urlscan.io logo urlscan.io
SecurityTrails logo

rotatewell.click Open in urlscan Pro
104.21.13.56  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/eqrwamyahhuoo.html#4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21#qwhtbs98gm1gkok...
Effective URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Submission: On March 19 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 42 HTTP transactions. The main IP is 104.21.13.56, located in and belongs to CLOUDFLARENET, US. The main domain is rotatewell.click.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.
This is the only time rotatewell.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 52.95.190.74 16509 (AMAZON-02)
2 146.190.102.210 14061 (DIGITALOC...)
1 45.139.123.67 8100 (ASN-QUADR...)
1 1 104.21.25.176 13335 (CLOUDFLAR...)
30 104.21.13.56 13335 (CLOUDFLAR...)
5 104.21.80.104 13335 (CLOUDFLAR...)
2 172.253.63.97 15169 (GOOGLE)
1 142.250.31.100 ()
42 7
1    52.95.190.74 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com
eqrwamyahhuoo.s3.ca-central-1.amazonaws.com
2    146.190.102.210 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
lilw.artvalvas.net
1    45.139.123.67 (Ashburn, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
echoestune.com
1    104.21.25.176 (None, )

ASN13335 (CLOUDFLARENET, US)
carpetsponge.lat
30    104.21.13.56 (None, )

ASN13335 (CLOUDFLARENET, US)
rotatewell.click
5    104.21.80.104 (None, )

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
event.trk-adulvion.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    142.250.31.100 (None, )

ASN- ()
www.google-analytics.com
Domain Requested by
30 rotatewell.click echoestune.com
rotatewell.click
4 event.trk-adulvion.com trk-adulvion.com
2 www.googletagmanager.com rotatewell.click
www.googletagmanager.com
2 lilw.artvalvas.net eqrwamyahhuoo.s3.ca-central-1.amazonaws.com
lilw.artvalvas.net
1 www.google-analytics.com www.googletagmanager.com
1 trk-adulvion.com rotatewell.click
1 carpetsponge.lat 1 redirects
1 echoestune.com lilw.artvalvas.net
1 eqrwamyahhuoo.s3.ca-central-1.amazonaws.com
42 9

This site contains no links.

Subject Issuer Validity Valid
*.s3.ca-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-12 -
2024-06-16		 8 months crt.sh
echoestune.com
R3		 2024-01-30 -
2024-04-29		 3 months crt.sh
rotatewell.click
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Frame ID: DC1CD169EDA154913F2208D747D348B3
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Home Improvement - We Want Your Opinion!

Page URL History Show full URLs

  1. https://eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/eqrwamyahhuoo.html Page URL
  2. http://lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21 Page URL
  3. http://lilw.artvalvas.net/t/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21 Page URL
  4. https://echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/1580-16735-733104 Page URL
  5. https://carpetsponge.lat/?s1=350359&s2=1157663948&s3=4177&s4=1&s10=1401 HTTP 302
    https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

944 kB
Transfer

2067 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/eqrwamyahhuoo.html Page URL
  2. http://lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21 Page URL
  3. http://lilw.artvalvas.net/t/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21 Page URL
  4. https://echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/1580-16735-733104 Page URL
  5. https://carpetsponge.lat/?s1=350359&s2=1157663948&s3=4177&s4=1&s10=1401 HTTP 302
    https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
eqrwamyahhuoo.html
eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/ 		160 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/eqrwamyahhuoo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.74 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
160
Content-Type
text/html
Date
Tue, 19 Mar 2024 13:51:43 GMT
ETag
"04dd7b82c28303330a1dd53875d76154"
Last-Modified
Mon, 18 Mar 2024 13:36:01 GMT
Server
AmazonS3
x-amz-id-2
W5T2w+gyOgmQQMIbjDwRFfSxFyErkAktHnkFCVdhCM40fyXYKfdBa2isVQ2K5bUX159W0DpPHZs=
x-amz-request-id
GF4C6AKAGN40KDXS
x-amz-server-side-encryption
AES256
733104d21
lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/ 		235 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21
Requested by
Host: eqrwamyahhuoo.s3.ca-central-1.amazonaws.com
URL: https://eqrwamyahhuoo.s3.ca-central-1.amazonaws.com/eqrwamyahhuoo.html
Protocol
HTTP/1.1
Server
146.190.102.210 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
235
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Mar 2024 13:51:43 GMT
X-Address
gin_throttle_mw_7200000000_149.88.16.231
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1710859903
733104d21
lilw.artvalvas.net/t/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/ 		308 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lilw.artvalvas.net/t/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21
Requested by
Host: lilw.artvalvas.net
URL: http://lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21
Protocol
HTTP/1.1
Server
146.190.102.210 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e604310bf9c1339af01c06fe5e1114060d35551874cd397f2fbf72a0dc0a0927

Request headers

Referer
http://lilw.artvalvas.net/rd/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
308
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Mar 2024 13:51:43 GMT
X-Address
gin_throttle_mw_7200000000_149.88.16.231
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
498
X-Ratelimit-Reset
1710859903
1580-16735-733104
echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/ 		134 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/1580-16735-733104
Requested by
Host: lilw.artvalvas.net
URL: http://lilw.artvalvas.net/t/4wYdaW6866iQaG493mainikpsak1580UVWXLAZHNAGBGXW16735/733104d21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.139.123.67 Ashburn, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://lilw.artvalvas.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
134
content-type
text/html; charset=UTF-8
date
Tue, 19 Mar 2024 13:51:45 GMT
server
Apache
Primary Request d5b577d0fa33b56ba3bd341e15c0fa7d
rotatewell.click/
Redirect Chain
  • https://carpetsponge.lat/?s1=350359&s2=1157663948&s3=4177&s4=1&s10=1401
  • https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
53 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Requested by
Host: echoestune.com
URL: https://echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/1580-16735-733104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7709b1598e0f6ae81316bfd7fdbe0e1897177d8e48cae1ca96ff2e2e18ccba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://echoestune.com/0/0/0/636f24d2449a9076fa74638df1865203/21/493-6866/1580-16735-733104
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
866df06aa97954d9-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Mar 2024 13:51:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpxQa%2BhyHLzgPxrfG%2BTRJrUJrlmyA4mtVG62%2BUDfGzmF46RrS%2BbOaB1hU%2Fj6oaE5rTotTv%2BRhIT9RYf7lsrr2%2FnGgXplfomKiB9Lq7%2BISbRVjLraW%2B%2FU3iaMOEpGMD2ytVFs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
866df0677f025431-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 19 Mar 2024 13:51:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gL2tbt4t5qdzBqU4eVHEqIC%2BD7X%2BAitq9nk6nyy51eyJqsTZwYbBGzvFp1IyD6JAwrhOXhr0tT1sCm9jQFlECYyG7FugX1HVMni6eiPhQKAD7R8kWEQyx9k%2FfdDY%2Fz9xkc2m"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
rotatewell.click/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rv2BN3Vs%2F8PBs%2FdaMtOU3W4M3QsW8NNes7jd66iIDzMgbPS8NU3t1Zo2vlFf5peQzGKGHpIiZElPw2z2IwS7A04QpKQ5J621tyZOboPj%2BGSyb19egIWwxa5T84baZEtKiSsF"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0712a8454d9-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
all.min.css
rotatewell.click/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4symKXtM0KSY6eiHmTfPUg7jT0P8hh6kfpCGp1jLGOIcGTzNW3mBK%2Fooyonc6W40sNXovwAowpi%2F%2Bkj78qvKeSGhMLh5jwh1xr91RVcR8xIo6GRT6wcGeSUjob9Ja7qRDEI"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0712a8954d9-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
mont-heavy.otf
rotatewell.click/assets/css/dublin/ 		134 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/css/dublin/mont-heavy.otf
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64bfcaf7d5071a48d3114cccc6ec7338038aaf59d52b76cd513fcd03702b153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Origin
https://rotatewell.click
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Sep 2023 14:38:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
font/otf
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvSYd6ZiS5Xk3d1TpGVEP7rirWKqVuap7xokUTgt8WSjlmuVcpr%2B7qEB9T2AtMDax8RGyQfSJPjydOsPBqbh59p2PLJOYLBFs%2BkGyvPpDmBSDkyTsIsZFOsUU9K3Bt87VkvG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
866df0712a8c54d9-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
common.css
rotatewell.click/assets/css/dublin/ 		61 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/css/dublin/common.css?v=9c42e358cfa0bc04a6153213efaf3ea7
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb338099ffeb76efc945fdeceea8628d6d6d3aed64314659995545f9975ec81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 28 Feb 2024 16:37:01 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxk5TKF%2Fj41lyo8TzAh0FZBr1I2YAxeyvEXdsrwI23OHqSnT8zlzu3CWYrodfasH6cw6l22KuS004O4VwLgNdWmNC73ZwDTo%2BWcbAlDdexstxGzLNebpVR3fX%2F4NVqB5UCsr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0712a8b54d9-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
msg.v3.js
rotatewell.click/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/inc/msg.v3.js?65f99872ec274
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSLe19qrCV389IMqevkl7ELkoJpU5CaaewK1yOjPBAEImQOGNGFM5f4sZqfVtxvfznXo9UbchNxTzjAmLjsTl8%2BVePTL0r%2FZcbXDgDJwIGH4QeE8DPUVnq1%2FLRk6EhrMVhAZ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0713a8d54d9-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
Lowes-Logo.png
rotatewell.click/uploads/archive/company/60/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/company/60/images/Lowes-Logo.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8a4b29d82a9b8bb2f577bb1a64c13acb3f870d26ca34025536281b5c73cb9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
content-length
20391
x-xss-protection
1; mode=block
last-modified
Tue, 21 Sep 2021 14:06:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0gWc4Pdus8wRTD6UiF38fQM45d4Wwz%2B1ZRN9wMQ%2BhQXhndx69VrYOJ2uPI7nDz2Vy%2FAxLHqhjZkl7FxlBTk6Dieb2crtBNHU4FcXdF4jdQngiHP4HBUN7rPP3etog5Z683O"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0713a9054d9-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
242cbe78a92e47c2fdfb0f95950645fd.png
rotatewell.click/fim/1401-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/242cbe78a92e47c2fdfb0f95950645fd.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8581b7303f826b134b1c47eae7c9a672514237095854a9596e23c0c141a1456a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2375
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vsO3EuqnNiE%2BYzXgDIwUGjA8rIUo5Zotut2g06n2nBJz5kR9cjqcY3aDDdnuZH1XaCi41huzLdotXe5Mp4AEwnjF%2Fyo%2BgZPFLhyGz77dPoqGnDO2eyMj8VjJ6me1UNxRE0i8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0713a9354d9-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
dewalterwhite.png
rotatewell.click/uploads/archive/product/248/images/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/dewalterwhite.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0af3064ec362abee59ae432e41d564e77f5c88d7d4818b6173308ff2d6bee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
content-length
85115
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:32:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuIN9GSLZS%2BiW3cmqEP0A%2FZCMvDc7DLGVSJ98aYvZTbFLnUvqOrjq6T3eQapaxP8uaRIHdNnlALXVdQMCfdhBHsLYYYze2JhH1cM%2Ba7CSzSSn1EcNgC3%2Fn0Hs5ntV45yb48s"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0717b0e54d9-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
53e84a1ad510e0009a200328bd0d2bc0.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/53e84a1ad510e0009a200328bd0d2bc0.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2081
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeDdA7hj5pdXa1M1bPNOYqngZ8IbO59YTSEUsmrcag2mcJK9AK8VTmW%2BfP4tHaj56ggQXbrea7V4oIUuqNScadXlITde71EkBp%2BxsaUmhjQV0KwMmZowstoMYyRbYIVhvsHx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df071da96a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
cmt--222.jpg
rotatewell.click/uploads/archive/product/248/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/cmt--222.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0097c9e5bb44d404cbfeedaab7de01f366c08b35d64cfbaed6e9fc2a26f4e07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85147
alt-svc
h3=":443"; ma=86400
content-length
15696
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T93XLioed9FrVstBdcP8SR4v5wXDXGs9jlR%2FO7ET6%2FwYJ4LiOUtdQZch8KJX6wcBWfEGbYE%2BpHidz7H%2F6czzEQSGHqk142jggRr8eIQDvqzYaXvbDHUKNugq5KZQEXcyy2HY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c36a1e1-YYZ
expires
Mon, 25 Mar 2024 14:12:40 GMT
70b0c42aca8fc45ecfd1628e9706eb87.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/70b0c42aca8fc45ecfd1628e9706eb87.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1964
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sobcTeNQyaWsmTFhYPAS3sLdoJHuySHYgN%2BCOzYhYOfLwcGgAcO6cyWA%2B4glocl78mrqWyWuVHUHuvvLiofUXrD1Cqs5TNtzbtMUpdYsPFrY2yipgNX5yQREDFChV4iEZqvc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c37a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
201c9f69fb3dbc430e2da8e6c6d01668.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/201c9f69fb3dbc430e2da8e6c6d01668.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e82cf7ddbe4a9c472c9780a67d937fe6816df2bb4e628aab45eb62ad3a7760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1847
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxNZTdYl%2BMRaI86zArgtxvitdv7RuaM%2BkGVbACIigWt%2BZuFsuUY8GzjUwKsY6GL9pOlpK4R%2BrzoWvPrqup5fCDFEBo7T9tSt4noEx2ABs5Y0I4viaeF5LUWW8SuraQUgKb1y"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c3aa1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
63f362334b73ac76c73b4b105ad586c0.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/63f362334b73ac76c73b4b105ad586c0.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yb8n9wDY90v6G%2BdeATed516OXX%2FQeMyhnPyMll%2Fd2R636yGOmtkrb%2BWiIgWCwB9Gz0bZLPC7srIjIOsUF1UC7A0zCOBg%2Fu1cpaTn8DqLm6KBWZjIB2hPGSoHZa%2Bf%2FFz0wiQv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c3ba1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
66dca0e2cff09948c9efcacaeaaa96fb.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/66dca0e2cff09948c9efcacaeaaa96fb.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1993
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMTPlweZL7xKAgnh7LMH1GnWXDOx%2FRBD5EBXGIF%2FlkGpy0AVyjzA3M%2BQ%2BZi9NTbqYfXLER7GI4Bf4uF%2FJLrzi2tvqfL47kYoGW%2BzJRTL89jJ83kQhnmufMgPcpAWTGZQISFk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c3ea1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
7f778e602a698c5cd7dfe1b8c58f0665.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/7f778e602a698c5cd7dfe1b8c58f0665.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355076dabb5e17b8443d2ab2f8d33191ca2d2d5369207cda364ce612d96e2cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2043
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZsXdcm0hbvsE6KGTKV0tHahQh45SZ5DzVjQ%2B4ixIOXS34iH29PYXBH3GFfkm07c6mdewzPI%2Bb1928pMhabVTrBHdNCKqyenwrQQ23asrMtCN%2BQJ6BbCcFrG5p3T%2FAGOoBxz"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c40a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
maxresdefault.jpg
rotatewell.click/uploads/archive/product/248/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/maxresdefault.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a837aed00580fa70396811a9979d9e8e1c3a17ef6a6294a808f2590c4ae304b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85147
alt-svc
h3=":443"; ma=86400
content-length
11532
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKFZ32L50Pk2NYo3qkwY5qUW%2FUNFnBn8oR05TO6KnooZC5fiWSBkDOeqNP9QiGzwslWGyyKr4%2F3v05pFKO3TymYMt6%2Fvy2yfihCWHd%2FYA9W23MBCiOw7TWAFeCvoSCaCN0HR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c42a1e1-YYZ
expires
Mon, 25 Mar 2024 14:12:40 GMT
9fa86674bcb2f58ad1045bc4fda99327.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/9fa86674bcb2f58ad1045bc4fda99327.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1784
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb28GnjC8TxN7illNeIs9Chi2skD%2FPORC5OnvaEmMZIFjX%2F1hxnu1Fcj7uF9zzmHggcmpwiy4tqSXzGIyvzKKFFzzujoWFFUkDEcnymgJeTqE4FsXR%2BAGvXTtG%2F318vW6GQe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c43a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
b34fb82e9e0463bcaa37e255ff2d83a5.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/b34fb82e9e0463bcaa37e255ff2d83a5.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1941
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pd96T8ea5WiiuvGt%2BvwF8ySaWMgoEV5Ml3DmnuLKeh8FVTafiOMrmrO5GMOTWGFNFGUGWVY2dscVq7UsjTz1V6koWpDzJuVlcVhU%2FV0E3iwzKeZu771WGA658AZowz%2FN2eU8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c45a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
cmt--111.jpg
rotatewell.click/uploads/archive/product/248/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/cmt--111.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4beb3e330f8ec38d995717add18fc010bb4fe27e4cd09303dd6d3c7cc8e6ec79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85146
alt-svc
h3=":443"; ma=86400
content-length
14780
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7BgbJCGKFPwwsBcc%2Fe53EbhnlTYfuZYNlbP1ZZDWWSISwZkaKOXriRHKy1KNUSEFvwMHDku70SxJsjgzHL9lpiqOukWq8fqLvsF%2B3oGI8oru%2FtUHwu8208PCgCjkEBgjQGm"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c48a1e1-YYZ
expires
Mon, 25 Mar 2024 14:12:40 GMT
54ab60e66b86ce9687d6f0a7febf44ed.png
rotatewell.click/fim/1401-CA/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/54ab60e66b86ce9687d6f0a7febf44ed.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 13:51:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxbFC9IfpyeLwFLjxArfVtpUeR9RuopwT%2BbTmpo9uxeh5QcL6ancyTQEnbDGw6V7Eb8mzI7SW9Igw51EsH19WDs4GckTf4OdvpyZmMLLhrmpXV%2BZyhfk0Tr%2FWR4wcVKrMEys"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c49a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
email-decode.min.js
rotatewell.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f099fc-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kp83DMe%2F%2BcFrPok8Em13BwmqxuheDDNZUZvyD6fQzT3q7LePliX8EO5OGxi0YvyRug6KewNABU7wIKPydDQUXXCCDKDlHIThiX0gl1WANl7Md8pEWLZFSQMQnty9KpsOC5t6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
866df0725b8fa1e1-YYZ
expires
Thu, 21 Mar 2024 13:51:47 GMT
jquery-3.4.1.min.js
rotatewell.click/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0po60z%2BAAxk9U5ZKKdmKhzCUHoEC9uYi3gyPvbW6JyxquOBrds7C0HC8yhfA%2FIXLVnpeu1i3PlJv5YWluXR9UdyV7mF9%2FsWsZhO7Rbh5phce%2BkJ5RMKuy90BesdjDDoxgHi3"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0728c06a1e1-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
bootstrap.min.js
rotatewell.click/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
102210
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0at9JiukWYotex5HAmjbQ2SJ5%2FDMD5KQ8veDwW9Mv45dTZsip1SzaZE5n8KnUVxiz%2FrbWNeZG9WrzKQlErvQpcfZ3HctGvWOw4%2Bv21O4WD%2Bkp%2Fi%2Fu8b5v7E8eMUPlN0iq0mB"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0729c23a1e1-YYZ
expires
Mon, 25 Mar 2024 09:28:17 GMT
functions.js
rotatewell.click/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/functions.js?v=9c42e358cfa0bc04a6153213efaf3ea7
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ebfc0168a8c147fa15ef9d89fbbc16d7365d0c6d98dd49243924d62707d6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 14:18:07 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXrHONEC8MT9KBNYnCm%2BjjxIJ4XTTd4T1B4LiVT7KvhSQ3RvMMHH6tu%2BHzDpaYz7jm%2Bji4xGouuGWlzdv6zBeTnilrl8bsdqHwIPlGWZ7k1JiayCpZeP%2FCoYNa%2Fkr%2BlSf9UM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0729c29a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
gbvar.js
rotatewell.click/assets/js/ 		41 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/gbvar.js?v=52
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtZOHfyk6iPTfv6RdUaKtxnmKu9TFqL7%2FFWoNNMC%2B1AjorGuGY5sGuFItDvwkC78Qdxw9N0nyZn2ixvmqCMnUnBsmuUDYgZE%2F0D2BumbHXK25MB4IZlmngwxm4glTqVptROe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df0729c2ea1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
intl_functions.js
rotatewell.click/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/intl_functions.js?v=9c42e358cfa0bc04a6153213efaf3ea7
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 20 Dec 2023 19:19:33 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdb3xM3CeyJTW%2BaQhp0Lc4z6%2FpmgHywxiAc%2FygrEUmXICDbOSqFWSwvrq3Oz%2FhkZQk%2BzRTxDfdIOo1TLMsppyaoVOyaLsm4uQYqVIcfN27FSSZOpxUZSurBz4rvktL8U7nSd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0729c31a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
common.js
rotatewell.click/assets/js/dublin/ 		75 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/dublin/common.js?v=9c42e358cfa0bc04a6153213efaf3ea7
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482f9b1a798ced22854209c0fda118d957133e143483eeaf3d5f063a134f918c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Mar 2024 21:52:12 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtfciHLp%2BaEX9OltPLW3uK0YaYoLetoGJuNYXd8fwaQ1DdZGU8A9ax2YYkIU3AUcLpA7Cx8ZdK83gZHPGC%2FHD6bQN%2FGmuCs4jelLZUgH5vAnmTSss6RW6buj6iB0mVbypjLX"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
866df0729c33a1e1-YYZ
expires
Tue, 26 Mar 2024 13:51:47 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/inc/msg.v3.js?65f99872ec274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6062
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Mar 2024 12:10:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVISPz7NIih8jKrCYvq%2FLS6nU3DgBt0v1mEZf3%2BCAO6y97KPqrnOXQE5fUflX%2B03dv8%2FeF8xewqm2g4y6EmhzcFknVN4WbXq0V%2BGV5cBo6MspXGNt9v3st5%2BUQfG0%2Bh6vJMe"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
866df0730d0b36a0-YYZ
expires
0
gtm.js
www.googletagmanager.com/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3b277ade541b41d322b4667209dd7b3e7c985fc8658a6064c3c2ef8ee50f6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68958
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Mar 2024 13:51:47 GMT
fa-solid-900.woff2
rotatewell.click/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Origin
https://rotatewell.click
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85147
alt-svc
h3=":443"; ma=86400
content-length
327824
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVM%2BRlhe%2BqbSHX2DstfHpDZ88qawS4CKFFlyRbHLk44DAEeEvdx4LN7dljarYT1x0nPneXkhZyKQf265qkHFl50PU0FhbpOttfIY32PrvS6%2Fv0v%2BKYZpucPXyQcpbE%2FfpDcT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
866df072bc60a1e1-YYZ
expires
Mon, 25 Mar 2024 14:12:40 GMT
d5b577d0fa33b56ba3bd341e15c0fa7d
rotatewell.click/ 		25 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/inc/msg.v3.js?65f99872ec274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.13.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Mar 2024 13:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vURLRXtOelc4axHU60qPR5P95Ytag65Kgz%2BDkZmkJPWbPp8h5vGMUxoDA3jpNGmiGIim%2BZUXpcw4jh1%2BDRwDwfYDgLWkvavE1OavzbJKTmMY6UEM1eJgSyJrOCgVmaxkxrzr"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
866df0738dcda1e1-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
40aebbf85cc4e6f8a7c2d0a2fd0db6c199e7a4de632e286b3915ff75bf56220f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 13:51:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88828
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Mar 2024 13:51:47 GMT
collect
www.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=45je43d0v882458333z8849140141za200&_p=1710856307604&gcd=13l3l3l3l1&npa=0&dma=0&cid=1496447140.1710856308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710856308&sct=1&seg=0&dl=https%3A%2F%2Frotatewell.click%2Fd5b577d0fa33b56ba3bd341e15c0fa7d&dr=https%3A%2F%2Fechoestune.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Home%20Improvement%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2332
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.100 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rotatewell.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 13:51:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rotatewell.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rotatewell.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
866df076aab636b2-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 19 Mar 2024 13:51:48 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvTa287bSnLaghKj9CJdaKTEqAxri%2FOLH8leKpnFTJJWCgXYcWNTCkQFlHmxS7KN1CBxZaYrJW9Et%2BPSOe5exfKbbMAorBC0lJ4w6K6b0r%2FxXYdEqpT%2Bv%2FeGbLwY2WrPxTFVwFtvcTeL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 19 Mar 2024 13:51:48 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khlhFu4p8QgE%2FpeCrpvFz8CMOdz8i9pUQs3ICnRFX8JZ37tUu2Bk%2F9tR2XNVaO8kR64L8kjutT28Rs4f2wgbKYVQMbjD5oaGWBor8EtnWU9hfa2wnkX3jwfB0bd010G2nqMZuFMhEiME"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
866df0775c0136b2-YYZ
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 19 Mar 2024 13:51:48 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sOh3auH%2BjmS1wNVtbyd1E5x3m2STKhIpnywG0Wr8c4fJwasFdXgDcTU0IwYrH8x4A2Vc3huIK4Wh1bIpQJYmU%2FoXNBy4HFErnRcou5OTOtfIb0eMY9faYfDowneqvUiGedeOCwRG2fiB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
866df076fb5c36b2-YYZ
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rotatewell.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
866df076aab836b2-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 19 Mar 2024 13:51:48 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhEBpQtGWu7hgnk5yP3xfqFII4heoVk6lw0pODYcS8qjS1nFtkO0rYqJP5c1d8VdvOhd2jhUVp5c%2B9iJc2wyM9uQmYXP66wx55xh975FJMvNanmKwsVnSrHjLOKAINC6TUV%2FYazyBaFN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore number| refresh_page function| datehax function| startTimer number| duration undefined| time undefined| refresh string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP object| google_tag_manager object| google_tag_data string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU function| count_p function| mfq_tags number| count_img number| time_img function| fadeInImgModal string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl string| questiontx string| of number| advEmail number| email_pixel number| cpl_pixel string| cpl_pixel_atp string| prod_var string| pname_modal number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
echoestune.com/ Name: uid4177
Value: 1157663948-20240319095145-5ba165a6bc31abaff6de694727ce6d09-0
carpetsponge.lat/ Name: PHPSESSID
Value: 16edaf258c05782f0eaea34e55d974d6
rotatewell.click/ Name: PHPSESSID
Value: a118ae3989f2a379ef0e692f6e1f4f86

1 Console Messages

Source Level URL
Text
other error URL: https://rotatewell.click/d5b577d0fa33b56ba3bd341e15c0fa7d
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carpetsponge.lat
echoestune.com
eqrwamyahhuoo.s3.ca-central-1.amazonaws.com
event.trk-adulvion.com
lilw.artvalvas.net
rotatewell.click
trk-adulvion.com
www.google-analytics.com
www.googletagmanager.com
104.21.13.56
104.21.25.176
104.21.80.104
142.250.31.100
146.190.102.210
172.253.63.97
45.139.123.67
52.95.190.74
0097c9e5bb44d404cbfeedaab7de01f366c08b35d64cfbaed6e9fc2a26f4e07e
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
355076dabb5e17b8443d2ab2f8d33191ca2d2d5369207cda364ce612d96e2cec
3b0af3064ec362abee59ae432e41d564e77f5c88d7d4818b6173308ff2d6bee1
3b277ade541b41d322b4667209dd7b3e7c985fc8658a6064c3c2ef8ee50f6a54
40aebbf85cc4e6f8a7c2d0a2fd0db6c199e7a4de632e286b3915ff75bf56220f
482f9b1a798ced22854209c0fda118d957133e143483eeaf3d5f063a134f918c
4beb3e330f8ec38d995717add18fc010bb4fe27e4cd09303dd6d3c7cc8e6ec79
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
60e82cf7ddbe4a9c472c9780a67d937fe6816df2bb4e628aab45eb62ad3a7760
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
75ebfc0168a8c147fa15ef9d89fbbc16d7365d0c6d98dd49243924d62707d6f1
7709b1598e0f6ae81316bfd7fdbe0e1897177d8e48cae1ca96ff2e2e18ccba99
8581b7303f826b134b1c47eae7c9a672514237095854a9596e23c0c141a1456a
8a837aed00580fa70396811a9979d9e8e1c3a17ef6a6294a808f2590c4ae304b
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
cc8a4b29d82a9b8bb2f577bb1a64c13acb3f870d26ca34025536281b5c73cb9f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
deb338099ffeb76efc945fdeceea8628d6d6d3aed64314659995545f9975ec81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e604310bf9c1339af01c06fe5e1114060d35551874cd397f2fbf72a0dc0a0927
e64bfcaf7d5071a48d3114cccc6ec7338038aaf59d52b76cd513fcd03702b153
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194