hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/LoliMatt
Effective URL:
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr...
Submission: On October 16 via manual (October 16th 2023, 11:44:44 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 8 domains to perform 11 HTTP transactions. The main IP is 143.198.239.193, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hotnewrumor.com.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.

This is the only time hotnewrumor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.165.105 172.67.165.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6815:b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	137.184.131.40 137.184.131.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	143.198.239.193 143.198.239.193	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
11	2

1 2606:4700:10::6814:8a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lavelove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.105 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hotloveland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:b53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.rwttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.184.131.40 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

civilpup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.198.239.193 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hotnewrumor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

popplunder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hotnewrumor.com hotnewrumor.com	2 MB
5	popplunder.com popplunder.com — Cisco Umbrella Rank: 444215	149 KB
1	civilpup.com 1 redirects civilpup.com	623 B
1	rwttrack.com 1 redirects tracking.rwttrack.com	689 B
1	luvmenow.com 1 redirects m.luvmenow.com	660 B
1	hotloveland.com 1 redirects hotloveland.com	969 B
1	lavelove.com 1 redirects lavelove.com	1003 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 18021	548 B
11	8

	Domain	Requested by
6	hotnewrumor.com	hotnewrumor.com
5	popplunder.com	hotnewrumor.com
1	civilpup.com	1 redirects
1	tracking.rwttrack.com	1 redirects
1	m.luvmenow.com	1 redirects
1	hotloveland.com	1 redirects
1	lavelove.com	1 redirects
1	tinyurl.com	1 redirects
11	8

This site contains no links.

Subject Issuer	Validity	Valid
hotnewrumor.com R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
popplunder.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154
Frame ID: CC4AF7631A5D4F4D99700A40C980513E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tinyurl.com/LoliMatt HTTP 301
https://lavelove.com/1mnsDGmn?aid=bxdpfbhx&kid=gbxkkdpfxbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=djjnf71rir2m&sub1=4034&sub2=204204&s... HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=3p5qv6j1rir2n&sub2=34496&sub3=21&sub4=djj... HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_652dcae6b09cbb000170e12f&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=652dcae670ea3503451a0fed&pub_i... HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17he... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

2
IPs

1
Countries

1986 kB
Transfer

2380 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/LoliMatt HTTP 301
https://lavelove.com/1mnsDGmn?aid=bxdpfbhx&kid=gbxkkdpfxbx HTTP 302
https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=djjnf71rir2m&sub1=4034&sub2=204204&sub3=frd HTTP 302
https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=3p5qv6j1rir2n&sub2=34496&sub3=21&sub4=djjnf71rir2m&sub5=4034&sub6=204204&sub7=frd&sub8= HTTP 302
https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_652dcae6b09cbb000170e12f&source=34496 HTTP 302
https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=652dcae670ea3503451a0fed&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_652dcae6b09cbb000170e12f&url_id= HTTP 302
https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response hotnewrumor.com/date/ Redirect Chain https://tinyurl.com/LoliMatt https://lavelove.com/1mnsDGmn?aid=bxdpfbhx&kid=gbxkkdpfxbx https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=djjnf71rir2m&sub1=4034&sub2=204204&sub3=frd https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=3p5qv6j1rir2n&sub2=34496&sub3=21&sub4=djjnf71rir2m&sub5=4034&sub6=204204&sub7=frd&sub8= https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_652dcae6b09cbb000170e12f&source=34496 https://civilpup.com/c117l2k.php?key=fioyisi5pul5feh865zl&click_id=652dcae670ea3503451a0fed&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_652dcae6b09cbb000170e12f&url_id= https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154	16 KB 4 KB	551ms 167ms	Document text/html	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 16 Oct 2023 23:44:39 GMT ETag W/"64e50b3b-4051" Last-Modified Tue, 22 Aug 2023 19:23:39 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Mon, 16 Oct 2023 23:44:38 GMT Location https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H/1.1	200 OK	64dd133c00975.css hotnewrumor.com/date/64dd133bdfcea/	5 KB 5 KB	170ms 168ms	Stylesheet text/css	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Mon, 16 Oct 2023 23:44:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-14a0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 5280
GET H/1.1	200 OK	jquery.js Show response hotnewrumor.com/date/64dd133bdfcea/	86 KB 86 KB	338ms 168ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/jquery.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Mon, 16 Oct 2023 23:44:39 GMT Last-Modified Tue, 22 Aug 2023 21:07:55 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e523ab-15857" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 88151
GET H/1.1	200 OK	main.js Show response hotnewrumor.com/date/64dd133bdfcea/	932 B 1 KB	505ms 167ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/64dd133bdfcea/main.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Mon, 16 Oct 2023 23:44:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:47 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b7-3a4" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 932
GET H2	200	fire-app.js Show response popplunder.com/base/	19 KB 7 KB	63ms 18ms	Script application/javascript	18.66.97.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-app.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 04:45:02 GMT content-encoding br via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 69366 etag W/"090fd8bd537efa12def5d7d4f23c68c2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id y6g0RPoD-n8XOG-GMG1Czd4-5Gbnet5HmUXMMT4Vo5bsGdEmCDtP3A==
GET H2	200	fire-database.js Show response popplunder.com/base/	182 KB 49 KB	63ms 19ms	Script application/javascript	18.66.97.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-database.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 12:39:39 GMT content-encoding gzip via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 39956 etag W/"bcb4d088e45dd7c2a996808382370301" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id JTAUqfI8n4blU6CTosLc7Bg7K-XVT8brZefsWoIdHZR28xm662ZA3A==
GET H2	200	fire-firestore.js Show response popplunder.com/base/	281 KB 78 KB	54ms 10ms	Script application/javascript	18.66.97.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-firestore.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 07:01:38 GMT content-encoding br via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:30 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 60181 etag W/"f096087599367f59ada90778b37a17a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 4zh98uz6lbmymr9A_fnHM76Rp-rjTV9R-4ktfDqrwqXyKZycTxkfxQ==
GET H2	200	fire-messaging.js Show response popplunder.com/base/	40 KB 11 KB	66ms 22ms	Script application/javascript	18.66.97.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/fire-messaging.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 05:10:41 GMT content-encoding gzip via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 67061 etag W/"fd33a322cf105a39b5956f8de02cbfa2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id kqnGSsOLiPG_m8YygIExXp0V-Qtus1YGG6CLbhRKatdbfC8JcIIzIg==
GET H2	200	v3-01.js Show response popplunder.com/base/	9 KB 4 KB	65ms 22ms	Script application/javascript	18.66.97.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://popplunder.com/base/v3-01.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 08:14:38 GMT content-encoding br via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2023 03:01:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 55802 etag W/"40058a7654925f1b4ffa2b70e48e6dfa" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id ee1gX3cwDFw1_HaHQtupEPBcoJ22gwZSBOzMWwDdwFj4SHtBL3oLZA==
GET H/1.1	200 OK	bb.js Show response hotnewrumor.com/date/	612 B 872 B	504ms 168ms	Script application/javascript	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hotnewrumor.com/date/bb.js Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Mon, 16 Oct 2023 23:44:39 GMT Last-Modified Tue, 22 Aug 2023 18:38:46 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b6-264" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 612
GET H/1.1	200 OK	64dd133c092ab.gif hotnewrumor.com/date/64dd133bdfcea/	2 MB 2 MB	168ms 168ms	Image image/gif	143.198.239.193 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://hotnewrumor.com/date/64dd133bdfcea/64dd133c092ab.gif Requested by Host: hotnewrumor.com URL: https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.239.193 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0` Request headers accept-language de-DE,de;q=0.9 Referer https://hotnewrumor.com/date/64dd133bdfcea/64dd133c00975.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Mon, 16 Oct 2023 23:44:40 GMT Last-Modified Tue, 22 Aug 2023 18:38:48 GMT Server nginx/1.18.0 (Ubuntu) ETag "64e500b8-1b2d54" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1781076

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lavelove.com/	1970-01-20 16:16:18	Name: _subid Value: djjnf71rir2m
lavelove.com/	1970-01-21 01:07:39	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxODU4M1wiOjE2OTc0OTk4NzcsXCI4XCI6MTY5NzQ5OTg3N30sXCJjYW1wYWlnbnNcIjp7XCIyMDQyMDRcIjoxNjk3NDk5ODc3LFwiMVwiOjE2OTc0OTk4Nzd9LFwidGltZVwiOjE2OTc0OTk4Nzd9In0.A4BZKUN3oTg1_hli528FqcMQU0M7bxUfotKAuFoWO7E
lavelove.com/	1970-01-20 16:16:18	Name: _token Value: uuid_djjnf71rir2m_djjnf71rir2m652dcae5a82131.61923331
hotloveland.com/	1970-01-20 16:16:18	Name: _subid Value: 3p5qv6j1rir2n
hotloveland.com/	1970-01-21 01:07:39	Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2OTc0OTk4Nzh9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjk3NDk5ODc4fSxcInRpbWVcIjoxNjk3NDk5ODc4fSJ9.IFDc5lTQor7_9EJdUu9aPGkETNELR4x0-wZ9_cCEwFw
hotloveland.com/	1970-01-20 16:16:18	Name: _token Value: uuid_3p5qv6j1rir2n_3p5qv6j1rir2n652dcae6465ce2.75655650
m.luvmenow.com/	1970-01-21 00:17:15	Name: afclick Value: 652dcae6b09cbb000170e12f
m.luvmenow.com/	1970-01-21 00:17:15	Name: afoffers Value: {"6344":1697499878}
tracking.rwttrack.com/	1970-01-20 15:41:44	Name: sess_6463ca6198cd0931be2b1034 Value: 63ff388140958208f0283c29
civilpup.com/	1970-01-20 15:33:06	Name: uclick Value: 8r17hekt
civilpup.com/	1970-01-20 15:33:06	Name: uclickhash Value: 8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://hotnewrumor.com/date/index.html?campaign=dtf4&t=p&uclick=8r17hekt&uclickhash=8r17hekt-8r17hekt-uq-0-3v-8r8n-8rvr-5f4154(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

civilpup.com
hotloveland.com
hotnewrumor.com
lavelove.com
m.luvmenow.com
popplunder.com
tinyurl.com
tracking.rwttrack.com
137.184.131.40
143.198.239.193
172.67.165.105
18.66.97.10
2606:4700:10::6814:8a41
2606:4700:3037::6815:b53
2a06:98c1:3120::3
2a06:98c1:3121::3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0ea03f378bb21d0116501fa47d6931988c3031757ba40e48e2903d997b1b73c5
1f652cf641562f5e20ad7ecb482942e25513fa1f03dcef3069522f666baa893e
4412bf90b45d072bc4b1a7ceb738af189c917279bb5c07f56051cfbb39310c7c
4c4c8517ee631bd096163db4243eb44b5de4bf08387d34c257ca09905b9b721b
5e215eea03fa2f8d267b458da7eb6e3581e7f613dc0d50482c8ae94434e23553
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
815b727fc9a48a183aa5b764d7292821f55d4da5230f2bd010ab218cfc5395f8
817c7745fbcba76d2a0b01988d82ee34613bd238e7252e0c0407d227832b23ae
a0c5aac68371e206b48a85cf14d4037a5b32ed885868a91aa71374993ad538c1
f988713e91ff6ba0d5af873988f8ed6b58e7d00967fee40263ded4c79086d449

hotnewrumor.com Open in urlscan Pro 143.198.239.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

2 IPs

1 Countries

1986 kBTransfer

2380 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

11 Cookies

1 Console Messages

Indicators

hotnewrumor.com Open in urlscan Pro
143.198.239.193 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

2
IPs

1
Countries

1986 kB
Transfer

2380 kB
Size

11
Cookies

11 HTTP transactions
0 data transactions