newyearcount.rf.gd Open in urlscan Pro
185.27.134.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newyearcount.rf.gd/
Effective URL:
http://newyearcount.rf.gd/?i=1
Submission Tags: phishingrod
Submission: On April 09 via api (April 9th 2023, 9:41:11 am UTC) from DE — Scanned from GB

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 185.27.134.154, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is newyearcount.rf.gd.

This is the only time newyearcount.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	185.27.134.154 185.27.134.154	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2606:4700:303... 2606:4700:3032::ac43:d97c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.120 172.67.71.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	5

6 185.27.134.154 (United Kingdom) 1 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

newyearcount.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d97c (United States)

ASN13335 (CLOUDFLARENET, US)

ertorworld.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.120 (United States)

ASN13335 (CLOUDFLARENET, US)

errors.infinityfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

fm.ertorworld.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	rf.gd 1 redirects newyearcount.rf.gd	35 KB
2	ertorworld.ru ertorworld.ru fm.ertorworld.ru
1	infinityfree.net errors.infinityfree.net — Cisco Umbrella Rank: 936714
8	3

	Domain	Requested by
6	newyearcount.rf.gd	1 redirects newyearcount.rf.gd
1	fm.ertorworld.ru	newyearcount.rf.gd
1	errors.infinityfree.net	newyearcount.rf.gd
1	ertorworld.ru	newyearcount.rf.gd
8	4

This site contains links to these domains. Also see Links.

Domain
t.me
ertorworld.ru

Subject Issuer	Validity	Valid
*.ertorworld.ru GTS CA 1P5	`2023-03-26` - `2023-06-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://newyearcount.rf.gd/?i=1
Frame ID: 9F24ACB439332F2912E549F6336CE151
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Отсчёт до нового года

Page URL History Show full URLs

http://newyearcount.rf.gd/ Page URL
http://newyearcount.rf.gd/?i=1 Page URL

Page Statistics

8
Requests

13 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

35 kB
Transfer

37 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/michiguntank/
Title: Telegram

Search URL Search Domain Scan URL

URL: https://ertorworld.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newyearcount.rf.gd/ Page URL
http://newyearcount.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://newyearcount.rf.gd/img/back.jpg HTTP 302
https://errors.infinityfree.net/errors/404/

8 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response newyearcount.rf.gd/	829 B 827 B	194ms 75ms	Document text/html	185.27.134.154 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://newyearcount.rf.gd/ Protocol HTTP/1.1 Server 185.27.134.154 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `9adeccba90af79fe27b6908e6dc405fd87c1f1944869d9e1bc0a37647517df3a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 09 Apr 2023 09:41:05 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	aes.js Show response newyearcount.rf.gd/	30 KB 31 KB	76ms 76ms	Script application/javascript	185.27.134.154 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://newyearcount.rf.gd/aes.js Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/ Protocol HTTP/1.1 Server 185.27.134.154 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc` Request headers accept-language en-GB,en;q=0.9 Referer http://newyearcount.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 09 Apr 2023 09:41:05 GMT Last-Modified Sat, 08 Aug 2015 08:12:23 GMT Server nginx ETag "55c5b9e7-79e6" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 31206
GET H/1.1	200 OK	Primary Request / Show response newyearcount.rf.gd/	1 KB 1 KB	82ms 81ms	Document text/html	185.27.134.154 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://newyearcount.rf.gd/?i=1 Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/ Protocol HTTP/1.1 Server 185.27.134.154 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `20a674080df59399bef7da9c5b1c6fe66fe2d7b699deb2d81df3c85a73df13ad` Request headers Referer http://newyearcount.rf.gd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control max-age=2592000, public, proxy-revalidate, public, proxy-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 09 Apr 2023 09:41:06 GMT Expires Tue, 09 May 2023 09:41:06 GMT Last-Modified Sun, 09 Apr 2023 08:34:07 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	newstyle.css newyearcount.rf.gd/css/	3 KB 1 KB	68ms 67ms	Stylesheet text/css	185.27.134.154 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://newyearcount.rf.gd/css/newstyle.css Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/?i=1 Protocol HTTP/1.1 Server 185.27.134.154 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `90a7f31e81b223e1c62598cf9c4ebbb90f8073e7f923a632f7d2936aac1bd987` Request headers accept-language en-GB,en;q=0.9 Referer http://newyearcount.rf.gd/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 09 Apr 2023 09:41:06 GMT Content-Encoding gzip Last-Modified Sun, 09 Apr 2023 08:34:09 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate Connection keep-alive Expires Tue, 09 May 2023 09:41:06 GMT
GET H/1.1	200 OK	newyear.js Show response newyearcount.rf.gd/js/	1 KB 962 B	135ms 71ms	Script application/javascript	185.27.134.154 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://newyearcount.rf.gd/js/newyear.js Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/?i=1 Protocol HTTP/1.1 Server 185.27.134.154 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `967c0f6d14d753a5a660cd09d95ab12458ff435beacd0d97f275f4b8f17a6822` Request headers accept-language en-GB,en;q=0.9 Referer http://newyearcount.rf.gd/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Sun, 09 Apr 2023 09:41:06 GMT Content-Encoding gzip Last-Modified Sun, 09 Apr 2023 08:34:08 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate Connection keep-alive Expires Tue, 09 May 2023 09:41:06 GMT
GET H/1.1	404 Not Found	ErtorWorldbaner.png ertorworld.ru/img/	0 0	378ms 255ms	Image text/html	2606:4700:3032::ac43:d97c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ertorworld.ru/img/ErtorWorldbaner.png Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/?i=1 Protocol HTTP/1.1 Server 2606:4700:3032::ac43:d97c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer http://newyearcount.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers
GET H2	404	/ errors.infinityfree.net/errors/404/ Redirect Chain http://newyearcount.rf.gd/img/back.jpg https://errors.infinityfree.net/errors/404/	0 0	160ms 94ms	Image text/html	172.67.71.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://errors.infinityfree.net/errors/404/ Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/css/newstyle.css Protocol H2 Server 172.67.71.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer http://newyearcount.rf.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Redirect headers Date Sun, 09 Apr 2023 09:41:06 GMT Server nginx Content-Type text/html; charset=iso-8859-1 Location https://errors.infinityfree.net/errors/404/ Cache-Control max-age=2592000 Connection keep-alive Content-Length 227 Expires Tue, 09 May 2023 09:41:06 GMT
GET H2	404	stream fm.ertorworld.ru/	0 0	307ms 216ms	Media text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fm.ertorworld.ru/stream Requested by Host: newyearcount.rf.gd URL: http://newyearcount.rf.gd/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://newyearcount.rf.gd/ Accept-Encoding identity;q=1, ;q=0 accept-language* en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Range bytes=0- Response headers
GET DATA	200 OK	truncated /	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	180 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	354 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			newyearcount.rf.gd/	1970-01-20 20:33:13	Name: __test Value: 48d9b19c095381a0085e8986efb9baa9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://errors.infinityfree.net/errors/404/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://ertorworld.ru/img/ErtorWorldbaner.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fm.ertorworld.ru/stream Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

errors.infinityfree.net
ertorworld.ru
fm.ertorworld.ru
newyearcount.rf.gd
172.67.71.120
185.27.134.154
2606:4700:3032::ac43:d97c
2a06:98c1:3120::3
20a674080df59399bef7da9c5b1c6fe66fe2d7b699deb2d81df3c85a73df13ad
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
90a7f31e81b223e1c62598cf9c4ebbb90f8073e7f923a632f7d2936aac1bd987
967c0f6d14d753a5a660cd09d95ab12458ff435beacd0d97f275f4b8f17a6822
9adeccba90af79fe27b6908e6dc405fd87c1f1944869d9e1bc0a37647517df3a
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

newyearcount.rf.gd Open in urlscan Pro 185.27.134.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

13 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

35 kBTransfer

37 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

newyearcount.rf.gd Open in urlscan Pro
185.27.134.154 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

35 kB
Transfer

37 kB
Size

1
Cookies

8 HTTP transactions
3 data transactions