andersonsnewyear.com Open in urlscan Pro
34.233.83.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://andersonsnewyear.com/
Submission Tags: phishingrod
Submission: On July 23 via api (July 23rd 2024, 5:27:59 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 34.233.83.80, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is andersonsnewyear.com.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.

This is the only time andersonsnewyear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	34.233.83.80 34.233.83.80	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.20.60.193 107.20.60.193	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
21	7

12 34.233.83.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pmws11.heropm.com

andersonsnewyear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.60.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: corporate.heropm.com

resources.heropm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	andersonsnewyear.com andersonsnewyear.com	2 MB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	100 KB
2	google.com 1 redirects maps.google.com — Cisco Umbrella Rank: 3713 www.google.com — Cisco Umbrella Rank: 10	362 B
2	gstatic.com fonts.gstatic.com	72 KB
1	heropm.com resources.heropm.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	2 KB
21	6

	Domain	Requested by
12	andersonsnewyear.com	andersonsnewyear.com
3	ajax.googleapis.com	andersonsnewyear.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	andersonsnewyear.com
1	maps.google.com	1 redirects
1	resources.heropm.com	andersonsnewyear.com
1	cdnjs.cloudflare.com	andersonsnewyear.com
1	fonts.googleapis.com	andersonsnewyear.com
21	8

This site contains no links.

Subject Issuer	Validity	Valid
andersonsnewyear.com R11	`2024-07-22` - `2024-10-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.heropm.com RapidSSL TLS RSA CA G1	`2024-02-17` - `2025-02-20`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://andersonsnewyear.com/
Frame ID: 5DF9B5C39F9E9F16C7087480F1CE7000
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d26680.075354591281!2d-111.726638!3d33.292414!3m2!1i1024!2i768!4f13.1!2m1!1s16520+E+Pecos+Road,+Gilbert,+AZ!5e1!6i14!3m1!1sen!5m1!1sen
Frame ID: 9C105B866F0F0493B5E3DA4171F19273
Requests: 1 HTTP requests in this frame

Frame: https://andersonsnewyear.com/admin/sys_processDaily.mvc
Frame ID: 530ABFE995C55A93B199641A4102C2CF
Requests: 1 HTTP requests in this frame

Frame: https://andersonsnewyear.com/admin/sys_processHourly.mvc
Frame ID: 9557CF869932F5CDA9571F79F2BE38E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Andersons New Year - Gilbert, AZ

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

1914 kB
Transfer

2259 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=16520+E%20Pecos%20Road,%20Gilbert,%20AZ&aq=&sll=37.0625,-95.677068&sspn=57.379893,135.263672&t=h&ie=UTF8&hq=&hnear=16520%20E%20Pecos%20Rd,%20Gilbert,%20Arizona%2085297&z=14&ll=33.292414,-111.726638&output=embed HTTP 301
https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d26680.075354591281!2d-111.726638!3d33.292414!3m2!1i1024!2i768!4f13.1!2m1!1s16520+E+Pecos+Road,+Gilbert,+AZ!5e1!6i14!3m1!1sen!5m1!1sen

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
andersonsnewyear.com/ 6 KB
2 KB 814ms
188ms Document
text/html 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 759c0810cb7dc833a75d3d59c8d9ba857c076f1c6b7e3224a883ca31e57abbb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Tue, 23 Jul 2024 05:27:52 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1/themes/smoothness/ 31 KB
6 KB 181ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1/themes/smoothness/jquery-ui.css

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 11:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6001
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 11:59:12 GMT

GET
H2 200 style_101.css
andersonsnewyear.com/ 5 KB
1 KB 378ms
368ms Stylesheet
text/css 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/style_101.css
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 4924c375d3fdb8c395c5db137126ed21f637ea054e116566a508609f1fc90dc3

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
last-modified: Fri, 11 Dec 2015 05:37:28 GMT
server: nginx
etag: W/"566a6118-13ff"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style_102.css
andersonsnewyear.com/ 78 KB
5 KB 379ms
369ms Stylesheet
text/css 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/style_102.css
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 4c5243d526829a1fc7586ebc4da79e238bb279b263cf07489989a07b504a24fd

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
last-modified: Fri, 11 Dec 2015 04:04:00 GMT
server: nginx
etag: W/"566a4b30-139b7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 1 KB
862 B 188ms
59ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mountains%20of%20Christmas%7COxygen

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400371623f662625b47849ea11c995ecf5661c63db20849625e40684139f9f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 05:27:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 05:27:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 183ms
55ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 09:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jul 2025 09:23:17 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1/ 223 KB
60 KB 239ms
111ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.min.js

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61441
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jul 2025 21:14:50 GMT

GET
H3 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 5 KB
2 KB 70ms
36ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 460918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1507
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-15b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01nJdjnYHeyHD5hzjD285Z5NiklVbHTNwOuSYmg%2F4IuETKyx3dZavrE%2BBa0mRzgcCdQgOnE%2FNrADuVPznt%2FAlHA%2FIiaJgtxMAgfym4EMmWNy7eFjaKfdnmmu91tXS3MjUkwyGs3P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7943881e9f92ac-CPH
expires: Sun, 13 Jul 2025 05:27:52 GMT

GET
H2 200 script_modernizr.js Show response
andersonsnewyear.com/ 11 KB
5 KB 257ms
250ms Script
application/javascript 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/script_modernizr.js
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 91790f181496662dea959bc3feda43ee6a1742653138f9c872a47b2c33602e45

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
last-modified: Sun, 26 Feb 2017 19:56:52 GMT
server: nginx
etag: W/"58b33304-2ae9"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 script_formshim.js Show response
andersonsnewyear.com/ 11 KB
4 KB 373ms
367ms Script
application/javascript 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/script_formshim.js
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 256e2993b8bf090ee3c62d335fd226a8398af9a6f39210188cfac8e20de232d2

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
last-modified: Sun, 26 Feb 2017 19:56:52 GMT
server: nginx
etag: W/"58b33304-2da6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 style_formshim.css
andersonsnewyear.com/ 4 KB
2 KB 375ms
369ms Stylesheet
text/css 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/style_formshim.css
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 05b4c0672bb8ed269daa22cee05c58263843fdb506f125e78844180e4825e827

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
content-encoding: br
last-modified: Sun, 26 Feb 2017 19:56:52 GMT
server: nginx
etag: W/"58b33304-11a4"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 102.png
andersonsnewyear.com/images/ 213 KB
214 KB 370ms
365ms Image
image/png 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andersonsnewyear.com/images/102.png
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: b900ec84e85a4793058c17934133eb7f4bdd88de646a60b0b2c0791e589aaa4d

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
last-modified: Fri, 11 Dec 2015 04:35:40 GMT
server: nginx
etag: "566a529c-35524"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 218404

GET
H2 200 101.png
andersonsnewyear.com/images/ 28 KB
28 KB 253ms
249ms Image
image/png 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andersonsnewyear.com/images/101.png
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: c79508bc1abaa7b4b2370e8cde688254e16a7b112921ed29c697627a47e5a575

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
last-modified: Fri, 11 Dec 2015 04:26:42 GMT
server: nginx
etag: "566a5082-6ffc"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 28668

GET
H/1.1 200
OK i_heroAdmin.png
resources.heropm.com/lib.images/ 2 KB
2 KB 501ms
118ms Image
image/png 107.20.60.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.heropm.com/lib.images/i_heroAdmin.png?101062SP.default.100

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

107.20.60.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

corporate.heropm.com

Software

Apache/2.4.59 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

1d54ca0967478f62a75e9e9e3ef065ac12240ecc406a373f83ef5f4ed1b85319

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 05:27:52 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Last-Modified: Fri, 06 Mar 2015 04:55:39 GMT
Server: Apache/2.4.59 (Amazon Linux) OpenSSL/3.0.8
ETag: "687-510977eeb28c0"
Content-Type: image/png
Cache-Control: max-age=0, no-store
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=100
Content-Length: 1671

GET
H2 200 defaultbgHtml.jpg
andersonsnewyear.com/images/ 1 MB
1 MB 216ms
215ms Image
image/jpeg 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andersonsnewyear.com/images/defaultbgHtml.jpg
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 90be5ee343ac34f912858b58f54bf6c468dcc8ae94089ddd775d77201a17f05e

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:52 GMT
last-modified: Fri, 11 Dec 2015 04:08:52 GMT
server: nginx
etag: "566a4c54-1701de"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 1507806

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 223ms
107ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mountains%20of%20Christmas%7COxygen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://andersonsnewyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 11:44:16 GMT
x-content-type-options: nosniff
age: 582216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 11:44:16 GMT

GET
H3

200

embed
www.google.com/maps/ Frame 9C10
Redirect Chain

https://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=16520+E%20Pecos%20Road,%20Gilbert,%20AZ&aq=&sll=37.0625,-95.677068&sspn=57.379893,135.263672&t=h&ie=UTF8&hq=&hnear=16520%20E%20Pecos%20R...
https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d26680.075354591281!2d-111.726638!3d33.292414!3m2!1i1024!2i768!4f13.1!2m1!1s16520+E+Pecos+Road,+Gilbert,+AZ!5e1!6i14!3m1!1sen!5m1!1sen

0
0

456ms
350ms

Document
text/html

142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d26680.075354591281!2d-111.726638!3d33.292414!3m2!1i1024!2i768!4f13.1!2m1!1s16520+E+Pecos+Road,+Gilbert,+AZ!5e1!6i14!3m1!1sen!5m1!1sen

Requested by

Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-PdFVmT7vNXNs7p5FqSDKVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andersonsnewyear.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 963
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PdFVmT7vNXNs7p5FqSDKVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Tue, 23 Jul 2024 05:27:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 23 Jul 2024 05:27:52 GMT
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d26680.075354591281!2d-111.726638!3d33.292414!3m2!1i1024!2i768!4f13.1!2m1!1s16520+E+Pecos+Road,+Gilbert,+AZ!5e1!6i14!3m1!1sen!5m1!1sen
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sys_processDaily.mvc Show response
andersonsnewyear.com/admin/ Frame 530A 316 B
403 B 287ms
287ms Document
text/html 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/admin/sys_processDaily.mvc
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 713fda7b0a8d50e98e534acd288b39aab6ad25f216b9764fa434318a6187ba0b

Request headers

Referer: https://andersonsnewyear.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Tue, 23 Jul 2024 05:27:52 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 sys_processHourly.mvc Show response
andersonsnewyear.com/admin/ Frame 9557 317 B
399 B 287ms
286ms Document
text/html 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/admin/sys_processHourly.mvc
Requested by: Host: andersonsnewyear.com
URL: https://andersonsnewyear.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 46a4606477fe5c03e7cf70d3d71c58f05be253fce1c0e93f407c433107b39124

Request headers

Referer: https://andersonsnewyear.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Tue, 23 Jul 2024 05:27:52 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 3y9w6a4zcCnn5X0FDyrKi2ZRUBIy8uxoUo7eDNGsMQ.woff2
fonts.gstatic.com/s/mountainsofchristmas/v22/ 55 KB
55 KB 157ms
51ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mountainsofchristmas/v22/3y9w6a4zcCnn5X0FDyrKi2ZRUBIy8uxoUo7eDNGsMQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mountains%20of%20Christmas%7COxygen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d26e7829aa08c040a708beff64395cf2a0d9d103daf93261981cb51bcee45b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://andersonsnewyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 22:18:58 GMT
x-content-type-options: nosniff
age: 371334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56252
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jul 2025 22:18:58 GMT

GET
H2 200 favicon.ico
andersonsnewyear.com/ 1 KB
1 KB 122ms
121ms Other
image/vnd.microsoft.icon 34.233.83.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://andersonsnewyear.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.233.83.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pmws11.heropm.com
Software: nginx / PleskLin
Resource Hash: 123041004c60cee532d5c2a647db3a75c7dffbc5b37713a3aa2ebb17dc978864

Request headers

Referer: https://andersonsnewyear.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:27:53 GMT
last-modified: Fri, 11 Dec 2015 04:04:00 GMT
server: nginx
etag: "566a4b30-47e"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			andersonsnewyear.com/	1970-01-21 07:00:48	Name: htscallerid Value: 669F3F580002A23B00003C4B00000000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
andersonsnewyear.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maps.google.com
resources.heropm.com
www.google.com
104.17.25.14
107.20.60.193
142.250.186.100
2a00:1450:4001:80f::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
34.233.83.80
05b4c0672bb8ed269daa22cee05c58263843fdb506f125e78844180e4825e827
123041004c60cee532d5c2a647db3a75c7dffbc5b37713a3aa2ebb17dc978864
1d54ca0967478f62a75e9e9e3ef065ac12240ecc406a373f83ef5f4ed1b85319
256e2993b8bf090ee3c62d335fd226a8398af9a6f39210188cfac8e20de232d2
2d26e7829aa08c040a708beff64395cf2a0d9d103daf93261981cb51bcee45b6
400371623f662625b47849ea11c995ecf5661c63db20849625e40684139f9f50
46a4606477fe5c03e7cf70d3d71c58f05be253fce1c0e93f407c433107b39124
4924c375d3fdb8c395c5db137126ed21f637ea054e116566a508609f1fc90dc3
4c5243d526829a1fc7586ebc4da79e238bb279b263cf07489989a07b504a24fd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043
713fda7b0a8d50e98e534acd288b39aab6ad25f216b9764fa434318a6187ba0b
759c0810cb7dc833a75d3d59c8d9ba857c076f1c6b7e3224a883ca31e57abbb6
90be5ee343ac34f912858b58f54bf6c468dcc8ae94089ddd775d77201a17f05e
91790f181496662dea959bc3feda43ee6a1742653138f9c872a47b2c33602e45
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
b900ec84e85a4793058c17934133eb7f4bdd88de646a60b0b2c0791e589aaa4d
c79508bc1abaa7b4b2370e8cde688254e16a7b112921ed29c697627a47e5a575

andersonsnewyear.com Open in urlscan Pro 34.233.83.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

1914 kBTransfer

2259 kBSize

1 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Indicators

andersonsnewyear.com Open in urlscan Pro
34.233.83.80 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

1914 kB
Transfer

2259 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions