hotnewrumor.com
Open in
urlscan Pro
143.198.239.193
Public Scan
Effective URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr...
Submission: On August 24 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.
This is the only time hotnewrumor.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::ac43:8ee | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.165.105 172.67.165.105 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3031::ac43:a5ac | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 137.184.131.40 137.184.131.40 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
6 | 143.198.239.193 143.198.239.193 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
5 | 18.66.97.53 18.66.97.53 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 2 |
ASN13335 (CLOUDFLARENET, US)
lovelygirlshere.com | |
tracking.rwttrack.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
popplunder.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
hotnewrumor.com
hotnewrumor.com |
2 MB |
5 |
popplunder.com
popplunder.com — Cisco Umbrella Rank: 219094 |
148 KB |
1 |
civilpup.com
1 redirects
civilpup.com |
623 B |
1 |
rwttrack.com
1 redirects
tracking.rwttrack.com |
695 B |
1 |
luvmenow.com
1 redirects
m.luvmenow.com |
657 B |
1 |
hotloveland.com
1 redirects
hotloveland.com |
966 B |
1 |
lovelygirlshere.com
1 redirects
lovelygirlshere.com |
963 B |
1 |
cutt.ly
1 redirects
cutt.ly — Cisco Umbrella Rank: 68657 |
436 B |
11 | 8 |
Domain | Requested by | |
---|---|---|
6 | hotnewrumor.com |
hotnewrumor.com
|
5 | popplunder.com |
hotnewrumor.com
|
1 | civilpup.com | 1 redirects |
1 | tracking.rwttrack.com | 1 redirects |
1 | m.luvmenow.com | 1 redirects |
1 | hotloveland.com | 1 redirects |
1 | lovelygirlshere.com | 1 redirects |
1 | cutt.ly | 1 redirects |
11 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hotnewrumor.com R3 |
2023-08-05 - 2023-11-03 |
3 months | crt.sh |
popplunder.com Amazon RSA 2048 M02 |
2023-07-18 - 2024-08-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e
Frame ID: 871885E12D130F678D5777B2246AE2F8
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://cutt.ly/t51N2UN
HTTP 301
https://lovelygirlshere.com/mWm2473s?aid=bafxaxpfgg&kid=fpdazzxxzbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=favmlr1l3lop&sub1=32188&sub2=192896&... HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1goni071l3lp1&sub2=34496&sub3=21&sub4=fav... HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64e6d92df62f4d0001e74de0&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64e6d92d5cf4100343770430&pub_i... HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5m... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cutt.ly/t51N2UN
HTTP 301
https://lovelygirlshere.com/mWm2473s?aid=bafxaxpfgg&kid=fpdazzxxzbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=favmlr1l3lop&sub1=32188&sub2=192896&sub3=frd HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1goni071l3lp1&sub2=34496&sub3=21&sub4=favmlr1l3lop&sub5=32188&sub6=192896&sub7=frd&sub8= HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64e6d92df62f4d0001e74de0&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64e6d92d5cf4100343770430&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64e6d92df62f4d0001e74de0&url_id= HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
hotnewrumor.com/date/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
64dd133c00975.css
hotnewrumor.com/date/64dd133bdfcea/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
hotnewrumor.com/date/64dd133bdfcea/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
hotnewrumor.com/date/64dd133bdfcea/ |
932 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fire-app.js
popplunder.com/base/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fire-database.js
popplunder.com/base/ |
182 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fire-firestore.js
popplunder.com/base/ |
281 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fire-messaging.js
popplunder.com/base/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v3-01.js
popplunder.com/base/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bb.js
hotnewrumor.com/date/ |
612 B 872 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
64dd133c092ab.gif
hotnewrumor.com/date/64dd133bdfcea/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| getURLParameter boolean| isFirstPage boolean| isTrack boolean| backTrackingUrl object| firebase object| config string| backOfferUrl12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cutt.ly/ | Name: PHPSESSID Value: kcl9klkgnvmvusq70c3i7qto95 |
|
lovelygirlshere.com/ | Name: _subid Value: favmlr1l3lop |
|
lovelygirlshere.com/ | Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ5NjIyNlwiOjE2OTI4NTA0NzZ9LFwiY2FtcGFpZ25zXCI6e1wiMTkyODk2XCI6MTY5Mjg1MDQ3Nn0sXCJ0aW1lXCI6MTY5Mjg1MDQ3Nn0ifQ.Pyz8E1XDsIDrbVO8UhNcBDszei9kDsPS2dYk158_3UE |
|
lovelygirlshere.com/ | Name: _token Value: uuid_favmlr1l3lop_favmlr1l3lop64e6d92ce1e1b1.31800851 |
|
hotloveland.com/ | Name: _subid Value: 1goni071l3lp1 |
|
hotloveland.com/ | Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2OTI4NTA0Nzd9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjkyODUwNDc3fSxcInRpbWVcIjoxNjkyODUwNDc3fSJ9.UGdNjREeY3p5x0iEjYzwOyNY7zAsoWEXrNgTtgEtQN0 |
|
hotloveland.com/ | Name: _token Value: uuid_1goni071l3lp1_1goni071l3lp164e6d92d5f5fc3.37465012 |
|
m.luvmenow.com/ | Name: afclick Value: 64e6d92df62f4d0001e74de0 |
|
m.luvmenow.com/ | Name: afoffers Value: {"6344":1692850477} |
|
tracking.rwttrack.com/ | Name: sess_6463ca6198cd0931be2b1034 Value: 63ff388140958208f0283c29 |
|
civilpup.com/ | Name: uclick Value: lpoj5mbl |
|
civilpup.com/ | Name: uclickhash Value: lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
civilpup.com
cutt.ly
hotloveland.com
hotnewrumor.com
lovelygirlshere.com
m.luvmenow.com
popplunder.com
tracking.rwttrack.com
137.184.131.40
143.198.239.193
172.67.165.105
18.66.97.53
2606:4700:10::ac43:8ee
2606:4700:3031::ac43:a5ac
2a06:98c1:3120::3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5
1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e
4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c
4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b
5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8
817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae
a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1
f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449