URL: https://newyear.tlweb.ru/
Submission Tags: phishingrod
Submission: On February 12 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 5.101.152.206, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is newyear.tlweb.ru.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time newyear.tlweb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 5.101.152.206 198610 (BEGET-AS)
1 2a04:4e42::649 54113 (FASTLY)
10 3
Apex Domain
Subdomains
Transfer
9 tlweb.ru
newyear.tlweb.ru
229 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 761
30 KB
10 2
Domain Requested by
9 newyear.tlweb.ru newyear.tlweb.ru
1 code.jquery.com newyear.tlweb.ru
10 2

This site contains no links.

Subject Issuer Validity Valid
tlweb.ru
R3
2024-01-23 -
2024-04-22
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://newyear.tlweb.ru/
Frame ID: E8832C7D3EC9460006ED05AC8E77D3AD
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Новый 2023 год!

Page URL History Show full URLs

  1. https://newyear.tlweb.ru/ Page URL
  2. https://newyear.tlweb.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

259 kB
Transfer

324 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newyear.tlweb.ru/ Page URL
  2. https://newyear.tlweb.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
newyear.tlweb.ru/
274 B
395 B
Document
General
Full URL
https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
274
content-type
text/html
date
Mon, 12 Feb 2024 12:01:12 GMT
etag
"5b3fb20e-112"
last-modified
Fri, 06 Jul 2018 18:16:46 GMT
server
nginx
Primary Request /
newyear.tlweb.ru/
1 KB
686 B
Document
General
Full URL
https://newyear.tlweb.ru/
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
688e0b3babcb13f79436740722b430e11b377c5101fca0256aad13bda2eb4f88

Request headers

Referer
https://newyear.tlweb.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 12 Feb 2024 12:01:12 GMT
server
nginx
vary
Accept-Encoding
main.css
newyear.tlweb.ru/styles/css/
772 B
528 B
Stylesheet
General
Full URL
https://newyear.tlweb.ru/styles/css/main.css
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
f376686b536e2293f43c3b712c3b530ef5e1dbbee101831c8c01ff5a29cbf89e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 12:06:57 GMT
server
nginx
etag
W/"61b73761-304"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Mon, 19 Feb 2024 12:01:12 GMT
moose.css
newyear.tlweb.ru/styles/css/
8 KB
5 KB
Stylesheet
General
Full URL
https://newyear.tlweb.ru/styles/css/moose.css
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
bc19b87463c6ee3c27d7d83b8e85923ff0ef772ee1fbb527868c8383e5bc2f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 11:35:37 GMT
server
nginx
etag
W/"61b73009-217a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Mon, 19 Feb 2024 12:01:12 GMT
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3056354
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-fra-etou8220099-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1707739272.355759,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 469827
script.js
newyear.tlweb.ru/scripts/moose/
4 KB
1 KB
Script
General
Full URL
https://newyear.tlweb.ru/scripts/moose/script.js
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
cb9cd7e42bf98bbd0191ed83cc2d263752f2a48d43a83cf150e6727a79d16560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 12:13:47 GMT
server
nginx
etag
W/"61b738fb-e90"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Mon, 19 Feb 2024 12:01:12 GMT
moose-head.png
newyear.tlweb.ru/scripts/moose/
19 KB
19 KB
Image
General
Full URL
https://newyear.tlweb.ru/scripts/moose/moose-head.png
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/styles/css/moose.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
0afb69a1b4eececaeb3f88ab773fa8fb1258130e357e61223b93c437b0d03b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/styles/css/moose.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
last-modified
Mon, 13 Dec 2021 08:00:45 GMT
server
nginx
etag
"61b6fdad-4a8f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19087
expires
Wed, 13 Mar 2024 12:01:12 GMT
moose.png
newyear.tlweb.ru/scripts/moose/
25 KB
25 KB
Image
General
Full URL
https://newyear.tlweb.ru/scripts/moose/moose.png
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/styles/css/moose.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
d730720ed58932a9539e8b7b3f53b88a577f1b085d3853efc791201f6359ec7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear.tlweb.ru/styles/css/moose.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
last-modified
Mon, 13 Dec 2021 08:00:45 GMT
server
nginx
etag
"61b6fdad-6431"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25649
expires
Wed, 13 Mar 2024 12:01:12 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffee75ec3252c0a76baa4c7e9497de13ba8a9bc468f12d1111bdff24dc64a306

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077d0e3c5c9fbaa653040199841945930d70045ab067a36d64be45b6e1e1d858

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
741 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41d233f1169d3faf6e3ed553d57e728c4980f6436835e1175267922d25594d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
Kurale-Regular.woff2
newyear.tlweb.ru/styles/fonts/
76 KB
77 KB
Font
General
Full URL
https://newyear.tlweb.ru/styles/fonts/Kurale-Regular.woff2
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/styles/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
8bd918ff0eaa7cb0be6baa4b9724b05a56129bc8cecfca071e739006e9fa5550

Request headers

Referer
https://newyear.tlweb.ru/styles/css/main.css
Origin
https://newyear.tlweb.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
last-modified
Mon, 13 Dec 2021 12:06:57 GMT
server
nginx
etag
"61b73761-13164"
content-type
application/font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
78180
expires
Wed, 13 Mar 2024 12:01:12 GMT
Lobster-Regular.woff2
newyear.tlweb.ru/styles/fonts/
100 KB
101 KB
Font
General
Full URL
https://newyear.tlweb.ru/styles/fonts/Lobster-Regular.woff2
Requested by
Host: newyear.tlweb.ru
URL: https://newyear.tlweb.ru/styles/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.152.206 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.enisey5.beget.com
Software
nginx /
Resource Hash
47581279f0fa774dbb62729f5e1f3898b017657f7fba386311c5c39dafc463c0

Request headers

Referer
https://newyear.tlweb.ru/styles/css/main.css
Origin
https://newyear.tlweb.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 12:01:12 GMT
last-modified
Mon, 13 Dec 2021 12:06:57 GMT
server
nginx
etag
"61b73761-191f0"
content-type
application/font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
102896
expires
Wed, 13 Mar 2024 12:01:12 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
newyear.tlweb.ru/ Name: beget
Value: begetok