hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hotandsweetsex.com/shx1Wc86?aid=bxaxazhppx&kid=ffbxhhazkkx&sub1=NIMAS
Effective URL:
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr...
Submission: On September 10 via manual (September 10th 2023, 5:00:54 pm UTC) from IT — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 143.198.239.193, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hotnewrumor.com.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.

This is the only time hotnewrumor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.165.105 172.67.165.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:a5ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	137.184.131.40 137.184.131.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	143.198.239.193 143.198.239.193	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	18.66.97.18 18.66.97.18	16509 (AMAZON-02) (AMAZON-02)
11	2

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hotandsweetsex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.105 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hotloveland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a5ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.rwttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.184.131.40 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

civilpup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.198.239.193 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hotnewrumor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-18.fra56.r.cloudfront.net

popplunder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hotnewrumor.com hotnewrumor.com	2 MB
5	popplunder.com popplunder.com — Cisco Umbrella Rank: 163184	154 KB
1	civilpup.com 1 redirects civilpup.com	623 B
1	rwttrack.com 1 redirects tracking.rwttrack.com	696 B
1	luvmenow.com 1 redirects m.luvmenow.com	659 B
1	hotloveland.com 1 redirects hotloveland.com	969 B
1	hotandsweetsex.com 1 redirects hotandsweetsex.com	993 B
11	7

	Domain	Requested by
6	hotnewrumor.com	hotnewrumor.com
5	popplunder.com	hotnewrumor.com
1	civilpup.com	1 redirects
1	tracking.rwttrack.com	1 redirects
1	m.luvmenow.com	1 redirects
1	hotloveland.com	1 redirects
1	hotandsweetsex.com	1 redirects
11	7

This site contains no links.

Subject Issuer	Validity	Valid
hotnewrumor.com R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
popplunder.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa
Frame ID: A8B7F9C6C23D1D8CBA778CE82D6566CD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hotandsweetsex.com/shx1Wc86?aid=bxaxazhppx&kid=ffbxhhazkkx&sub1=NIMAS HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=13j5iop1o8uc3&sub1=40076&sub2=182114... HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=13j5iop1o8uc4&sub2=34496&sub3=21&sub4=13j... HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64fdf63f9353aa00018e0643&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64fdf63f4bb9b903545b6bce&pub_i... HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh9... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

2
Countries

1991 kB
Transfer

2380 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hotandsweetsex.com/shx1Wc86?aid=bxaxazhppx&kid=ffbxhhazkkx&sub1=NIMAS HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=13j5iop1o8uc3&sub1=40076&sub2=182114&sub3=frd HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=13j5iop1o8uc4&sub2=34496&sub3=21&sub4=13j5iop1o8uc3&sub5=40076&sub6=182114&sub7=frd&sub8= HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64fdf63f9353aa00018e0643&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64fdf63f4bb9b903545b6bce&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64fdf63f9353aa00018e0643&url_id= HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response hotnewrumor.com/date/ Redirect Chain https://hotandsweetsex.com/shx1Wc86?aid=bxaxazhppx&kid=ffbxhhazkkx&sub1=NIMAS https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=13j5iop1o8uc3&sub1=40076&sub2=182114&sub3=frd https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=13j5iop1o8uc4&sub2=34496&sub3=21&sub4=13j5iop1o8uc3&sub5=40076&sub6=182114&sub7=frd&sub8= https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64fdf63f9353aa00018e0643&source=34496 https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=64fdf63f4bb9b903545b6bce&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64fdf63f9353aa00018e0643&url_id= https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa	16 KB 4 KB	551ms 170ms	Document text/html	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 10 Sep 2023 17:00:48 GMT ETag W/"64e50b3b-4051" Last-Modified Tue, 22 Aug 2023 19:23:39 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 10 Sep 2023 17:00:48 GMT Location https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H/1.1	200 OK	64dd133c00975.css hotnewrumor.com/date/64dd133bdfcea/	5 KB 5 KB	170ms 169ms	Stylesheet text/css	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 17:00:48 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-14a0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 5280
GET H/1.1	200 OK	jquery.js Show response hotnewrumor.com/date/64dd133bdfcea/	86 KB 86 KB	342ms 171ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/jquery.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 17:00:49 GMT Last-Modified Tue, 22 Aug 2023 21:07:55 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e523ab-15857" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 88151
GET H/1.1	200 OK	main.js Show response hotnewrumor.com/date/64dd133bdfcea/	932 B 1 KB	510ms 169ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/main.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 17:00:49 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-3a4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 932
GET H2	200	fire-app.js Show response popplunder.com/base/	19 KB 7 KB	131ms 33ms	Script application/javascript	18.66.97.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-app.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-18.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 23:57:06 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 61428 etag W/"090fd8bd537efa12def5d7d4f23c68c2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id w1icerG16gnkhim4KvO-MAAxEy4mmsc5r2oDZ0MgAqUY6UDsE4jqgw==
GET H2	200	fire-database.js Show response popplunder.com/base/	182 KB 49 KB	164ms 67ms	Script application/javascript	18.66.97.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-database.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-18.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 23:57:06 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 61428 etag W/"bcb4d088e45dd7c2a996808382370301" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id oAkpDOxlm2lLU3ddxbBLTyCFprYi8XKkJzK9ROA_Sz56CuxVISV90Q==
GET H2	200	fire-firestore.js Show response popplunder.com/base/	281 KB 83 KB	159ms 62ms	Script application/javascript	18.66.97.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-firestore.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-18.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 23:57:06 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:30 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 61428 etag W/"f096087599367f59ada90778b37a17a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id FVeOGHWrawxoSiQxksu_tEplCXg8l1Y0tLPWmHfEH7e4_chVv7Rwrg==
GET H2	200	fire-messaging.js Show response popplunder.com/base/	40 KB 11 KB	134ms 37ms	Script application/javascript	18.66.97.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-messaging.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-18.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 23:57:06 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 61428 etag W/"fd33a322cf105a39b5956f8de02cbfa2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 6u0F1DiCWMf4K-aqS2N7izKo2tksbC9aPenEvJULFB6Fl49X8tU0Zg==
GET H2	200	v3-01.js Show response popplunder.com/base/	9 KB 4 KB	135ms 38ms	Script application/javascript	18.66.97.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/v3-01.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-18.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 23:57:06 GMT content-encoding gzip via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 61506 etag W/"40058a7654925f1b4ffa2b70e48e6dfa" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id hBaCuE3BRs_JvUrkFGQHZvuUFDShiJy_D8tP2Krl6cvpDDeLuOqV9w==
GET H/1.1	200 OK	bb.js Show response hotnewrumor.com/date/	612 B 872 B	510ms 170ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/bb.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 17:00:49 GMT Last-Modified Tue, 22 Aug 2023 18:38:46 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b6-264" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 612
GET H/1.1	200 OK	64dd133c092ab.gif hotnewrumor.com/date/64dd133bdfcea/	2 MB 2 MB	170ms 170ms	Image image/gif	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c092ab.gif Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0` Request headers accept-language nl-NL,nl;q=0.9 Referer https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Sun, 10 Sep 2023 17:00:49 GMT Last-Modified Tue, 22 Aug 2023 18:38:48 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b8-1b2d54" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1781076

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hotandsweetsex.com/	1970-01-20 15:24:03	Name: _subid Value: 13j5iop1o8uc3
hotandsweetsex.com/	1970-01-21 00:15:25	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ3MzA4MFwiOjE2OTQzNjUyNDYsXCIyOFwiOjE2OTQzNjUyNDZ9LFwiY2FtcGFpZ25zXCI6e1wiMTgyMTE0XCI6MTY5NDM2NTI0NixcIjFcIjoxNjk0MzY1MjQ2fSxcInRpbWVcIjoxNjk0MzY1MjQ2fSJ9.RfihyZbjiCQfossfTfMHtUkLLSoDgiNrGwK_fSbFLHs
hotandsweetsex.com/	1970-01-20 15:24:03	Name: _token Value: uuid_13j5iop1o8uc3_13j5iop1o8uc364fdf63ee9ef04.69164341
hotloveland.com/	1970-01-20 15:24:03	Name: _subid Value: 13j5iop1o8uc4
hotloveland.com/	1970-01-21 00:15:25	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2OTQzNjUyNDd9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjk0MzY1MjQ3fSxcInRpbWVcIjoxNjk0MzY1MjQ3fSJ9.zWaTfrRj724GZtGQGetCJ6_9G_mcYeKvjeOZYvqbg3w
hotloveland.com/	1970-01-20 15:24:03	Name: _token Value: uuid_13j5iop1o8uc4_13j5iop1o8uc464fdf63f5e9673.58374532
m.luvmenow.com/	1970-01-20 23:25:01	Name: afclick Value: 64fdf63f9353aa00018e0643
m.luvmenow.com/	1970-01-20 23:25:01	Name: afoffers Value: {"6344":1694365247}
tracking.rwttrack.com/	1970-01-20 14:49:30	Name: sess_6463ca6198cd0931be2b1034 Value: 63ff388140958208f0283c29
civilpup.com/	1970-01-20 14:40:51	Name: uclick Value: sy7sh93y
civilpup.com/	1970-01-20 14:40:51	Name: uclickhash Value: sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=sy7sh93y&uclickhash=sy7sh93y-sy7sh93y-uq-0-3v-8r8n-8rvr-bf1daa(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

civilpup.com
hotandsweetsex.com
hotloveland.com
hotnewrumor.com
m.luvmenow.com
popplunder.com
tracking.rwttrack.com
137.184.131.40
143.198.239.193
172.67.165.105
18.66.97.18
188.114.97.3
2606:4700:3031::ac43:a5ac
2a06:98c1:3121::3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5
1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e
4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c
4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b
5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8
817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae
a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1
f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449

hotnewrumor.com Open in urlscan Pro 143.198.239.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

2 IPs

2 Countries

1991 kBTransfer

2380 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

11 Cookies

1 Console Messages

Indicators

hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

2
IPs

2
Countries

1991 kB
Transfer

2380 kB
Size

11
Cookies

11 HTTP transactions
0 data transactions