urlscan.io logo urlscan.io
SecurityTrails logo

newrotationurl.com Open in urlscan Pro
52.28.212.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://track.trustedlink01.com/?xtl=15xgifr2wnwj8w40vdnmryy3gayot1fa7zokvrq8bv2ev3yvgp6ft2c6sjbezk4t6mokmxlo1jlrl6zuuj85bgch0we...
Effective URL: http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TP...
Submission: On December 28 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 11 domains to perform 10 HTTP transactions. The main IP is 52.28.212.19, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is newrotationurl.com.
This is the only time newrotationurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.197.152.66 14618 (AMAZON-AES)
2 2 52.16.119.31 16509 (AMAZON-02)
2 52.222.168.216 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.93.112.73 16509 (AMAZON-02)
1 1 52.58.173.25 16509 (AMAZON-02)
1 1 52.210.58.73 16509 (AMAZON-02)
1 205.147.93.132 393676 (ZENEDGE)
3 52.28.212.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 7
1    34.197.152.66 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-152-66.compute-1.amazonaws.com
track.trustedlink01.com
2    52.16.119.31 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-119-31.eu-west-1.compute.amazonaws.com
link2offer.co
zmlead.com
2    52.222.168.216 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-216.fra54.r.cloudfront.net
p.24-7.help
1    2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    54.93.112.73 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-112-73.eu-central-1.compute.amazonaws.com
apidata.info
1    52.58.173.25 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-173-25.eu-central-1.compute.amazonaws.com
app.referrer.click
1    52.210.58.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-58-73.eu-west-1.compute.amazonaws.com
rdldtrk.com
1    205.147.93.132 (North Miami Beach, United States)

ASN393676 (ZENEDGE - Zenedge Inc, US)
becanium.com
3    52.28.212.19 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-212-19.eu-central-1.compute.amazonaws.com
newrotationurl.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 newrotationurl.com newrotationurl.com
2 p.24-7.help p.24-7.help
1 fonts.gstatic.com
1 fonts.googleapis.com newrotationurl.com
1 becanium.com
1 rdldtrk.com 1 redirects
1 zmlead.com 1 redirects
1 app.referrer.click 1 redirects
1 apidata.info p.24-7.help
1 ajax.googleapis.com p.24-7.help
1 link2offer.co 1 redirects
1 track.trustedlink01.com 1 redirects
10 12

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TPC15Kcd3VN1Q5A01FDR00
Frame ID: (2E83CD1F1F6895ABFD71D6CFBD986E7B)
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://track.trustedlink01.com/?xtl=15xgifr2wnwj8w40vdnmryy3gayot1fa7zokvrq8bv2ev3yvgp6ft2c6sjbezk4t6mokmxl... HTTP 302
    http://link2offer.co/?a=1949&oc=24420&c=53269&p=r&m=3&s1=1949__109734317&s2=92_24204&s4=&first_na... HTTP 302
    http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831 Page URL
  2. http://app.referrer.click/f041c784-fe2a-44b4-bd32-5bafd4cb75c0?sc=1&oaffid=1949&ooid=-1&oreqid=1806153... HTTP 302
    http://zmlead.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s... HTTP 302
    http://rdldtrk.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s... HTTP 302
    http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_... Page URL
  3. http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /AmazonS3/i

Page Statistics

10
Requests

20 %
HTTPS

27 %
IPv6

11
Domains

12
Subdomains

7
IPs

3
Countries

0 kB
Transfer

213 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://track.trustedlink01.com/?xtl=15xgifr2wnwj8w40vdnmryy3gayot1fa7zokvrq8bv2ev3yvgp6ft2c6sjbezk4t6mokmxlo1jlrl6zuuj85bgch0wep9oi9t5hiep52c8lwmfdltao55ueu89o4dswgdcwx33zlrck24zdtpsumf7axvj4v0hdkzejx0end912cjtylmil4l8xdf5exu8zakjlx5u9k0j3yl2j4ecj71zmr0tstx7lydcwmm5x65ywhgs5i89on9arldlhlip5ay5le2kq022quluuw4vgdz53aiio86yvzx3xkin73nners35fv4ilzlcxxtdi3v6owf5rokjf99mxmx6vr1zpqxjwburtkztp4m5y5ix0rjhvenpsqnxru4dwv6tu6jjo5kaj4io5wzuegj5c2scw488yany1o7mlf3ej8ib3npi9zm8nrxidfrzfxpopuf5ty5p6qwa4pap33n081z33cbfsns0rztl0phtmyxv2ig8ss9pjkrcgz96vvz7s60fa8ec59&xi=kflo@koe.com&list_owner_id=1949&affid=&ctv=&first_name=&last_name=&email=kflo@koe.com&zip=&title=&dob=&cellphone= HTTP 302
    http://link2offer.co/?a=1949&oc=24420&c=53269&p=r&m=3&s1=1949__109734317&s2=92_24204&s4=&first_name=&last_name=&email_address=kflo@koe.com&zip_code=&title=&date_of_birth=&phone_cell= HTTP 302
    http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831 Page URL
  2. http://app.referrer.click/f041c784-fe2a-44b4-bd32-5bafd4cb75c0?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831&country_code=DE&country_name=Germany&time_zone=null&latitude=51.2993&longitude=9.491&connection_type=Wifi HTTP 302
    http://zmlead.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949 HTTP 302
    http://rdldtrk.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949&ckmguid=a543eb57-1087-4d2d-bf1f-8d59e2e4b418 HTTP 302
    http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_ms_ww&af=538_4a6df2e5-f7db-404d-b409-5845d402bac1__1&tracker=1806153846 Page URL
  3. http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TPC15Kcd3VN1Q5A01FDR00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://track.trustedlink01.com/?xtl=15xgifr2wnwj8w40vdnmryy3gayot1fa7zokvrq8bv2ev3yvgp6ft2c6sjbezk4t6mokmxlo1jlrl6zuuj85bgch0wep9oi9t5hiep52c8lwmfdltao55ueu89o4dswgdcwx33zlrck24zdtpsumf7axvj4v0hdkzejx0end912cjtylmil4l8xdf5exu8zakjlx5u9k0j3yl2j4ecj71zmr0tstx7lydcwmm5x65ywhgs5i89on9arldlhlip5ay5le2kq022quluuw4vgdz53aiio86yvzx3xkin73nners35fv4ilzlcxxtdi3v6owf5rokjf99mxmx6vr1zpqxjwburtkztp4m5y5ix0rjhvenpsqnxru4dwv6tu6jjo5kaj4io5wzuegj5c2scw488yany1o7mlf3ej8ib3npi9zm8nrxidfrzfxpopuf5ty5p6qwa4pap33n081z33cbfsns0rztl0phtmyxv2ig8ss9pjkrcgz96vvz7s60fa8ec59&xi=kflo@koe.com&list_owner_id=1949&affid=&ctv=&first_name=&last_name=&email=kflo@koe.com&zip=&title=&dob=&cellphone= HTTP 302
  • http://link2offer.co/?a=1949&oc=24420&c=53269&p=r&m=3&s1=1949__109734317&s2=92_24204&s4=&first_name=&last_name=&email_address=kflo@koe.com&zip_code=&title=&date_of_birth=&phone_cell= HTTP 302
  • http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Request Chain 4
  • http://app.referrer.click/f041c784-fe2a-44b4-bd32-5bafd4cb75c0?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831&country_code=DE&country_name=Germany&time_zone=null&latitude=51.2993&longitude=9.491&connection_type=Wifi HTTP 302
  • http://zmlead.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949 HTTP 302
  • http://rdldtrk.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949&ckmguid=a543eb57-1087-4d2d-bf1f-8d59e2e4b418 HTTP 302
  • http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_ms_ww&af=538_4a6df2e5-f7db-404d-b409-5845d402bac1__1&tracker=1806153846

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
p.24-7.help/r/
Redirect Chain
  • http://track.trustedlink01.com/?xtl=15xgifr2wnwj8w40vdnmryy3gayot1fa7zokvrq8bv2ev3yvgp6ft2c6sjbezk4t6mokmxlo1jlrl6zuuj85bgch0wep9oi9t5hiep52c8lwmfdltao55ueu89o4dswgdcwx33zlrck24zdtpsumf7axvj4v0hdkz...
  • http://link2offer.co/?a=1949&oc=24420&c=53269&p=r&m=3&s1=1949__109734317&s2=92_24204&s4=&first_name=&last_name=&email_address=kflo@koe.com&zip_code=&title=&date_of_birth=&phone_cell=
  • http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
364 B
0 		Document
General
Check archive.org
Download Go to
Full URL
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Protocol
HTTP/1.1
Server
52.222.168.216 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-216.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
907e4e804fef5c5b9bb03215e717149363a985b381cea5c335d3c9c728995946

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
p.24-7.help
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 07 Dec 2017 09:25:09 GMT
Via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
Last-Modified
Thu, 16 Jun 2016 15:08:33 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:994/gname:gitolite3/uname:gitolite3/gid:992/mode:33272/mtime:1466089146/atime:1466089333/md5:6ed5679f301230454bec011f02fd943f/ctime:1466089333
Age
5971
ETag
"6ed5679f301230454bec011f02fd943f"
X-Cache
Hit from cloudfront
x-amz-version-id
CKCuXDinKpbL6Il5yNLwaad.r_wu3BAF
Connection
keep-alive
Content-Type
text/html
Content-Length
364
X-Amz-Cf-Id
9v60LU_-D6LIRPQWKBu2M5ngv4sQLeTcGhtHs94GVqT5YqyBPx9dkg==

Redirect headers

Location
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Date
Thu, 28 Dec 2017 11:04:58 GMT
Cache-Control
private
Set-Cookie
sid=d4PHw9JGGoMpSAQwmH/g6/WE9KGpJakRakOPDSGdhfjeCGDF814E2w==; domain=.link2offer.co; path=/; HttpOnly trk=Wshfw81bBJeq0vycPR6B1PWE9KGpJakRakOPDSGdhfjeCGDF814E2w==; domain=.link2offer.co; expires=Wed, 28-Dec-2022 11:04:58 GMT; path=/; HttpOnly
Content-Type
text/html; charset=utf-8
Content-Length
193
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: p.24-7.help
URL: http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ajax.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Connection
keep-alive
Cache-Control
no-cache
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sat, 09 Dec 2017 12:43:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1635704
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33495
X-XSS-Protection
1; mode=block
Expires
Sun, 09 Dec 2018 12:43:14 GMT
js
apidata.info/ 		746 B
0 		Script
General
Check archive.org
Download Go to
Full URL
http://apidata.info/js
Requested by
Host: p.24-7.help
URL: http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Protocol
HTTP/1.1
Server
54.93.112.73 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-93-112-73.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
apidata.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Connection
keep-alive
Cache-Control
no-cache
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 28 Dec 2017 11:04:58 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
234
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
logic_tree.js
p.24-7.help/r/ 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://p.24-7.help/r/logic_tree.js
Requested by
Host: p.24-7.help
URL: http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Protocol
HTTP/1.1
Server
52.222.168.216 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-216.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5e64b6d25bc4db32739db39ffad5d1d087c23edd026c02c9606d05481a1a7ae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
p.24-7.help
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Connection
keep-alive
Cache-Control
no-cache
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 07 Dec 2017 13:45:23 GMT
Via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 13:45:19 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:994/gname:gitolite3/uname:gitolite3/gid:992/mode:33272/mtime:1512654256/atime:1512654277/md5:a5525f001385ee8f794f7bb1c893580e/ctime:1512654277
Age
76687
ETag
"a5525f001385ee8f794f7bb1c893580e"
X-Cache
Hit from cloudfront
x-amz-version-id
wx5UWJccdicm2VT8VDDuC0tYH3cIfVFm
Connection
keep-alive
Content-Type
application/javascript
Content-Length
18700
X-Amz-Cf-Id
gB6fDX_b9LcFeYv2wQvTMKmr72PkDDtRBfIlUquYomsFnjO5rBLZuw==
Cookie set Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh
becanium.com/59M35/ULUM/XrEc/
Redirect Chain
  • http://app.referrer.click/f041c784-fe2a-44b4-bd32-5bafd4cb75c0?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831&country_code=DE&country_name=Germany&time_zone=null&latitude=51.2993&longitude=9.491&connec...
  • http://zmlead.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949
  • http://rdldtrk.com/?a=538&oc=15613&c=34787&p=r&m=7&s1=4a6df2e5-f7db-404d-b409-5845d402bac1__1&s2=w14SBA1FHUKF4RMAHIER54HK&s3=&s4=-1&s5=1949&ckmguid=a543eb57-1087-4d2d-bf1f-8d59e2e4b418
  • http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_ms_ww&af=538_4a6df2e5-f7db-404d-b409-5845d402bac1__1&tracker=1806153846
4 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_ms_ww&af=538_4a6df2e5-f7db-404d-b409-5845d402bac1__1&tracker=1806153846
Protocol
HTTP/1.1
Server
205.147.93.132 North Miami Beach, United States, ASN393676 (ZENEDGE - Zenedge Inc, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
227923bcd5024727ae7e76e02042e1de04cd0576ce9817dfde24775a4357ca22

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
becanium.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
Connection
keep-alive
Cache-Control
no-cache
Referer
http://p.24-7.help/r/?sc=1&oaffid=1949&ooid=-1&oreqid=1806153831
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Zen-Fury
a362af992156146b65a879a2df903dd187bf71b3
Date
Thu, 28 Dec 2017 11:04:59 GMT
Content-Encoding
gzip
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/html;charset=utf-8
Set-Cookie
Pxk0LhCc7MiNWh73siV95%2F6QftjL5RJV2n2gdEkV4Tg%3D=76f1fef218a3df46b91781c2bc743e61_1514459099.1466; domain=becanium.com; path=/; expires=Sun, 26-Dec-2027 11:04:59 UTC LesEkvImUgUPtErQaVmiibA0hi3VDGNfDhflYCe2H%2FE%3D=1514459099.1474; domain=becanium.com; path=/; expires=Sun, 26-Dec-2027 11:04:59 UTC URuszlmQcovjCXYcUI08bPF5g01FL9t%2Fbvn2vyQAAH8%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3WTlaOTNWQzA5M0I2K3MybTFiaTdPTWZ2NHhaeEd1bWl6U3FtYzVIdlM4eQ%3D%3D; domain=becanium.com; path=/; expires=Sun, 26-Dec-2027 11:04:59 UTC 76f1fef218a3df46b91781c2bc743e61_1514459099.1466_ck=V0FVZlpEcTBUeXNQbkNaaHQvYlZ4aDN1MWh2MFZFRnhzVFBaSWcrd01FU2VSNEFja0Y3ZHI2MDQ3ajR3czhiMnZzZVJhNVNNd3hxQzJIMFNmYmk5RG5KSlRTbWpDQVU2dmhBbk5XT3hUTWJpSmYrQnBtNHhzRm01aWs2dnhlOFpNQ29SR25oamRHVFMvRTJDNG1qOWFTWC8yb2dJNzE0RGFtMzJzZUN2QkVld1QyaWt2R2FHWjI4WDQxbEVPYXl0RFNxM2hiWGYzdXF5QzFIaDQ4YVNnekJmdktKUVIzWk1MVTAzS2hRZVJtZDk2Z3JFSGFIdHdmNjlkTHZSMDdpa2Qra1hqZHYwU01XSktGM2FlQzRlbFR3TDNUa3lXazNoY0RQeDlyTG5QOWRReUFiRnYvMzJjZGRqU1dteVBsVjJBTEhJZWloUGZTZWwwek1jTE9DTHZ3MEgrTkd0d2dqRzhjdmtKcnJpZTU0Z2c2ZjZLV2hzNjlXcFpEUk44cGRzZHA0WVV4cUhNTFRielNNcGU1a2NFVVlZenpzcWJ5dzBSRnh1RWs4RGlwOVgzYitpQmMzTEpMdmpGbTdKQ2MybWdreEtmYXpoTkxzVWptSjc3Zmg3dTlORUpqYzRkUjYrNkZwQ1cwejJSb1hNWG5ZeExsdkhCRUNzVHN1TEROUzdxWTRzam1talVTYWhManFmc2ZGRHRBTEwyY1JqNCt3WXdDcm5LUGFtKzVadFUrV0tTK2l1T2wrTldZSWM1R0lXdzdwdUNlK2Y4NFB0d0VDUGg0ODZ6VHhUS0R2TkRGNDVTRGttdFR5MENVaUpxOG9mdXk5bllCU2x5Yk04bkw3c2N2ek5iZVZTOFBFUS9jSlJGUk9iTk9kdjZDV2pnbEZnUWRGWURzeTBDUGs9; domain=becanium.com; path=/; expires=Sun, 26-Dec-2027 11:04:59 UTC M1Y1JKn8MRqKfmA6TOEJqdBsIrp4oBZ8aB3g%2F94gSl0%3D=RXprcjdIR25JbzNDRm1JQWNjcFI2bDhKam5rV01oSmRiWWFyYzlUaisyRFI0MHNwZFEzRXR4djhNSVo4N3pCRkd4bnpEMTZJZSt6OEQ2dUxaR05zN1VVeWxDdGF3TDNHODFPaEJOMEZmSE09; domain=becanium.com; path=/; expires=Thu, 28-Dec-2017 12:09:59 UTC
Cache-Control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
http://becanium.com/59M35/ULUM/XrEc/Bv1N1A_xXeVsLCMKu3j_-FickZtThG8Invih9om3h4HEO7gJH4vh?VLw=cm_ms_ww&af=538_4a6df2e5-f7db-404d-b409-5845d402bac1__1&tracker=1806153846
Date
Thu, 28 Dec 2017 11:04:58 GMT
Cache-Control
private
Set-Cookie
sid=d4PHw9JGGoMdvBa3yLfBwPWE9KGpJakRa8q4RFdCygd+ihiYaIPvvA==; domain=.rdldtrk.com; path=/; HttpOnly trk=gI/Nyvq0hmxAfh9f7fevxvWE9KGpJakRa8q4RFdCygd+ihiYaIPvvA==; domain=.rdldtrk.com; expires=Wed, 28-Dec-2022 11:04:58 GMT; path=/; HttpOnly c10377=d4PHw9JGGoPsp4n25lSB/X9CAhgHdxAAB5svCkOABzxzRBJ83DePZQ==; domain=.rdldtrk.com; expires=Sat, 27-Jan-2018 11:04:58 GMT; path=/; HttpOnly
Content-Type
text/html; charset=utf-8
Content-Length
292
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Primary Request Cookie set 20611%7C3533
newrotationurl.com/campaign/ 		404 B
0 		Document
General
Check archive.org
Download Go to
Full URL
http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TPC15Kcd3VN1Q5A01FDR00
Protocol
HTTP/1.1
Server
52.28.212.19 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-212-19.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fcaf5b507354a04644a11ade799dbbaa52e5eb6e2545363e46c6b24503ca9a4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
newrotationurl.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://becanium.com/
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://becanium.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 28 Dec 2017 11:04:59 GMT
Connection
keep-alive
Referrer-Policy
no-referrer
Server
nginx
Set-Cookie
vidf=czo2NDoiYWJiZTc1YTQ3NzZlZTgyZDk3ODBhYmY1MDFlYjZkZTMwYjBlYTdhMDNjZGRlYmQ3N2NmMWUwNjMxNGIxYWRiZCI7; expires=Wed, 28-Mar-2018 10:04:59 GMT; Max-Age=7772400; path=/; domain=newrotationurl.com
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lost.css
newrotationurl.com/css/ 		1 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://newrotationurl.com/css/lost.css
Requested by
Host: newrotationurl.com
URL: http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TPC15Kcd3VN1Q5A01FDR00
Protocol
HTTP/1.1
Server
52.28.212.19 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-212-19.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
95de01551d74eec5c99caf5ad673b5d60a0842e31a5111bae2037dd190e03bbc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
newrotationurl.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Cookie
vidf=czo2NDoiYWJiZTc1YTQ3NzZlZTgyZDk3ODBhYmY1MDFlYjZkZTMwYjBlYTdhMDNjZGRlYmQ3N2NmMWUwNjMxNGIxYWRiZCI7
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 28 Dec 2017 11:04:59 GMT
Last-Modified
Wed, 04 Oct 2017 15:37:43 GMT
Server
nginx
ETag
"59d50047-5c3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1475
css
fonts.googleapis.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: newrotationurl.com
URL: http://newrotationurl.com/campaign/20611%7C3533?website=48571-Em6chbnl93WLH2PbTW3Y&tag=kDE2576S00000A1007M3148AU01FDRWF0TPC15Kcd3VN1Q5A01FDR00
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
012be2325ccf3ad9e9989636e87d68a84892d345d9988f8a8619bbc6c386de76
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Open+Sans:300
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 28 Dec 2017 11:04:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Dec 2017 11:04:59 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 28 Dec 2017 11:04:59 GMT
apple-touch-icon.png
newrotationurl.com/ 		84 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://newrotationurl.com/apple-touch-icon.png
Protocol
HTTP/1.1
Server
52.28.212.19 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-212-19.eu-central-1.compute.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
b3cd5aee7ab5a48c6cb489727e3d3dc2f1f8f998f60572e55995aa595ab866f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
newrotationurl.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://newrotationurl.com/css/lost.css
Cookie
vidf=czo2NDoiYWJiZTc1YTQ3NzZlZTgyZDk3ODBhYmY1MDFlYjZkZTMwYjBlYTdhMDNjZGRlYmQ3N2NmMWUwNjMxNGIxYWRiZCI7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://newrotationurl.com/css/lost.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 28 Dec 2017 11:04:59 GMT
Last-Modified
Wed, 05 Jul 2017 14:31:19 GMT
Server
cloudflare-nginx
ETag
"595cf837-14f7e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85886
DXI1ORHCpsQm3Vp6mXoaTRampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTRampu5_7CjHW5spxoeN3Vs.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTRampu5_7CjHW5spxoeN3Vs.woff2
pragma
no-cache
origin
http://newrotationurl.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Open+Sans:300
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300
Origin
http://newrotationurl.com

Response headers

date
Thu, 07 Dec 2017 10:15:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:40 GMT
server
sffe
age
1817372
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8732
x-xss-protection
1; mode=block
expires
Fri, 07 Dec 2018 10:15:27 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint

1 Cookies

Domain/Path Name / Value
.newrotationurl.com/ Name: vidf
Value: czo2NDoiYWJiZTc1YTQ3NzZlZTgyZDk3ODBhYmY1MDFlYjZkZTMwYjBlYTdhMDNjZGRlYmQ3N2NmMWUwNjMxNGIxYWRiZCI7