newyearseveprovidence.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearseveprovidence.com/
Submission Tags: phishingrod
Submission: On February 27 via api (February 27th 2024, 3:26:56 pm UTC) from DE — Scanned from NL

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newyearseveprovidence.com.
TLS certificate: Issued by E1 on February 27th 2024. Valid for: 3 months.

This is the only time newyearseveprovidence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	162.19.58.160 162.19.58.160	16276 (OVH) (OVH)
1 1	66.29.146.27 66.29.146.27	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	2a06:98c1:3121:: 2a06:98c1:3121::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	5

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

newyearseveprovidence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.58.160 (France)

ASN16276 (OVH, FR)
PTR: ns3096649.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.29.146.27 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium225-4.web-hosting.com

main-slot88.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121:: (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lasixn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lasixn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	lasixn.com 1 redirects lasixn.com www.lasixn.com	7 KB
5	ibb.co i.ibb.co — Cisco Umbrella Rank: 12287	128 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 394	88 KB
1	main-slot88.online 1 redirects main-slot88.online	329 B
1	newyearseveprovidence.com newyearseveprovidence.com	5 KB
15	5

	Domain	Requested by
5	www.lasixn.com	cdn.ampproject.org www.lasixn.com
5	i.ibb.co	newyearseveprovidence.com
4	cdn.ampproject.org	newyearseveprovidence.com cdn.ampproject.org
1	lasixn.com	1 redirects
1	main-slot88.online	1 redirects
1	newyearseveprovidence.com
15	6

This site contains links to these domains. Also see Links.

Domain
rebrand.ly

Subject Issuer	Validity	Valid
newyearseveprovidence.com E1	`2024-02-27` - `2024-05-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
lasixn.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://newyearseveprovidence.com/
Frame ID: 805C21E21EB9B77E8E05634F0DDB49EF
Requests: 11 HTTP requests in this frame

Frame: https://www.lasixn.com/
Frame ID: A420767BF9CDA88E9D7C77350228A4A4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOTO MACAU - DATA TOTO MACAU - KELUARAN TOTO MACAU - RESULT TOTO MACAU

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

227 kB
Transfer

480 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/superpion
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://rebrand.ly/pion1togel
Title: LIVE CHAT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://main-slot88.online/data-macau/ HTTP 301
https://lasixn.com/ HTTP 301
https://www.lasixn.com/

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newyearseveprovidence.com/ 16 KB
5 KB 419ms
351ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c94caaabcda1ef6ef749ccd784f86a376a9f7a9fab540e255b6686b518aee76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c172d4abd20a61-AMS
content-encoding: br
content-type: text/html
date: Tue, 27 Feb 2024 15:26:51 GMT
last-modified: Fri, 03 Nov 2023 17:22:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GsO47EVnr6KWq9%2B6DKClRUCvSes6YgyyEu%2BAH5jAPb1cp8KIxge3QVsaLmT1Fxi7mE6HpHy7%2Fp0YHsEw5TnpDA1fguRYoyXbmiC%2BXNfNPO%2B2PFMbQwsbJXIpc7faJkFMAel9xJjVKvSDDeK2edfBGtkNfuKq2u4"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 211ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28452f2846f30ae5d7cbc35229e88de55e637e2410e7692381a35ae128c415ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 15:26:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73115
x-xss-protection: 0
server: sffe
etag: "ea45357c26d229f2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 15:26:52 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 293ms
141ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cbef5922e69dc50b3bac8d311dd32e6697930c4381eacf4f68fe813e930341f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 15:26:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8933
x-xss-protection: 0
server: sffe
etag: "cd0d63316cb8c8b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 15:26:52 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d23d607b72183d0801eed7dca342ea01a3c36470a51802fd991938270572d65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logopion.png
i.ibb.co/xhfXvKz/ 12 KB
12 KB 266ms
208ms Image
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/xhfXvKz/logopion.png
Requested by: Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: b1797386ea3324614d2aec2c5afd226565a00ff7b7570484c932cbbc47ff6cb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:52 GMT
last-modified: Wed, 01 Nov 2023 20:13:30 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 12022
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bandar-Togel-Terpercaya.jpg
i.ibb.co/Qm1ky09/ 112 KB
113 KB 265ms
207ms Image
image/jpeg 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Qm1ky09/Bandar-Togel-Terpercaya.jpg
Requested by: Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: b0296041042b158745cb2b66cbc16791c2634c430ee9e2b70faff8d50f659fbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:52 GMT
last-modified: Wed, 01 Nov 2023 08:41:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 114740
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livechat-toto-macau.png
i.ibb.co/6sdwrMH/ 949 B
1 KB 84ms
26ms Image
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/6sdwrMH/livechat-toto-macau.png
Requested by: Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: e043b39923550507b54d562fec8094c08864100d9236cdc2ae09cb86cccad088

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:52 GMT
last-modified: Wed, 16 Aug 2023 14:13:55 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 949
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 daftar-macau.png
i.ibb.co/qn3Lydk/ 518 B
761 B 83ms
25ms Image
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qn3Lydk/daftar-macau.png
Requested by: Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: c6549881332e96d6c34654fc63cdd861d37a5d16fa9f7287fc16c678bdea0db1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:52 GMT
last-modified: Wed, 16 Aug 2023 14:13:11 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 518
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wa-toto-macau.png
i.ibb.co/m8NvRKb/ 1 KB
2 KB 265ms
208ms Image
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/m8NvRKb/wa-toto-macau.png
Requested by: Host: newyearseveprovidence.com
URL: https://newyearseveprovidence.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: 4b8829391a64a6af2d9efd6d0838cb6c7ade700cc7a44f859200e25e56e9cb10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newyearseveprovidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:52 GMT
last-modified: Wed, 16 Aug 2023 14:12:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1413
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012402080818000/v0/ 8 KB
3 KB 101ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402080818000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f7b2a5cb2633f09255dbf282e781debc92494b50391e833713aee57e61a9ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseveprovidence.com/
Origin: https://newyearseveprovidence.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 09:11:34 GMT
age: 22518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "9642737be4ce8b86"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 09:11:34 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012402080818000/v0/ 12 KB
4 KB 96ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402080818000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653a8b2d6c8fef44b5d1b07aa4403e96ef0959f6590071eb3f1fe5e7e2bbd48a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseveprovidence.com/
Origin: https://newyearseveprovidence.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 15:21:22 GMT
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: sffe
etag: "e84d49c5b65ada2b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 15:21:22 GMT

GET
H2

200

/ Show response
www.lasixn.com/ Frame A420
Redirect Chain

https://main-slot88.online/data-macau/
https://lasixn.com/
https://www.lasixn.com/

1 KB
1 KB

585ms
485ms

Document
text/html

2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lasixn.com/
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbdf6455e64f780765d11d7654ae39471e0c3254da1ac863af360733b721cfc3

Request headers

Referer: https://newyearseveprovidence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c172e38e411ca6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 15:26:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekT6aKpkdM0ad1dtWs8JVTRNltPEzJKk20%2B0iFpiiAUipWq14WP1ZaoOt6bGaRw76Iomi1CvczI%2FxO5An2efe8EGR6C1zRlRA0cXtpmFcdvz8%2BklVXjbLlFECex7AzE9dATs1ibbxbwzBHhfsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 85c172e2ca2b0b3a-AMS
date: Tue, 27 Feb 2024 15:26:53 GMT
expires: Tue, 27 Feb 2024 16:26:53 GMT
location: https://www.lasixn.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPIUHE%2FGClvcBH9N4X9DaB4O3o%2FXiFAAkbXp66kTqTUK2kYzU8NoabUo0a1venoSvqkxzXBc9uz2zHH9wiNV9zWFWREqxEFKbDnx8EoEEQqokuF4GD%2BUInngyj0xZGS2xBSfuv01awpN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 autoindex.css
www.lasixn.com/_autoindex/assets/css/ Frame A420 3 KB
2 KB 468ms
466ms Stylesheet
text/css 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lasixn.com/_autoindex/assets/css/autoindex.css
Requested by: Host: www.lasixn.com
URL: https://www.lasixn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e1e1cbb4256d8006ccfcc7c7c8e891276191714768291589b40483d3f0fe46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lasixn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 07:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVkhDoTe3pmNsjAGWXXxjxDppw32E3CnoxikX9gD%2BDhla55dbCyjJjaMUdiboDZT24ppRqH3IW29O5tJpxEFGAzd6wO7%2FtLHgvYNmf5cGNSGUVSykYcCw72Tek2gP4JabZd4lm%2Fq5w8Ev0laqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c172e69b581ca6-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 15:26:54 GMT

GET
H2 200 tablesort.js Show response
www.lasixn.com/_autoindex/assets/js/ Frame A420 8 KB
3 KB 27ms
27ms Script
application/javascript 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lasixn.com/_autoindex/assets/js/tablesort.js
Requested by: Host: www.lasixn.com
URL: https://www.lasixn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a6b3fd328d213b1c6211581fc0dd5b56dd9db878e4fee73d33f5dd699aced3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lasixn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Feb 2024 07:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 252093
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFRPlNrIIKXl7J8d7OYImIpz1ML23EbdyCnNusX7bZquixp2XH3ZFgl6ivV5u4EEuCwIK0JkV0Lob%2B5OBcNF%2Fs0eyQaU9PJeXrKKDrmy7xFx1fbC%2FAeV2r5yy6%2FdGbNt%2FCz5E%2B7LJmTsW5AwRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c172e69b5c1ca6-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 17:25:21 GMT

GET
H2 200 tablesort.number.js Show response
www.lasixn.com/_autoindex/assets/js/ Frame A420 682 B
716 B 26ms
26ms Script
application/javascript 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lasixn.com/_autoindex/assets/js/tablesort.number.js
Requested by: Host: www.lasixn.com
URL: https://www.lasixn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff78b7ea9124ad40c205b606048c819dbbdc9c708105961d89859f79092cd07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lasixn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 24 Feb 2024 07:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 438
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfA3LZt6p5KKfvhOIdNjd6y3JZTDtaD2pkAwv8aIBpFRgk8CG8ibSOZ3hGoy4kLSgKKVDutOgo6A9Sq7EsHk%2Fgb0dTedL3AJjGhCXe%2FO6qS2rRGV6H5jaOUfvXrA%2FmPeHPQoWiyvqX0FR5M3sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c172e69b5e1ca6-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 15:19:36 GMT

GET
H2 200 folder-fill.svg
www.lasixn.com/_autoindex/assets/icons/ Frame A420 591 B
683 B 464ms
463ms Image
image/svg+xml 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lasixn.com/_autoindex/assets/icons/folder-fill.svg
Requested by: Host: www.lasixn.com
URL: https://www.lasixn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52ea75a526a963a5d7371795d5dacb4ceaabfe6c77bdd9649f0b457b0d6009e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lasixn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:26:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 07:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNrzwu0PxNrXTTfAMpmotXv6NOCtIeXP%2FhPE3%2Fj5rC2ZnPGs2fe4jR8w%2Bl2FbriitvhmPBiidnm7Sf6aczEdiPNa1hn4hWpLyy058p0ugzIQjVpzSVoECOcwN2Rb87zK%2BTz42R%2FvmegpqRQwxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c172e69b5f1ca6-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 15:26:54 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
i.ibb.co
lasixn.com
main-slot88.online
newyearseveprovidence.com
www.lasixn.com
162.19.58.160
2a00:1450:4001:811::2001
2a06:98c1:3121::
2a06:98c1:3121::3
2a06:98c1:3121::9
66.29.146.27
28452f2846f30ae5d7cbc35229e88de55e637e2410e7692381a35ae128c415ba
2c94caaabcda1ef6ef749ccd784f86a376a9f7a9fab540e255b6686b518aee76
37e1e1cbb4256d8006ccfcc7c7c8e891276191714768291589b40483d3f0fe46
4b8829391a64a6af2d9efd6d0838cb6c7ade700cc7a44f859200e25e56e9cb10
4d23d607b72183d0801eed7dca342ea01a3c36470a51802fd991938270572d65
5cbef5922e69dc50b3bac8d311dd32e6697930c4381eacf4f68fe813e930341f
5ff78b7ea9124ad40c205b606048c819dbbdc9c708105961d89859f79092cd07
653a8b2d6c8fef44b5d1b07aa4403e96ef0959f6590071eb3f1fe5e7e2bbd48a
6a6b3fd328d213b1c6211581fc0dd5b56dd9db878e4fee73d33f5dd699aced3e
99f7b2a5cb2633f09255dbf282e781debc92494b50391e833713aee57e61a9ea
b0296041042b158745cb2b66cbc16791c2634c430ee9e2b70faff8d50f659fbd
b1797386ea3324614d2aec2c5afd226565a00ff7b7570484c932cbbc47ff6cb4
bbdf6455e64f780765d11d7654ae39471e0c3254da1ac863af360733b721cfc3
c6549881332e96d6c34654fc63cdd861d37a5d16fa9f7287fc16c678bdea0db1
e043b39923550507b54d562fec8094c08864100d9236cdc2ae09cb86cccad088
e52ea75a526a963a5d7371795d5dacb4ceaabfe6c77bdd9649f0b457b0d6009e

newyearseveprovidence.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

227 kBTransfer

480 kBSize

0 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

newyearseveprovidence.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

227 kB
Transfer

480 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions