urlscan.io logo urlscan.io
SecurityTrails logo

newrotationurl.com Open in urlscan Pro
35.158.213.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clk.apxadtracking.net/iclk/redirect.php?id=KW8UKN2rmzjMIWuXeTbuKWJQKTbXD3xMgT2aKWor&trafficsourceid=29698&dv5=25&nw_s...
Effective URL: https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379...
Submission: On October 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 9 domains to perform 10 HTTP transactions. The main IP is 35.158.213.194, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is newrotationurl.com.
TLS certificate: Issued by Amazon on June 28th 2018. Valid for: a year.
This is the only time newrotationurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.243.47.67 24940 (HETZNER-AS)
2 2 212.32.252.70 60781 (LEASEWEB-...)
3 205.147.93.132 393676 (ZENEDGE)
1 1 108.163.203.126 32475 (SINGLEHOP...)
3 35.158.213.194 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 5
1    136.243.47.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.67.47.243.136.clients.your-server.de
clk.apxadtracking.net
2    212.32.252.70 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
mobilitypn.go2affise.com
3    205.147.93.132 (North Miami Beach, United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
elegnem.com
trafficsel.com
pirfuc.com
1    108.163.203.126 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
click.clickkmobi.com
3    35.158.213.194 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-213-194.eu-central-1.compute.amazonaws.com
newrotationurl.com
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 newrotationurl.com pirfuc.com
newrotationurl.com
2 mobilitypn.go2affise.com 2 redirects
1 fonts.gstatic.com
1 fonts.googleapis.com newrotationurl.com
1 pirfuc.com trafficsel.com
1 trafficsel.com elegnem.com
1 click.clickkmobi.com elegnem.com
1 elegnem.com
1 clk.apxadtracking.net 1 redirects
10 9

This site contains no links.

Subject Issuer Validity Valid
elegnem.com
Let's Encrypt Authority X3		 2018-07-24 -
2018-10-22		 3 months crt.sh
newcpgndomain.com
Amazon		 2018-06-28 -
2019-07-28		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-09-18 -
2018-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1&
Frame ID: 7E72D612EF9EF85BB2826865E02BAB95
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://clk.apxadtracking.net/iclk/redirect.php?id=KW8UKN2rmzjMIWuXeTbuKWJQKTbXD3xMgT2aKWor&trafficsourcei... HTTP 302
    https://mobilitypn.go2affise.com/click?pid=18&offer_id=1223&aff_id=18&sub2=25785_29698&sub5=c2d6ss6xfpe5 HTTP 302
    https://mobilitypn.go2affise.com/click?pid=18&offer_id=489&sub2=25785_29698&sub1= HTTP 302
    https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&click... Page URL
  2. https://click.clickkmobi.com/?cid=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&utm_medium=42e6... HTTP 302
    http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300 Page URL
  3. http://pirfuc.com/space/optical-carrier/5bb42831820ae2.67472362?cp=kDE15GOB0009OG1003S70HDTJ05... Page URL
  4. https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI01... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

10
Requests

60 %
HTTPS

29 %
IPv6

9
Domains

9
Subdomains

5
IPs

4
Countries

105 kB
Transfer

112 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clk.apxadtracking.net/iclk/redirect.php?id=KW8UKN2rmzjMIWuXeTbuKWJQKTbXD3xMgT2aKWor&trafficsourceid=29698&dv5=25&nw_s... HTTP 302
    https://mobilitypn.go2affise.com/click?pid=18&offer_id=1223&aff_id=18&sub2=25785_29698&sub5=c2d6ss6xfpe5 HTTP 302
    https://mobilitypn.go2affise.com/click?pid=18&offer_id=489&sub2=25785_29698&sub1= HTTP 302
    https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698 Page URL
  2. https://click.clickkmobi.com/?cid=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&utm_medium=42e634126d883140d3675341897ca7ac61fdfff7&utm_campaign=adult-agg&1=165379&2=tP6Iq07l33cTcVi7zjA7 HTTP 302
    http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300 Page URL
  3. http://pirfuc.com/space/optical-carrier/5bb42831820ae2.67472362?cp=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&ori=14x&ui=48e92f560d7da109da59972d1ce447f0_1538533425.5323&timer=true&jch=0||1600||1200||0||1122210000110010101101 Page URL
  4. https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://clk.apxadtracking.net/iclk/redirect.php?id=KW8UKN2rmzjMIWuXeTbuKWJQKTbXD3xMgT2aKWor&trafficsourceid=29698&dv5=25&nw_s... HTTP 302
  • https://mobilitypn.go2affise.com/click?pid=18&offer_id=1223&aff_id=18&sub2=25785_29698&sub5=c2d6ss6xfpe5 HTTP 302
  • https://mobilitypn.go2affise.com/click?pid=18&offer_id=489&sub2=25785_29698&sub1= HTTP 302
  • https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698
Request Chain 2
  • https://click.clickkmobi.com/?cid=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&utm_medium=42e634126d883140d3675341897ca7ac61fdfff7&utm_campaign=adult-agg&1=165379&2=tP6Iq07l33cTcVi7zjA7 HTTP 302
  • http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 1-2078-d34b1e18b321fb7f86920043352fb372
elegnem.com/portent/netbios/acl/
Redirect Chain
  • http://clk.apxadtracking.net/iclk/redirect.php?id=KW8UKN2rmzjMIWuXeTbuKWJQKTbXD3xMgT2aKWor&trafficsourceid=29698&dv5=25&nw_s...
  • https://mobilitypn.go2affise.com/click?pid=18&offer_id=1223&aff_id=18&sub2=25785_29698&sub5=c2d6ss6xfpe5
  • https://mobilitypn.go2affise.com/click?pid=18&offer_id=489&sub2=25785_29698&sub1=
  • https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.132 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
f38d5a8bab4bca4be8d4d54e824375d5be85a428137ecf808290e248525a58b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Host
elegnem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Cache-Status
NOTCACHED
X-Zen-Fury
af1780cbbad2539b2594bdb7a96eed08e76171b5
Date
Wed, 03 Oct 2018 02:23:44 GMT
Cache-Control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
TABhmWn4Mu0bE1%2FL2Qzd9Erl9GBc1rO%2FeXmrNF0qSYE%3D=ce5ea40d792d090b1b252fe379418c9f_1538533424.8907; domain=elegnem.com; path=/; expires=Sat, 30-Sep-2028 02:23:44 UTC; Secure VZ5oUPhSoP1y00D6tgt7fQY6zGuuFLVGKI8S8IicrhU%3D=1538533424.892; domain=elegnem.com; path=/; expires=Sat, 30-Sep-2028 02:23:44 UTC; Secure cx480yvQqdGWnKQ8JEqoyD4J8bMCUcnbCuFuliUmwIU%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3ZXRhbzROOHVrNjFLRmJacU45SVlRcm9JbU9xT0lnM245eEZQanhYTG9TTQ%3D%3D; domain=elegnem.com; path=/; expires=Sat, 30-Sep-2028 02:23:44 UTC; Secure ce5ea40d792d090b1b252fe379418c9f_1538533424.8907_ck=V0FVZlpEcTBUeXNQbkNaaHQvYlZ4aDN1MWh2MFZFRnhzVFBaSWcrd01FVGpBVVlJQVAyN0Z5UU1Sa2lURG1sVlNlNFM2YmwyQnlFeHBaTzhIcytERXg0NVBWeGdjd1ZCOFpjS2d2VlJ5ZGFWREcwMGpwWVpUS2hSQXJqWjBwSm9VYkRhaEpwc1lEYXhaNjA3bGdhV1hHQ1AyMmR0THM5QmpRQ0UzR1ZKT0dvbnZBZVJYZmlJditlNldYSnF2MmpmNDhSakt5cFRXQ0ErcmhHaGQydW1YbjVVbjEzNWtScE14dUZaOU1TMit5M0p3eFNxejhYdlhER3FraGNVQ0VoUndKc1o5NFZmUVpTK2RSWUtwR0NYQ3NFKzFLcjZNT0hrSURleEQ4VG00SjJmbkc4LzRWdVUrUEZFeFBBMHlmUkFkam9wcm8wSEI0V3d1L3BIcE9aMTZHNUVtOGVIOHlNNXA3aUZxRXAxTUp5Y0ZjdTlLZnZGS0JQdUhVUmhYcDdiMm1BODVIeWlDN3BFVzk4Rm1zNmc2NHZVdGVKdWZrN2oyOGI4YVBXUGhDeDNqWExGWjlISlIzYitteG1TeFVoQitET2dnSG1Yczl5ekljOTRqTEtvbDhJSGp5MnIraHdIOEZFNUgwaGdjbGZ3OUNWdUV3cGkxQjhqUXUxdUR5a285SG4ycmVkWW5DK3ZCdHVMVFducVpSb2pTYy9jYlc2M05BcUNEb090Nm80ZXo1SGJHSFluMk8rQnV2aC8wYVhDdTVvc20wZEZOUUswVlVYYmsxeHprQVRjK1NnS0ltRTBwbFpnM255MVJFSGszRlBWZ1hZa3JJUm4zN0FRa3dkbU1PL0xoTlUvcHU0RW1BbGtPcWdyQm41aDRwTklCZkFhc2Rhc3FzR053SWRHTXhhQTUxK2hEVG5yRlhxdElXNWR6UnN2aGFaWCt6WGQ3MElmeEU1MG4vNTlmT21xMTZCYTVwMmtmMTJiLzlsaERzbFZXSkg4aktFWGdrb3QzczFWSnV1dlVzdGtNTXFFMFRvSEY4c0FnYVVVZzRTNk9heGtad05LdUVuaDBEUGorVXhTdzZsMXp0Q0IyazNOQnpnVk9RZ3V1K21HUEdLT3dtV2FzdFhSYUE9PQ%3D%3D; domain=elegnem.com; path=/; expires=Sat, 30-Sep-2028 02:23:44 UTC; Secure fsW1BCENDgs3fh%2B2xt4bk50JV3yMWFr1kGLgAOtRd3U%3D=OGdXK0loa2o2SzJiRDA3MkZRRXRaUlBPT0xkbGl5UnNLOFhGWWtoZmZiNndWMWxibkdlcGxCUjFYckhUbUpycWJTa2c2VUJyL25MWWVOeGs2SUoyamFzaTRsZW1jaElYN0pnV0VWTWNsd3c9; domain=elegnem.com; path=/; expires=Wed, 03-Oct-2018 03:28:44 UTC; Secure SERVERID=sfc6; path=/
Vary
Accept-Encoding Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Server
ZENEDGE
X-Cdn
Served-By-Zenedge

Redirect headers

Server
nginx
Date
Wed, 03 Oct 2018 02:23:44 GMT
Content-Type
text/html; charset=utf-8
Content-Length
183
Connection
keep-alive
Location
https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698
Set-Cookie
afclick=5bb428308b1ffb0001827c88; Expires=Thu, 03 Oct 2019 02:23:44 GMT
/
click.clickkmobi.com/ 		0
0
Cookie set kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300
trafficsel.com/recollect/
Redirect Chain
  • https://click.clickkmobi.com/?cid=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&utm_medium=42e634126d883140d3675341897ca7ac61fdfff7&utm_campaign=adult-agg&1=165379&2=tP6Iq07l33cTcVi7zjA7
  • http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300
Requested by
Host: elegnem.com
URL: https://elegnem.com/portent/netbios/acl/1-2078-d34b1e18b321fb7f86920043352fb372?tvu=AD_070&clickid=5bb428308b1ffb0001827c88&ext1=18&ext2=25785_29698
Protocol
HTTP/1.1
Server
205.147.93.132 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
6378fac83531311c9078d8f9603058c9a833ee28f3e8fef643d385703f808825

Request headers

Host
trafficsel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://elegnem.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://elegnem.com/

Response headers

Date
Wed, 03 Oct 2018 02:23:45 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
5O%2ByexcV9rWuvtrB3%2BGU%2F0qICj9NbX%2BzT9%2FA0gNyduc%3D=48e92f560d7da109da59972d1ce447f0_1538533425.5323; domain=trafficsel.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1538533425.5325; domain=trafficsel.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC 48e92f560d7da109da59972d1ce447f0_1538533425.5323_cc=enable; domain=trafficsel.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC SERVERID=sfc14; path=/
X-Zen-Fury
fda2d66104e45a2adda617dc7a9bb509c3ccd138
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Content-Encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 03 Oct 2018 02:23:45 GMT
content-type
text/html; charset=UTF-8
location
http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=831e639dcec1ed1c4332d9932b6dd432; expires=Thu, 03-Oct-2019 02:23:45 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
5bb42831820ae2.67472362
pirfuc.com/space/optical-carrier/ 		0
0
Cookie set 5bb42831820ae2.67472362
pirfuc.com/space/optical-carrier/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pirfuc.com/space/optical-carrier/5bb42831820ae2.67472362?cp=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&ori=14x&ui=48e92f560d7da109da59972d1ce447f0_1538533425.5323&timer=true&jch=0||1600||1200||0||1122210000110010101101
Requested by
Host: trafficsel.com
URL: http://trafficsel.com/recollect/kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300
Protocol
HTTP/1.1
Server
205.147.93.132 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
a59bf00c0817f2c4c9409d974ec03876d0c9f68e97a68e4ce35704a8e981fb57

Request headers

Host
pirfuc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://trafficsel.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://trafficsel.com/

Response headers

Date
Wed, 03 Oct 2018 02:23:45 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
3TsVeXO4gBE1Gv%2Ftpldwz7L4VCbIaI1C1cVLcL81acA%3D=cd1683f5e260f794d5e6438d5d1b252c_1538533425.7574; domain=pirfuc.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC flDh5J4XWR31rxU33yOKTnFePK%2Bm7bOHYr01vvMghJU%3D=1538533425.7576; domain=pirfuc.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC cd1683f5e260f794d5e6438d5d1b252c_1538533425.7574_ck_v1=0%7C%7C1600%7C%7C1200%7C%7C0%7C%7C1122210000110010101101; domain=pirfuc.com; path=/; expires=Sat, 30-Sep-2028 02:23:45 UTC Wz0liSK%2BbPjWnfdT2oDorax4CcCBm%2BYaFWHV%2FhHe5mI%3D=aG5HMTlTMytGRGtMRVdGcEpVOEViNk5LREVQUVRaeHh4b1YxRDFtOWdFVkJIQTlqWE8rdStoUDVXclkxdlZPNkJPVDg1T0lwdDY1dmQ4azhvUW1TL2RGQ1ZuMjZnaFl3SE5COUNwN2JDa2c9; domain=pirfuc.com; path=/; expires=Wed, 03-Oct-2018 03:28:45 UTC
X-Zen-Fury
0ae64f7614c6bb60b8f9e41e237b714ed4cb5d0f
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Content-Encoding
gzip
Primary Request 20611%7C3764
newrotationurl.com/campaign/ 		404 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1&
Requested by
Host: pirfuc.com
URL: http://pirfuc.com/space/optical-carrier/5bb42831820ae2.67472362?cp=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&ori=14x&ui=48e92f560d7da109da59972d1ce447f0_1538533425.5323&timer=true&jch=0||1600||1200||0||1122210000110010101101
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.213.194 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-213-194.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fcaf5b507354a04644a11ade799dbbaa52e5eb6e2545363e46c6b24503ca9a4

Request headers

:method
GET
:authority
newrotationurl.com
:scheme
https
:path
/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://pirfuc.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://pirfuc.com/

Response headers

status
200
date
Wed, 03 Oct 2018 02:23:45 GMT
content-type
text/html; charset=UTF-8
server
nginx
set-cookie
vidf=czo2NDoiYWYwMDZiZGM2YjczMGMwMGI1MTBjNWVjZWRjZjkzNTQ0MzY0MDY2ZmFkODVlNzhlZTY1YzcxNTg0MGYxNjc2YiI7; expires=Tue, 01-Jan-2019 03:23:45 GMT; Max-Age=7779600; path=/; domain=newrotationurl.com
referrer-policy
no-referrer
lost.css
newrotationurl.com/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newrotationurl.com/css/lost.css
Requested by
Host: newrotationurl.com
URL: https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.213.194 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-213-194.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
95de01551d74eec5c99caf5ad673b5d60a0842e31a5111bae2037dd190e03bbc

Request headers

:path
/css/lost.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
newrotationurl.com
cookie
vidf=czo2NDoiYWYwMDZiZGM2YjczMGMwMGI1MTBjNWVjZWRjZjkzNTQ0MzY0MDY2ZmFkODVlNzhlZTY1YzcxNTg0MGYxNjc2YiI7
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 03 Oct 2018 02:23:45 GMT
last-modified
Tue, 06 Mar 2018 16:10:26 GMT
server
nginx
etag
"5a9ebd72-5c3"
content-type
text/css
status
200
accept-ranges
bytes
content-length
1475
css
fonts.googleapis.com/ 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: newrotationurl.com
URL: https://newrotationurl.com/campaign/20611%7C3764?tag=kDE15GOB0000341002SS148ES016LQWF0TPC0D7fd5V10BJI016LQ00&website=165379-a0sNMlW_75VgGJCv2AcJ&nc=1&
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
897b8c9d61053140694298388f802d70ab9ed4e0dd1ca70898e2addcdb16b47b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 03 Oct 2018 02:23:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 03 Oct 2018 02:23:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 03 Oct 2018 02:23:45 GMT
apple-touch-icon.png
newrotationurl.com/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrotationurl.com/apple-touch-icon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.213.194 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-213-194.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b3cd5aee7ab5a48c6cb489727e3d3dc2f1f8f998f60572e55995aa595ab866f2

Request headers

:path
/apple-touch-icon.png
pragma
no-cache
cookie
vidf=czo2NDoiYWYwMDZiZGM2YjczMGMwMGI1MTBjNWVjZWRjZjkzNTQ0MzY0MDY2ZmFkODVlNzhlZTY1YzcxNTg0MGYxNjc2YiI7
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
newrotationurl.com
referer
https://newrotationurl.com/css/lost.css
:scheme
https
:method
GET
Referer
https://newrotationurl.com/css/lost.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 03 Oct 2018 02:23:45 GMT
last-modified
Tue, 06 Mar 2018 16:10:26 GMT
server
nginx
etag
"5a9ebd72-14f7e"
content-type
image/png
status
200
accept-ranges
bytes
content-length
85886
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300
Origin
https://newrotationurl.com

Response headers

date
Tue, 02 Oct 2018 06:22:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:38 GMT
server
sffe
age
72061
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8732
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
click.clickkmobi.com
URL
https://click.clickkmobi.com/?cid=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&utm_medium=42e634126d883140d3675341897ca7ac61fdfff7&utm_campaign=adult-agg&1=165379&2=tP6Iq07l33cTcVi7zjA7&
Domain
pirfuc.com
URL
http://pirfuc.com/space/optical-carrier/5bb42831820ae2.67472362?cp=kDE15GOB0009OG1003S70HDTJ051G3WF0TPC0D7782F90BMR051G300&ori=14x&ui=48e92f560d7da109da59972d1ce447f0_1538533425.5323&jch=0||1600||1200||0||1122210000110010101101

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.newrotationurl.com/ Name: vidf
Value: czo2NDoiYWYwMDZiZGM2YjczMGMwMGI1MTBjNWVjZWRjZjkzNTQ0MzY0MDY2ZmFkODVlNzhlZTY1YzcxNTg0MGYxNjc2YiI7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains;