700:3037::681b:86d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xrclicks.xyz/jquery.js Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol HTTP/1.1 Server 2606:4700:3037::681b:86d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 16:34:19 GMT Content-Encoding gzip CF-Cache-Status HIT Server cloudflare Age 0 Vary Accept-Encoding Content-Type text/html Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 5d3bfe89cf9096e6-FRA cf-request-id 05395d6a1f000096e6afb85200000001
GET H2	200	click.php birclicks.com/ Frame FD65	0 0	639ms 207ms	Document text/html	45.77.249.69 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://birclicks.com/click.php?lp=1&to_offer=1 Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 45.77.249.69 Singapore, Singapore, ASN20473 (AS-CHOOPA, US), Reverse DNS 45.77.249.69.vultr.com Software nginx/1.18.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority birclicks.com :scheme https :path /click.php?lp=1&to_offer=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://xrclicks.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://xrclicks.xyz/ Response headers status 200 server nginx/1.18.0 date Wed, 16 Sep 2020 16:34:20 GMT content-type text/html; charset=UTF-8 strict-transport-security max-age=31536000 content-encoding gzip
GET H/1.1	200 OK	zone Show response foapsovi.net/	695 B 1 KB	117ms 42ms	Fetch application/json	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/zone?pub=0&zone_id=3409321&is_mobile=false&domain=xrclicks.xyz&var=&ymid=null&var_3= Requested by Host: foapsovi.net URL: http://foapsovi.net/pfe/current/tag.min.js?z=3409321&ymid=null Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash b985531f1b63a3290294e1cb514f9ddb2951581d2bc21fc75226f3821d420854 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id 1d381bbeba434cde96c80d05cf87be47 Date Wed, 16 Sep 2020 16:34:20 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 695
GET H/1.1	200 OK	universal.min.js Show response foapsovi.net/pfe/current/	192 KB 57 KB	213ms 100ms	Fetch application/javascript	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/pfe/current/universal.min.js?v=3.1.265 Requested by Host: foapsovi.net URL: http://foapsovi.net/pfe/current/tag.min.js?z=3409321&ymid=null Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 7479ae324480d8068b3fbd624e8c32222af1e588fadd20c5f8d186b49564c274 Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 16 Sep 2020 16:34:20 GMT Content-Encoding gzip Last-Modified Mon, 14 Sep 2020 15:52:40 GMT Server nginx ETag W/"5f5f91c8-300f7" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin http://xrclicks.xyz Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
OPTIONS H/1.1	200 OK	custom foapsovi.net/ Frame	0 0	56ms 56ms	Other text/plain	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Protocol HTTP/1.1 Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://xrclicks.xyz Sec-Fetch-Mode cors Response headers Server nginx Date Wed, 16 Sep 2020 16:34:20 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
OPTIONS H/1.1	200 OK	custom foapsovi.net/ Frame	0 0	112ms 56ms	Other text/plain	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Protocol HTTP/1.1 Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://xrclicks.xyz Sec-Fetch-Mode cors Response headers Server nginx Date Wed, 16 Sep 2020 16:34:20 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response foapsovi.net/	39 B 486 B	37ms 37ms	Fetch application/json	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id ba4bc3f19e9a336f1ef92b3f2ea2d134 Date Wed, 16 Sep 2020 16:34:20 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
POST H/1.1	200 OK	custom Show response foapsovi.net/	39 B 486 B	41ms 41ms	Fetch application/json	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id cd69c1da29c98b3b7a0fd19aaa378dc6 Date Wed, 16 Sep 2020 16:34:20 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
OPTIONS H/1.1	200 OK	custom foapsovi.net/ Frame	0 0	56ms 56ms	Other text/plain	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Protocol HTTP/1.1 Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://xrclicks.xyz Sec-Fetch-Mode cors Response headers Server nginx Date Wed, 16 Sep 2020 16:34:20 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response foapsovi.net/	39 B 486 B	37ms 37ms	Fetch application/json	139.45.196.205 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://foapsovi.net/custom Requested by Host: xrclicks.xyz URL: http://xrclicks.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.205 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://xrclicks.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 84f1a4a172ab6cd8255c4a9f9c85fe0e Date Wed, 16 Sep 2020 16:34:20 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://xrclicks.xyz Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| backOfferUrl object| _0x3a8a function| _0x1fec object| _0x57e9 function| _0x1408 object| _0x2aeb function| _0xf052 object| zfgformats object| _0x4720 function| _0x1284 object| sdk boolean| installOnFly

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xrclicks.xyz/	1970-01-19 13:14:26	Name: __cfduid Value: d6c60ce1d3286bbf0e29ef52ed69359ff1600274059

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

birclicks.com
foapsovi.net
xrclicks.xyz
139.45.196.205
2606:4700:3037::681b:86d6
45.77.249.69
4f62b77c874fa73cc4979daa80e8d279e138a939019f29309d406e7be8d3528e
7479ae324480d8068b3fbd624e8c32222af1e588fadd20c5f8d186b49564c274
b985531f1b63a3290294e1cb514f9ddb2951581d2bc21fc75226f3821d420854
c520e7f6f4518f921e6e49090bbeb15d4ba2f8a9c6e05bf4152eb86752abcff1
ea3659648f84ebafda408b1e0ef2ad23029b7b91cd7d8453a651ea07020ef66e
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881