urlscan.io logo urlscan.io
SecurityTrails logo

rotatewell.click Open in urlscan Pro
172.67.132.158  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wix-l.in/k-k1UQevF1#4RAirc7710PcLs493stkokjzrgl1579QNAEHDYNTRGNQNJ256082/734966z19
Effective URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Submission: On April 05 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 172.67.132.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is rotatewell.click.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.
This is the only time rotatewell.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 199.36.158.100 54113 (FASTLY)
1 91.236.120.117 57271 (BITWEB-AS)
1 1 104.21.54.87 13335 (CLOUDFLAR...)
31 172.67.132.158 13335 (CLOUDFLAR...)
1 104.21.80.104 13335 (CLOUDFLAR...)
2 142.251.179.97 15169 (GOOGLE)
1 172.253.62.101 15169 (GOOGLE)
4 172.67.177.226 13335 (CLOUDFLAR...)
40 6
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
wix-l.in
1    91.236.120.117 (Seychelles)

ASN57271 (BITWEB-AS, RU)
PTR: 235019.bitweb.ru
hearpinerpin.com
1    104.21.54.87 (None, )

ASN13335 (CLOUDFLARENET, US)
intuitway.click
31    172.67.132.158 (United States)

ASN13335 (CLOUDFLARENET, US)
rotatewell.click
1    104.21.80.104 (None, )

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
2    142.251.179.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f97.1e100.net
www.googletagmanager.com
1    172.253.62.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f101.1e100.net
www.google-analytics.com
4    172.67.177.226 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-adulvion.com
Apex Domain
Subdomains		 Transfer
31 rotatewell.click
rotatewell.click
720 KB
5 trk-adulvion.com
trk-adulvion.com — Cisco Umbrella Rank: 422228
event.trk-adulvion.com — Cisco Umbrella Rank: 446644
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
159 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
254 B
1 intuitway.click
intuitway.click
634 B
1 hearpinerpin.com
hearpinerpin.com
427 B
1 wix-l.in
wix-l.in
465 B
40 7
Domain Requested by
31 rotatewell.click hearpinerpin.com
rotatewell.click
4 event.trk-adulvion.com trk-adulvion.com
2 www.googletagmanager.com rotatewell.click
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 trk-adulvion.com rotatewell.click
1 intuitway.click 1 redirects
1 hearpinerpin.com
1 wix-l.in 1 redirects
40 8

This site contains no links.

Subject Issuer Validity Valid
hearpinerpin.com
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
rotatewell.click
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Frame ID: 25FE6981BBDFFA0FD6C70BFBD4BBCCA0
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Home Improvement - We Want Your Opinion!

Page URL History Show full URLs

  1. https://wix-l.in/k-k1UQevF1 HTTP 302
    https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim Page URL
  2. https://intuitway.click/?s1=350359&s2=1164928824&s3=4177&s4=1&s10=1401 HTTP 302
    https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

883 kB
Transfer

1960 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wix-l.in/k-k1UQevF1 HTTP 302
    https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim Page URL
  2. https://intuitway.click/?s1=350359&s2=1164928824&s3=4177&s4=1&s10=1401 HTTP 302
    https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://wix-l.in/k-k1UQevF1 HTTP 302
  • https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
akdim
hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/
Redirect Chain
  • https://wix-l.in/k-k1UQevF1
  • https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim
133 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.236.120.117 , Seychelles, ASN57271 (BITWEB-AS, RU),
Reverse DNS
235019.bitweb.ru
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
133
content-type
text/html; charset=UTF-8
date
Fri, 05 Apr 2024 15:31:54 GMT
server
Apache

Redirect headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 15:31:53 GMT
function-execution-id
bq2f9mfe4gfx
location
https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim
server
Google Frontend
strict-transport-security
max-age=31556926
vary
Origin, Accept,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
d000ea4e604b5124807011c4dfb4eafc;o=1
x-country-code
CA
x-orig-accept-language
en-CA,en;q=0.9
x-served-by
cache-yyz4571-YYZ
x-timer
S1712331113.546179,VS0,VE816
Primary Request 8ba8f858bcfc69329cedaff50fd93e04
rotatewell.click/
Redirect Chain
  • https://intuitway.click/?s1=350359&s2=1164928824&s3=4177&s4=1&s10=1401
  • https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
53 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Requested by
Host: hearpinerpin.com
URL: https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6ab4322fe1a9131e7ef91aa39a90a25a31f5c9d63bd64f8260eee48fc8bb8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hearpinerpin.com/0/0/0/636f24d2449a9076fa74638df1865203/akdim#4RAirc7710PcLs493stkokjzrgl1579QNAEHDYNTRGNQNJ256082/734966z19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86fa967e5bb339d8-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Apr 2024 15:31:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TEf9o7HiW7VuIU0ueQbqj0MtwNXNK1GjF1uI%2BRna5jPemqx0K%2BfpHx6sJ7kJ%2FYGlhncTDCkfj5c31cisdTOyOoJ08q5lBmfJpkQK6JNz8tVU1dU3kQv9j5icE51VRGFW2yK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
86fa9679bae510ff-ORD
content-type
text/html; charset=UTF-8
date
Fri, 05 Apr 2024 15:31:55 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NmA2m%2B11O%2BxGOIYZSfeIqiU91nmX69oFWdmOd28T%2BI6O8J7PkRR982GbCVKX2qBJwPp89DwCiWsGhnDCz%2FzuPoMBAgtEYtYQlFeKHfeEuXvVqDMWiAYJq4xpjQY21I8dpjM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
rotatewell.click/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32743
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7mu2B%2BF2ZgkM7E3hox8bXfk%2Fk1h0Qy4TCrxm6RfDf03%2BThDzoYqbC4Q6FjhuQMqvx7W9rWxHnpYkcuviD9I4TRuD%2FuLXLHPvMj3q1HRjqMVasx3b9I5eWT4pAeWXc3TwUX3"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa9685793939d8-YYZ
expires
Fri, 12 Apr 2024 06:26:13 GMT
all.min.css
rotatewell.click/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32743
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bW%2B2HhGvP5i4tJPtWYfB8ErILW%2FGgE3iyJ0nHbkVZyR6ImdIRzBz6c7Wo6LZKvOn8zMEHVuMnj38K7yOY%2FxI%2B79%2FBsmdIjkCe84Cn8UVZivQhOtf8iVlpBn24RKqOm38x17s"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa9685793d39d8-YYZ
expires
Fri, 12 Apr 2024 06:26:13 GMT
common.css
rotatewell.click/assets/css/dublin/ 		61 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/css/dublin/common.css?v=5ed7c8f3f75fe17249aa8d6c764922e4
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2186773758af2ea958e5bc5cc28d12dcb5fec9b0d511484df99a7295527e58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 18:42:41 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYyhQ9i4MPCGt6O9tRC52KGhWUQdlVec4NCe4dKP%2BLYsBPtS07boNoan9Ny0ZSOAK6hg%2FKm7pzLXUcIAKeJDBQyPAADL6QnBpMIb%2B88GJw8BdM4FLUrvedtWq9oM%2FoNPK4Qe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa9685794339d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
msg.v3.js
rotatewell.click/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/inc/msg.v3.js?6610196be0aed
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOADAd9Pj16SmxPth9szqF6LIR8J%2FsWfShaoOnYiTrqpolgOs5Ud7uhRMbf15QFXignZFJOgqlBRQNVO8qvaxcZZ0rWJXcK70BHsQW5kxmqxsDQOBQyvQBC7888dktPn4Od6"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa9685794839d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
Lowes-Logo.png
rotatewell.click/uploads/archive/company/60/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/company/60/images/Lowes-Logo.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8a4b29d82a9b8bb2f577bb1a64c13acb3f870d26ca34025536281b5c73cb9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20391
x-xss-protection
1; mode=block
last-modified
Tue, 21 Sep 2021 14:06:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kqk5R9f8awMPhYaAlSJ0mdqtLpZjN6zmUPhyVingFq4TFWFcFhnaK0BmkFEDC8c%2BsZQdf3nIBkK0CWzsDg%2FXcjDHPIZGrbnwH2IptLyt%2B5QatiaO0ukHs8IAWIB%2BoIWULB5k"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa9685794b39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
944c30292361229ec829c6cdf7a6aa97.png
rotatewell.click/fim/1401-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/944c30292361229ec829c6cdf7a6aa97.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8581b7303f826b134b1c47eae7c9a672514237095854a9596e23c0c141a1456a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2375
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hekq%2BFKNd47DGUB1ZSHUTTjiJHRRaYrrXwQBLMQfOQKjRm1zQDcFnKvKYs1nf9XZo2raTzZtKi4TOBy0PYcs7yYaRQ7ZDwWYrz1oZasUOvZc6euATbZh0b99wYMptpUTgYkT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa9685794f39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
dewalterwhite.png
rotatewell.click/uploads/archive/product/248/images/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/dewalterwhite.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0af3064ec362abee59ae432e41d564e77f5c88d7d4818b6173308ff2d6bee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
85115
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:32:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6kTsMLwJ4lcun72FwSlrb9cj7swkJgdcJmBh%2FZdbKNt3zUH4ESLP1wCxQinX8OXIhsrwHH19Iqm%2FC6eiLnYpLRZzj7e9x%2FlFWUZGegkA4keH0rrAF3RxYd1WyN3pzI8UNpb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa9686cbe339d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
3a50f82f4e4b5dacbd8525da4f9d91ab.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/3a50f82f4e4b5dacbd8525da4f9d91ab.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3771113ea2c584837a3b4036f7f8f810c11e8b02f78e98eed712c82618077a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1990
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6TvJBKephLJGE51wRlIYhMWtDW4J76kiRgNWaecpq%2F2sEAF9ChFvuyiCLyJAjWAH7KHa0V6otNBNxzcD%2FN2EZelKegnjcHcko7%2FDIbUb8%2Bo8xNpgcFSDMPJ0MCCjxGfukm5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa9686ec1a39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
ed139cad5f2f2be78d384df3b504fd1a.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/ed139cad5f2f2be78d384df3b504fd1a.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355076dabb5e17b8443d2ab2f8d33191ca2d2d5369207cda364ce612d96e2cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2043
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7pAvsQ7m5uB4H9cKJqvR6viIMgS3pVFYFq%2BnOv0dTS2IZIzVuEQn%2BKv%2FVRLOf8p82yWPgH4R7037K4pbRaoGbAWGYkZvdzLrknXx28JxGQlDQpxjHKlpeA5PPYt0YgStM2t"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870ca539d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
cmt--222.jpg
rotatewell.click/uploads/archive/product/248/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/cmt--222.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0097c9e5bb44d404cbfeedaab7de01f366c08b35d64cfbaed6e9fc2a26f4e07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15696
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geqDKdWtc%2BJ6yS7N5qkD42UR77kmLrOv2LOeWKlasLoWMggRQ2Q9ObVOWRtBTVdUpzJ1IUHJ5Oaoqh7u%2F68zwYjNxsJFHxGcquWnDWrKPRo2gfzeJcTVw86joT2eEu5aWxAR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870caa39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
b93cefae248fb151e3d54295db1d46c5.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/b93cefae248fb151e3d54295db1d46c5.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1784
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAR2oh8HTwmhKxl7V39VDbpJzmv9dqBZdVC7fURx%2F%2FX0qzelFQQnz5foUVZXQHLSETtCPFJ4wWXgjgeur94%2FQOklZIw6uzuOAw7WvII%2FhtMbmt52AKGVAS9GL6fhebMvrpfq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cb239d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
6867b7a1ed93d098f68c1cb83647f18a.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/6867b7a1ed93d098f68c1cb83647f18a.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1941
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHcB1LzqdtopF20tcO2%2FLkTO5eY1DxgODr1A9ugBI34ln3ul%2BNTmWqRX2MNhH0NCBZuM20M%2BzokoLoaOAzKhvv6vJE9lF80FiBcyyL8AXtJAGU4YCnMF5gx9zAxuzVVleYtY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cb639d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
maxresdefault.jpg
rotatewell.click/uploads/archive/product/248/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/maxresdefault.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a837aed00580fa70396811a9979d9e8e1c3a17ef6a6294a808f2590c4ae304b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11532
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBoTsaf2yy4ysTBbCL7ip7j2KwhtFxyge%2B7XGidG151mAlHOkfjGtV%2BYzjBTCxlTPKPZLWvaf8s2Uky0cI%2BRrr1QIrrnze61%2FSDJ6u%2FTOquoUh0dVAjMdasBbniozJ9j7Y%2FV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cb939d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
cff94fb1366ee4a400198234a98f0ed0.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/cff94fb1366ee4a400198234a98f0ed0.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2040
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9LwBuRL72VEzAqwGDU3fJtRrfmz4gFh996W5UtYZn7So%2BhKlqDINvBfqZ9UTE%2FC59JtlpDb0QLQfdnjQU1vL4TQmy88qi87piiUQjRcftr9kXDaYvMP2o6YAw%2FMcK1yI0B2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cbc39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
b6a134b6cd332e3547566fbaa25a8eaf.jpg
rotatewell.click/fim/1401-CA/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/b6a134b6cd332e3547566fbaa25a8eaf.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ba49eb3165c20fb10cb5b2abc25543b9876aa66914075d33f2818e990b6436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1383
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqi%2FZPgXAlxm19OGxoyL7dMzqy2DmL7%2FDqOD5B2bEyzB2Ne0AJWmfNAJAJcJBCSLqDHymv5pxe73iU9gaFTjS2QgEfWQppNs3ffBwdAJSiCj3Ie43E8KNYYNkdIKLIe%2BsV%2BZ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cbe39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
f9ac7bbd604ddf731e6ebd44e410e5ca.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/f9ac7bbd604ddf731e6ebd44e410e5ca.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2081
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bj3lE8C2l21%2BoIo9ZbRRGpFrZYV%2BCdHvi93IBC8I3D4x6alxNt9JLidGtRjxWo9NOL9PyZjQqx9P0LcFIqznexeodD2MdpGV2Re0g8gOlXMA9JhAKJKw0Tsza7tzAUyvmr9d"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cc439d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
cmt--111.jpg
rotatewell.click/uploads/archive/product/248/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/uploads/archive/product/248/images/cmt--111.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4beb3e330f8ec38d995717add18fc010bb4fe27e4cd09303dd6d3c7cc8e6ec79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14780
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 12:33:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fpv7WC4pZi14euoUpOsyeksVsPk01EYVeMN5eNO7s3GBAbigMc6Ax8vBw8u0PcSyiAGFInPTHhkZKVvfPNcRf40XIbYUpjpWUdg3ZOvjXVTowxa3%2FW1fJ8iXFv8xzhcKi40Q"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cc839d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
191d448b0fb5a33651a529e80ccf5e6c.jpg
rotatewell.click/fim/1401-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/191d448b0fb5a33651a529e80ccf5e6c.jpg
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1964
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZ%2BmJ%2FEA67Hmt2lohTAgbWGym7fQdNJBJ5uy86afeDJPTLxqJPkoMy6JQUmY%2FmZ4Ao93lorQ3hLsmf%2FsXt6YwbkTreBkujcZ7zHDtC15UGGHu%2Bu90a0uX3v0BlOQyt%2BczP0u"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870ccb39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
d6dd346d5aa5d53d6c6d9629225a070a.png
rotatewell.click/fim/1401-CA/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rotatewell.click/fim/1401-CA/d6dd346d5aa5d53d6c6d9629225a070a.png
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ya8fjjOAH%2FH3hODs5JNgKNW4iVat25JScWkgppIf%2BzibKPcQpW%2FfqbhJIJuQ%2BoWB6u9ZYsGRqmYJ4RZVO%2FiBL5pFYPMg%2BNuF4ZsyR%2B1JRvc8NDsjjtqFgaNes65fomgk32Pk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870ccf39d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
email-decode.min.js
rotatewell.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2024 10:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660d30bb-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVOW%2BIHqVIiusRitlXuO9L7mzyLJ71JcAU7T%2F%2FPtBvxt%2FA%2FT%2FTdB%2BVgvQvv8sASQxvaN4SCxQmD9gnuzp9BDFgEqKfuqqXrxyFpKrj6eBq7wnHQAtob0jTf6LrOsbM5ERZyb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
86fa96870c6239d8-YYZ
expires
Sun, 07 Apr 2024 15:31:56 GMT
jquery-3.4.1.min.js
rotatewell.click/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32743
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhbYm6QclxKyilXdZFfhLvYcdPD93TAJToQiSVqCM8aApaCU1eOzfuebg%2BepXM5EifaQWRBxCUr%2B0FsuZyU5W4vHjlfcZUcJ0kA9DWHDNbheTrquQlEqjHezCNDFNBIIFcy9"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa96870c6839d8-YYZ
expires
Fri, 12 Apr 2024 06:26:13 GMT
bootstrap.min.js
rotatewell.click/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32743
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8pn4%2FPLeihnqtprok5%2F%2FVFB7P%2F%2BlszndAQ0j1AGb6YElKsIhTZ3RHMGZKQdLcYeRkU43ga%2FL8F0MFmORAz9I16JLyCv6GGr%2B7iKj2fag5l8nJlz6enlyEnxVrV%2FaDv7TlO%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa96870c7639d8-YYZ
expires
Fri, 12 Apr 2024 06:26:13 GMT
functions.js
rotatewell.click/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/functions.js?v=5ed7c8f3f75fe17249aa8d6c764922e4
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a4abfc08f9d1c5a888415f75aad862e519a2283d43e2677f0090ed475870cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 17:14:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fhiex%2BGdZtCs2SWtaBVkL2ySGwAf5F9HgaF0jtYjZ%2BYhuVd%2FxrlCSjEAR2XPe5aHOOpQlpZC28cIfumNjH0helVECXr7RvDGpTBnw7u0A6KhKyX1uRyzEFO9YSeUS250FNRc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa96870c8439d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
gbvar.js
rotatewell.click/assets/js/ 		41 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/gbvar.js?v=62
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZHpr%2B3hGCX7r5yY66GCkGHymp0GGdQzuJXjvsW%2BxacJwbYuVEc234c%2FJblDJss%2BukUjq44vmB3hrvjhVyQPSlNqrVM0ONN3FrFNdkBePeGls6t2LWASYbh6x5IYtDZ%2BErQN"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870c8939d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
intl_functions.js
rotatewell.click/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/intl_functions.js?v=5ed7c8f3f75fe17249aa8d6c764922e4
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 20 Dec 2023 19:19:33 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9X%2B7pxMPThd28p4ZevOJKeRSQLMJ6h9b%2Fr4J%2B9pFP0TnsWVftyvcTTuceibs6YeFx0M001xF3V2QpKlhnTE0TQIKDB9Npd%2Fcn3a02hTzm5pkEV8Jb0BfmpKqb9%2Bao5tTMnAJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa96870c9039d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
common.js
rotatewell.click/assets/js/dublin/ 		75 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/js/dublin/common.js?v=5ed7c8f3f75fe17249aa8d6c764922e4
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f32d9c20b89e006184e40d3348100e2e290dd3c958e0c479a1c1f11c3093439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 19:06:39 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWkXVyyp%2Bw2MzTGe%2FOqFhPhw3sDkyYdL9Rdy6TpLN3JEKfifj31B%2F4ILNeaKlzUZpxxVV5CqDA2bO%2Fv8v4Xi8xthZ%2BjXfN7hpRjBqMr8PQpnTQ9b5fZpxWv9gpOf5GeXRbKC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa96870c9839d8-YYZ
expires
Fri, 12 Apr 2024 15:31:56 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/inc/msg.v3.js?6610196be0aed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3323
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 14:36:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rAraenHJzZIT2RFAIzM5Ro0%2BC22lsA4M%2FAAqTFydAk6kcuJqh6Aecr9Q8iv2Yyl3nw5kwWtdemexnrHW78mDgQtd3Lf9TZLk0svHnhsAXQa3oWqr0hqCHRYY278i3hhTNBd"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86fa968768363a03-YYZ
expires
0
gtm.js
www.googletagmanager.com/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
eeeddc177712f93429641a477379d814252ee02ec27c29c531a9f2a0d31ae55f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70217
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Apr 2024 15:31:56 GMT
fa-solid-900.woff2
rotatewell.click/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/assets/vendors/fontawesome_pro/css/all.min.css
Origin
https://rotatewell.click
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5971
alt-svc
h3=":443"; ma=86400
content-length
327824
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0GlUFqdqV64Pn%2FfA8xa9PZKiKn0Jy2GkSUnxW1qG5KgYp4hnrwYAvlAup4GxA3XCk1KR%2B4NjCyF7nK8iJCfNAEJEkkkn4mEJK1HlYqbG%2BC5BcE8lndPY%2FXgMIYDLOcs9IN5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86fa96870cd339d8-YYZ
expires
Fri, 12 Apr 2024 13:52:25 GMT
8ba8f858bcfc69329cedaff50fd93e04
rotatewell.click/ 		25 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/inc/msg.v3.js?6610196be0aed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Apr 2024 15:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FQ8XOqBmWmxH2SA8MxFMepYQEJ9ytN2ADMNTmu0g%2FwvRQrafX%2FIStdAJYA7Qu5NV9N6wH3aAwTtMdRoHLMsdoJgCZSd%2BvISiUQNiRDOF6VqR2ofZIL63SIDt6x3YnrkIzos"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
86fa9687be0039d8-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		258 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
934e71546c23a3215be3adc8c8e2bae5acf5b721f162ee0069de1d7a9f2f77c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92115
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Apr 2024 15:31:56 GMT
/
rotatewell.click/ 		335 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/
Requested by
Host: rotatewell.click
URL: https://rotatewell.click/assets/vendors/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2652359fa641f8f62b860423be1f2b5f856dcd7694512530f7051f71588a7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWhePZIAyqUboPUTcEz52jXvGgPrzBkyD9WYMIo4uQg1yCGNFVTpKd1hfP5%2B%2BlEIN3C81wfMixd9AiGmkRQp8RCXJkwQEFjS3wr4QmCZgbqmxNVqGSkEOoMSDeeF6hCN7Oyb"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
86fa96886fc739d8-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=45je4430v882458333z8849140141za200&_p=1712331116631&gcd=13l3l3l3l1&npa=0&dma=0&cid=2137660205.1712331117&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712331116&sct=1&seg=0&dl=https%3A%2F%2Frotatewell.click%2F8ba8f858bcfc69329cedaff50fd93e04&dr=https%3A%2F%2Fhearpinerpin.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Home%20Improvement%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2534
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 15:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rotatewell.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a1e4f78a8e8c62cb82bc19e9a1e31ce8.ico
rotatewell.click/fim/1401-CA/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rotatewell.click/fim/1401-CA/a1e4f78a8e8c62cb82bc19e9a1e31ce8.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 15:31:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1%2Fk2AtwG7bCYbKE1FeiKg%2B3iggNMx00SxohmwwuIoYAxZwXTEKj5gEZ1ZxN5EQ97OmXjyeF9xj4qqHOHg2d726yNXLvdrSw53aMz0Ss3Ti0UnzUz1wlNLnNLayPwSHXwhUC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
86fa968908d639d8-YYZ
expires
Fri, 12 Apr 2024 15:31:57 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rotatewell.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86fa9689bde910df-ORD
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 05 Apr 2024 15:31:57 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwldPaRh56yOXeUQFU%2BlKwyOXripfatkG%2FlGOXJPU0j2iPOeD9%2FgvsOqkDEch0ug5RUxj0f7QOZsqKfuR7a7RbtfoBB%2FLxaGkbXoAVUlyOdQIFuiwaiVNHlTXJOcekTNV7ejUsMcGu5M"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 05 Apr 2024 15:31:57 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9%2By7H6bu7rkYnXKpFxizj%2BnjCZ1b8xz1f5M8kyzVCYIp039oQmqf1HAttS%2B4Xy6j%2FuaC5mn5h%2B4kc%2FzUN%2FQVHTedtEGXlhZB4LV%2BRo1vAx5IdtU2%2BgYlAeybD6DUmnSRFoZA4cUkBv0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86fa968a8f0d10df-ORD
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://rotatewell.click/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 05 Apr 2024 15:31:58 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFYhyjo0xPds7q%2Ftb%2F0D0pcy1wQpSbHu4tIziOJPoS6ltCqp1INUTGyHV3wc2Dii1gjN5KJqN%2FJf8ZV0cdxVLtqHxpNUHqwAsiluCXO9K7QkPRTZAxaeH4kYw%2Bb8JZ91qLF3LsUXfoBu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86fa96958fb010df-ORD
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rotatewell.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86fa96952f4110df-ORD
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 05 Apr 2024 15:31:58 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ua6E%2FNOlnkfvUHB4hvnZTGp95QW2T%2FDoC1g77Sg19Ma3rYgp4fONnJzwd7x%2FKUYox2D%2FqRm8KuP6KkHktojGTxKFoKbBn6619G2FbiOoEFwZKEUOwCj9Kik1%2BoZ5H5%2FmafkAYqOKMWAj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap number| refresh_page function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_tag_manager object| google_tag_data function| datehax function| startTimer number| duration undefined| time string| popUrl function| getPopUrl undefined| refresh string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU function| count_p function| mfq_tags number| count_img number| time_img function| fadeInImgModal string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| questiontx string| of number| advEmail number| email_pixel number| cpl_pixel string| cpl_pixel_atp string| prod_var string| pname_modal number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
hearpinerpin.com/ Name: uid4177
Value: 1164928824-20240405113154-5ba165a6bc31abaff6de694727ce6d09-0
intuitway.click/ Name: PHPSESSID
Value: 0ef4755a6974c9d34318a5db87eef274
rotatewell.click/ Name: PHPSESSID
Value: c9d98337c43c247408cca125c94bd538
.rotatewell.click/ Name: _ga_JMJ044GLKX
Value: GS1.1.1712331116.1.0.1712331116.0.0.0
.rotatewell.click/ Name: _ga
Value: GA1.1.2137660205.1712331117

1 Console Messages

Source Level URL
Text
other error URL: https://rotatewell.click/8ba8f858bcfc69329cedaff50fd93e04
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-adulvion.com
hearpinerpin.com
intuitway.click
rotatewell.click
trk-adulvion.com
wix-l.in
www.google-analytics.com
www.googletagmanager.com
104.21.54.87
104.21.80.104
142.251.179.97
172.253.62.101
172.67.132.158
172.67.177.226
199.36.158.100
91.236.120.117
0097c9e5bb44d404cbfeedaab7de01f366c08b35d64cfbaed6e9fc2a26f4e07e
10ba49eb3165c20fb10cb5b2abc25543b9876aa66914075d33f2818e990b6436
1176f85a0b084f161dbe5192394ad58ce5efd6ccc529079e222f240db83bd4f4
1f32d9c20b89e006184e40d3348100e2e290dd3c958e0c479a1c1f11c3093439
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
355076dabb5e17b8443d2ab2f8d33191ca2d2d5369207cda364ce612d96e2cec
3b0af3064ec362abee59ae432e41d564e77f5c88d7d4818b6173308ff2d6bee1
4beb3e330f8ec38d995717add18fc010bb4fe27e4cd09303dd6d3c7cc8e6ec79
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4f6ab4322fe1a9131e7ef91aa39a90a25a31f5c9d63bd64f8260eee48fc8bb8f
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
6b3771113ea2c584837a3b4036f7f8f810c11e8b02f78e98eed712c82618077a
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
8581b7303f826b134b1c47eae7c9a672514237095854a9596e23c0c141a1456a
8a837aed00580fa70396811a9979d9e8e1c3a17ef6a6294a808f2590c4ae304b
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
934e71546c23a3215be3adc8c8e2bae5acf5b721f162ee0069de1d7a9f2f77c9
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
a2652359fa641f8f62b860423be1f2b5f856dcd7694512530f7051f71588a7aa
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
cc8a4b29d82a9b8bb2f577bb1a64c13acb3f870d26ca34025536281b5c73cb9f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeeddc177712f93429641a477379d814252ee02ec27c29c531a9f2a0d31ae55f
f2186773758af2ea958e5bc5cc28d12dcb5fec9b0d511484df99a7295527e58c
f6a4abfc08f9d1c5a888415f75aad862e519a2283d43e2677f0090ed475870cd
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194