urlscan.io logo urlscan.io
SecurityTrails logo

happynewyear23.ru Open in urlscan Pro
87.236.16.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://happynewyear23.ru/
Submission Tags: phishingrod
Submission: On February 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 87.236.16.21, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is happynewyear23.ru.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.
This is the only time happynewyear23.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 87.236.16.21 198610 (BEGET-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 168.119.126.102 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
4 happynewyear23.ru
happynewyear23.ru
43 KB
3 mobstra.com
ev.mobstra.com
25 KB
2 gstatic.com
fonts.gstatic.com
69 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
11 4
Domain Requested by
4 happynewyear23.ru happynewyear23.ru
3 ev.mobstra.com happynewyear23.ru
ev.mobstra.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com happynewyear23.ru
11 4

This site contains no links.

Subject Issuer Validity Valid
happynewyear23.ru
R3		 2023-02-14 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
ev.mobstra.com
R3		 2023-01-23 -
2023-04-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://happynewyear23.ru/
Frame ID: 8D85DF005B2BA6D7BC4096F029E50568
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IQ Test

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

139 kB
Transfer

241 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
happynewyear23.ru/ 		1 KB
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://happynewyear23.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.bigbone.beget.com
Software
nginx-reuseport/1.21.1 / PHP/8.0.27
Resource Hash
35cdcdbcd5342dc39acc0825adc3fd9c36d6520ecf741c7f284c610d68b2b422

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 17:02:44 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
x-powered-by
PHP/8.0.27
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bad+Script&family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5210def1821563d5b3e61e7b665c9824bc2067db364f2dc42dc9a9d1db8b156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 17:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 17:02:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 17:02:45 GMT
app.b9470a45.css
happynewyear23.ru/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happynewyear23.ru/css/app.b9470a45.css
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.bigbone.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
bf583ad2d65e8993b219e0c0f19b32c8b74921db5d4885e6a07364c885cf8f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:02:44 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 22:07:29 GMT
server
nginx-reuseport/1.21.1
etag
W/"63b74a21-52d4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Tue, 21 Feb 2023 17:02:44 GMT
app.e5c1a98e.js
happynewyear23.ru/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://happynewyear23.ru/js/app.e5c1a98e.js
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.bigbone.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
f2fe09c85590bd902623a79b8552d1ef8623a6f11f820364bb7aba5b8069c34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:02:44 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 22:07:31 GMT
server
nginx-reuseport/1.21.1
etag
W/"63b74a23-6031"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Tue, 21 Feb 2023 17:02:44 GMT
chunk-vendors.dc8a8c26.js
happynewyear23.ru/js/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://happynewyear23.ru/js/chunk-vendors.dc8a8c26.js
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.bigbone.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
a07e38eff242132efca7ca214f0bb45f3d089a3ab47dcea3a5f8c64183a92e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:02:44 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 22:07:31 GMT
server
nginx-reuseport/1.21.1
etag
W/"63b74a23-161cd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Tue, 21 Feb 2023 17:02:44 GMT
js
ev.mobstra.com/event/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/js?v=UX-B-ttHA1y
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.126.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.102.126.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b4da1626a83beec61a0bdd8e19178ec293ff6b275e2a9dbb652a525624f1d0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 17:02:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
24068
Content-Type
text/javascript
css2
fonts.googleapis.com/ 		3 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Asap:ital,wght@0,500;0,700;1,700&display=swap
Requested by
Host: happynewyear23.ru
URL: https://happynewyear23.ru/css/app.b9470a45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8456d063c3e2872430492925f9bf04bdc1531e534862a03e26f21b220c1ee4b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happynewyear23.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 17:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 17:02:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 17:02:45 GMT
KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
fonts.gstatic.com/s/asap/v26/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v26/KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:ital,wght@0,500;0,700;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de306136b53705d018b05e9e2bfcaf9fc2c79ce48629c70dd14255ce79e47651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://happynewyear23.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 21:10:43 GMT
x-content-type-options
nosniff
age
71522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39500
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 15:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Feb 2024 21:10:43 GMT
KFO9CniXp96a4Tc2DaTeuDAoKsE615hHW36MAA.woff2
fonts.gstatic.com/s/asap/v26/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v26/KFO9CniXp96a4Tc2DaTeuDAoKsE615hHW36MAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Asap:ital,wght@0,500;0,700;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a114bd20180b9db55a0de663666411f0be5f5637e827ef69773f2e2485c171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://happynewyear23.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 14:23:22 GMT
x-content-type-options
nosniff
age
95963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30680
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 15:46:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Feb 2024 14:23:22 GMT
click
ev.mobstra.com/event/ 		26 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/click?v=UX-B-ttHA1y&u=https:%2F%2Fhappynewyear23.ru%2F
Requested by
Host: ev.mobstra.com
URL: https://ev.mobstra.com/event/js?v=UX-B-ttHA1y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.126.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.102.126.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4dfc0b89fdd6a671e8562a7d79978059fca9aa77e136613d8a5e113e017a2c15

Request headers

Accept
application/json, text/plain, */*
Referer
https://happynewyear23.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 17:02:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
26
Content-Type
text/plain; charset=utf-8
footer
ev.mobstra.com/event/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/footer?f=600105660
Requested by
Host: ev.mobstra.com
URL: https://ev.mobstra.com/event/js?v=UX-B-ttHA1y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.126.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.102.126.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be1d762015af4f187904e7dcce71fc29b440ae9eb750218e7281824b8178b408

Request headers

Accept
application/json, text/plain, */*
Referer
https://happynewyear23.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 17:02:45 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
1017
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| mbp object| webpackJsonp

0 Cookies