hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://luckynowforever.com/6nb99R2t?aid=zhghxzdzk&kid=gabxdhxgzfx
Effective URL:
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d8...
Submission: On August 28 via manual (August 28th 2023, 11:43:21 am UTC) from IN — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 143.198.239.193, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hotnewrumor.com.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.

This is the only time hotnewrumor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.96.158 104.21.96.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.165.105 172.67.165.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:a5ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	137.184.131.40 137.184.131.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	143.198.239.193 143.198.239.193	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
11	2

1 104.21.96.158 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

luckynowforever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.105 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hotloveland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a5ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.rwttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.184.131.40 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

civilpup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.198.239.193 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hotnewrumor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

popplunder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hotnewrumor.com hotnewrumor.com	2 MB
5	popplunder.com popplunder.com — Cisco Umbrella Rank: 219094	145 KB
1	civilpup.com 1 redirects civilpup.com	617 B
1	rwttrack.com 1 redirects tracking.rwttrack.com	691 B
1	luvmenow.com 1 redirects m.luvmenow.com	664 B
1	hotloveland.com 1 redirects hotloveland.com	972 B
1	luckynowforever.com 1 redirects luckynowforever.com	993 B
11	7

	Domain	Requested by
6	hotnewrumor.com	hotnewrumor.com
5	popplunder.com	hotnewrumor.com
1	civilpup.com	1 redirects
1	tracking.rwttrack.com	1 redirects
1	m.luvmenow.com	1 redirects
1	hotloveland.com	1 redirects
1	luckynowforever.com	1 redirects
11	7

This site contains no links.

Subject Issuer	Validity	Valid
hotnewrumor.com R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
popplunder.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76
Frame ID: 336085D3CEACE6696FBD0EA3DBB8CFD6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://luckynowforever.com/6nb99R2t?aid=zhghxzdzk&kid=gabxdhxgzfx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=m3df8v1mm6gm&sub1=29233&sub2=200406&... HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=m3df8v1mm6gp&sub2=34496&sub3=21&sub4=m3df... HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64ec88535980a0000115a939&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64ec8853b6e9570343437681&pub_i... HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

2
Countries

1982 kB
Transfer

2380 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://luckynowforever.com/6nb99R2t?aid=zhghxzdzk&kid=gabxdhxgzfx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=m3df8v1mm6gm&sub1=29233&sub2=200406&sub3=frd HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=m3df8v1mm6gp&sub2=34496&sub3=21&sub4=m3df8v1mm6gm&sub5=29233&sub6=200406&sub7=frd&sub8= HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64ec88535980a0000115a939&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64ec8853b6e9570343437681&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64ec88535980a0000115a939&url_id= HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response hotnewrumor.com/date/ Redirect Chain https://luckynowforever.com/6nb99R2t?aid=zhghxzdzk&kid=gabxdhxgzfx https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=m3df8v1mm6gm&sub1=29233&sub2=200406&sub3=frd https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=m3df8v1mm6gp&sub2=34496&sub3=21&sub4=m3df8v1mm6gm&sub5=29233&sub6=200406&sub7=frd&sub8= https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64ec88535980a0000115a939&source=34496 https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64ec8853b6e9570343437681&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64ec88535980a0000115a939&url_id= https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76	16 KB 4 KB	566ms 181ms	Document text/html	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 28 Aug 2023 11:43:16 GMT ETag W/"64e50b3b-4051" Last-Modified Tue, 22 Aug 2023 19:23:39 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Mon, 28 Aug 2023 11:43:15 GMT Location https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H/1.1	200 OK	64dd133c00975.css hotnewrumor.com/date/64dd133bdfcea/	5 KB 5 KB	182ms 181ms	Stylesheet text/css	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Mon, 28 Aug 2023 11:43:16 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-14a0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 5280
GET H/1.1	200 OK	jquery.js Show response hotnewrumor.com/date/64dd133bdfcea/	86 KB 86 KB	364ms 182ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/jquery.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Mon, 28 Aug 2023 11:43:16 GMT Last-Modified Tue, 22 Aug 2023 21:07:55 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e523ab-15857" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 88151
GET H/1.1	200 OK	main.js Show response hotnewrumor.com/date/64dd133bdfcea/	932 B 1 KB	546ms 181ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/main.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Mon, 28 Aug 2023 11:43:16 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-3a4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 932
GET H2	200	fire-app.js Show response popplunder.com/base/	19 KB 7 KB	141ms 41ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-app.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 27 Aug 2023 17:22:58 GMT content-encoding gzip via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 66018 etag W/"090fd8bd537efa12def5d7d4f23c68c2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id XilLCRvShB4qb6TlCZ_yiI_s6BR7WCBJ6MTUKMuGMkM01W7FxJq2gA==
GET H2	200	fire-database.js Show response popplunder.com/base/	182 KB 47 KB	179ms 79ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-database.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 27 Aug 2023 19:53:20 GMT content-encoding br via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 56997 etag W/"bcb4d088e45dd7c2a996808382370301" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id fcwxSmeX1PAjv8SsPW9eW5rGQK2RptVwePAmWR7bor6wqEqOGosfOQ==
GET H2	200	fire-firestore.js Show response popplunder.com/base/	281 KB 77 KB	147ms 47ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-firestore.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 27 Aug 2023 18:59:33 GMT content-encoding br via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:30 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 60453 etag W/"f096087599367f59ada90778b37a17a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id SqaK-tOPjM7TDL_nRKI9EVeJlTmPGN6lLI33Q9HgiBJTxQPoXB6a2A==
GET H2	200	fire-messaging.js Show response popplunder.com/base/	40 KB 11 KB	151ms 51ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-messaging.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 27 Aug 2023 17:49:13 GMT content-encoding br via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 64444 etag W/"fd33a322cf105a39b5956f8de02cbfa2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id vobG4p8AbjvXm8t7iHcMdMZ-DbPMBBGMyNL7J6NJUB57cId9rgGAyA==
GET H2	200	v3-01.js Show response popplunder.com/base/	9 KB 4 KB	181ms 81ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/v3-01.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 27 Aug 2023 17:49:13 GMT content-encoding br via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 64444 etag W/"40058a7654925f1b4ffa2b70e48e6dfa" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id ujzHOJ3FtZFIS-RB7lnTSyH5I1wSp5crOCJXm7bKZr0uBpAcKroUdg==
GET H/1.1	200 OK	bb.js Show response hotnewrumor.com/date/	612 B 872 B	546ms 181ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/bb.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Mon, 28 Aug 2023 11:43:16 GMT Last-Modified Tue, 22 Aug 2023 18:38:46 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b6-264" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 612
GET H/1.1	200 OK	64dd133c092ab.gif hotnewrumor.com/date/64dd133bdfcea/	2 MB 2 MB	182ms 182ms	Image image/gif	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c092ab.gif Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Mon, 28 Aug 2023 11:43:17 GMT Last-Modified Tue, 22 Aug 2023 18:38:48 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b8-1b2d54" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1781076

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
luckynowforever.com/	1970-01-20 15:05:01	Name: _subid Value: m3df8v1mm6gm
luckynowforever.com/	1970-01-20 23:56:22	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxMDc4NFwiOjE2OTMyMjI5OTQsXCI4XCI6MTY5MzIyMjk5NH0sXCJjYW1wYWlnbnNcIjp7XCIyMDA0MDZcIjoxNjkzMjIyOTk0LFwiMVwiOjE2OTMyMjI5OTR9LFwidGltZVwiOjE2OTMyMjI5OTR9In0.szLBz7VrBjgvXCX6xrizrM-0McTB0cHAW_zNyhq8Dqo
luckynowforever.com/	1970-01-20 15:05:01	Name: _token Value: uuid_m3df8v1mm6gm_m3df8v1mm6gm64ec885258f595.69497319
hotloveland.com/	1970-01-20 15:05:01	Name: _subid Value: m3df8v1mm6gp
hotloveland.com/	1970-01-20 23:56:22	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2OTMyMjI5OTR9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjkzMjIyOTk0fSxcInRpbWVcIjoxNjkzMjIyOTk0fSJ9.-i4DL6qJKrwq7NFKNQrfcuhZoU-Z31f0xukpf57arfc
hotloveland.com/	1970-01-20 15:05:01	Name: _token Value: uuid_m3df8v1mm6gp_m3df8v1mm6gp64ec8852cb0f44.99737337
m.luvmenow.com/	1970-01-20 23:05:58	Name: afclick Value: 64ec88535980a0000115a939
m.luvmenow.com/	1970-01-20 23:05:58	Name: afoffers Value: {"6344":1693222995}
tracking.rwttrack.com/	1970-01-20 14:30:27	Name: sess_6463ca6198cd0931be2b1034 Value: 63ff388140958208f0283c29
civilpup.com/	1970-01-20 14:21:49	Name: uclick Value: 8pa2oj0
civilpup.com/	1970-01-20 14:21:49	Name: uclickhash Value: 8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8pa2oj0&uclickhash=8pa2oj0-8pa2oj0-uq-0-3v-8r8n-8rvr-d85b76(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

civilpup.com
hotloveland.com
hotnewrumor.com
luckynowforever.com
m.luvmenow.com
popplunder.com
tracking.rwttrack.com
104.21.96.158
137.184.131.40
143.198.239.193
172.67.165.105
18.66.97.53
2606:4700:3031::ac43:a5ac
2a06:98c1:3120::3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5
1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e
4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c
4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b
5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8
817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae
a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1
f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449

hotnewrumor.com Open in urlscan Pro 143.198.239.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

2 IPs

2 Countries

1982 kBTransfer

2380 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

11 Cookies

1 Console Messages

Indicators

hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

2
Countries

1982 kB
Transfer

2380 kB
Size

11
Cookies

11 HTTP transactions
0 data transactions