hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/t51N2UN
Effective URL:
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr...
Submission: On August 24 via manual (August 24th 2023, 4:14:44 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 8 domains to perform 11 HTTP transactions. The main IP is 143.198.239.193, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hotnewrumor.com.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.

This is the only time hotnewrumor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.165.105 172.67.165.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:a5ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	137.184.131.40 137.184.131.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	143.198.239.193 143.198.239.193	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
11	2

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

lovelygirlshere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.rwttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.105 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hotloveland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a5ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.184.131.40 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

civilpup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.198.239.193 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hotnewrumor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

popplunder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hotnewrumor.com hotnewrumor.com	2 MB
5	popplunder.com popplunder.com — Cisco Umbrella Rank: 219094	148 KB
1	civilpup.com 1 redirects civilpup.com	623 B
1	rwttrack.com 1 redirects tracking.rwttrack.com	695 B
1	luvmenow.com 1 redirects m.luvmenow.com	657 B
1	hotloveland.com 1 redirects hotloveland.com	966 B
1	lovelygirlshere.com 1 redirects lovelygirlshere.com	963 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 68657	436 B
11	8

	Domain	Requested by
6	hotnewrumor.com	hotnewrumor.com
5	popplunder.com	hotnewrumor.com
1	civilpup.com	1 redirects
1	tracking.rwttrack.com	1 redirects
1	m.luvmenow.com	1 redirects
1	hotloveland.com	1 redirects
1	lovelygirlshere.com	1 redirects
1	cutt.ly	1 redirects
11	8

This site contains no links.

Subject Issuer	Validity	Valid
hotnewrumor.com R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
popplunder.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e
Frame ID: 871885E12D130F678D5777B2246AE2F8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cutt.ly/t51N2UN HTTP 301
https://lovelygirlshere.com/mWm2473s?aid=bafxaxpfgg&kid=fpdazzxxzbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=favmlr1l3lop&sub1=32188&sub2=192896&... HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1goni071l3lp1&sub2=34496&sub3=21&sub4=fav... HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64e6d92df62f4d0001e74de0&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64e6d92d5cf4100343770430&pub_i... HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5m... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

2
IPs

1
Countries

1985 kB
Transfer

2380 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/t51N2UN HTTP 301
https://lovelygirlshere.com/mWm2473s?aid=bafxaxpfgg&kid=fpdazzxxzbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=favmlr1l3lop&sub1=32188&sub2=192896&sub3=frd HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1goni071l3lp1&sub2=34496&sub3=21&sub4=favmlr1l3lop&sub5=32188&sub6=192896&sub7=frd&sub8= HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64e6d92df62f4d0001e74de0&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64e6d92d5cf4100343770430&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64e6d92df62f4d0001e74de0&url_id= HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response hotnewrumor.com/date/ Redirect Chain https://cutt.ly/t51N2UN https://lovelygirlshere.com/mWm2473s?aid=bafxaxpfgg&kid=fpdazzxxzbx https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=favmlr1l3lop&sub1=32188&sub2=192896&sub3=frd https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1goni071l3lp1&sub2=34496&sub3=21&sub4=favmlr1l3lop&sub5=32188&sub6=192896&sub7=frd&sub8= https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64e6d92df62f4d0001e74de0&source=34496 https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64e6d92d5cf4100343770430&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64e6d92df62f4d0001e74de0&url_id= https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e	16 KB 4 KB	576ms 182ms	Document text/html	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 24 Aug 2023 04:14:38 GMT ETag W/"64e50b3b-4051" Last-Modified Tue, 22 Aug 2023 19:23:39 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Thu, 24 Aug 2023 04:14:38 GMT Location https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H/1.1	200 OK	64dd133c00975.css hotnewrumor.com/date/64dd133bdfcea/	5 KB 5 KB	183ms 183ms	Stylesheet text/css	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Thu, 24 Aug 2023 04:14:38 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-14a0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 5280
GET H/1.1	200 OK	jquery.js Show response hotnewrumor.com/date/64dd133bdfcea/	86 KB 86 KB	366ms 182ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/jquery.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Thu, 24 Aug 2023 04:14:39 GMT Last-Modified Tue, 22 Aug 2023 21:07:55 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e523ab-15857" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 88151
GET H/1.1	200 OK	main.js Show response hotnewrumor.com/date/64dd133bdfcea/	932 B 1 KB	546ms 181ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/main.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Thu, 24 Aug 2023 04:14:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-3a4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 932
GET H2	200	fire-app.js Show response popplunder.com/base/	19 KB 7 KB	151ms 40ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-app.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 19:47:18 GMT content-encoding br via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 30441 etag W/"090fd8bd537efa12def5d7d4f23c68c2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id tLwdj8Rabf6ck-uJ_CyM7OaLSdPSs1qSox2ujzK2uui3T3SPu1HoXw==
GET H2	200	fire-database.js Show response popplunder.com/base/	182 KB 49 KB	157ms 46ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-database.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 02:59:01 GMT content-encoding gzip via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 4599 etag W/"bcb4d088e45dd7c2a996808382370301" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id xxNkWuVdhzv52wCngHFJ7Z6AaiO9_41PntHJCnHPHJ7zCxL8vQ2ODA==
GET H2	200	fire-firestore.js Show response popplunder.com/base/	281 KB 77 KB	191ms 81ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-firestore.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 18:55:05 GMT content-encoding br via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:30 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 33631 etag W/"f096087599367f59ada90778b37a17a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id xARdqqS3FDvKpAu-7stJo_YLZgbfkyaMNBZZmFa8zu-TMqJ1j78DaA==
GET H2	200	fire-messaging.js Show response popplunder.com/base/	40 KB 11 KB	161ms 51ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-messaging.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 02:59:01 GMT content-encoding gzip via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 4599 etag W/"fd33a322cf105a39b5956f8de02cbfa2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 1RikcbD-NJF6U2h_if6zB0vTUzSwRMV-lfI1q2nqmjPoOTtg16DwXw==
GET H2	200	v3-01.js Show response popplunder.com/base/	9 KB 4 KB	185ms 75ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/v3-01.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 02:59:01 GMT content-encoding gzip via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 4599 etag W/"40058a7654925f1b4ffa2b70e48e6dfa" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id QAAx7qvPvjru70QvwhqTs8PFlEE6yq69BmHaQhF4UelZtN_Bsu494A==
GET H/1.1	200 OK	bb.js Show response hotnewrumor.com/date/	612 B 872 B	548ms 182ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/bb.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Thu, 24 Aug 2023 04:14:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:46 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b6-264" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 612
GET H/1.1	200 OK	64dd133c092ab.gif hotnewrumor.com/date/64dd133bdfcea/	2 MB 2 MB	183ms 182ms	Image image/gif	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c092ab.gif Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Thu, 24 Aug 2023 04:14:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:48 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b8-1b2d54" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1781076

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: kcl9klkgnvmvusq70c3i7qto95
lovelygirlshere.com/	1970-01-20 14:58:48	Name: _subid Value: favmlr1l3lop
lovelygirlshere.com/	1970-01-20 23:50:10	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ5NjIyNlwiOjE2OTI4NTA0NzZ9LFwiY2FtcGFpZ25zXCI6e1wiMTkyODk2XCI6MTY5Mjg1MDQ3Nn0sXCJ0aW1lXCI6MTY5Mjg1MDQ3Nn0ifQ.Pyz8E1XDsIDrbVO8UhNcBDszei9kDsPS2dYk158_3UE
lovelygirlshere.com/	1970-01-20 14:58:48	Name: _token Value: uuid_favmlr1l3lop_favmlr1l3lop64e6d92ce1e1b1.31800851
hotloveland.com/	1970-01-20 14:58:48	Name: _subid Value: 1goni071l3lp1
hotloveland.com/	1970-01-20 23:50:10	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2OTI4NTA0Nzd9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjkyODUwNDc3fSxcInRpbWVcIjoxNjkyODUwNDc3fSJ9.UGdNjREeY3p5x0iEjYzwOyNY7zAsoWEXrNgTtgEtQN0
hotloveland.com/	1970-01-20 14:58:48	Name: _token Value: uuid_1goni071l3lp1_1goni071l3lp164e6d92d5f5fc3.37465012
m.luvmenow.com/	1970-01-20 22:59:46	Name: afclick Value: 64e6d92df62f4d0001e74de0
m.luvmenow.com/	1970-01-20 22:59:46	Name: afoffers Value: {"6344":1692850477}
tracking.rwttrack.com/	1970-01-20 14:24:15	Name: sess_6463ca6198cd0931be2b1034 Value: 63ff388140958208f0283c29
civilpup.com/	1970-01-20 14:15:36	Name: uclick Value: lpoj5mbl
civilpup.com/	1970-01-20 14:15:36	Name: uclickhash Value: lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=lpoj5mbl&uclickhash=lpoj5mbl-lpoj5mbl-uq-0-3v-8r8n-8rvr-7aa51e(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

civilpup.com
cutt.ly
hotloveland.com
hotnewrumor.com
lovelygirlshere.com
m.luvmenow.com
popplunder.com
tracking.rwttrack.com
137.184.131.40
143.198.239.193
172.67.165.105
18.66.97.53
2606:4700:10::ac43:8ee
2606:4700:3031::ac43:a5ac
2a06:98c1:3120::3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5
1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e
4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c
4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b
5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8
817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae
a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1
f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449

hotnewrumor.com Open in urlscan Pro 143.198.239.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

43 %IPv6

8 Domains

8 Subdomains

2 IPs

1 Countries

1985 kBTransfer

2380 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

12 Cookies

1 Console Messages

Indicators

hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

2
IPs

1
Countries

1985 kB
Transfer

2380 kB
Size

12
Cookies

11 HTTP transactions
0 data transactions