urlscan.io logo urlscan.io
SecurityTrails logo

newyearnewme.app Open in urlscan Pro
2606:4700:20::681a:a22  Public Scan

Go To Rescan Add Verdict Report
URL: https://newyearnewme.app/
Submission Tags: phishingrod
Submission: On February 29 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2606:4700:20::681a:a22, located in United States and belongs to CLOUDFLARENET, US. The main domain is newyearnewme.app.
TLS certificate: Issued by GTS CA 1P5 on January 1st 2024. Valid for: 3 months.
This is the only time newyearnewme.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 54.75.36.233 16509 (AMAZON-02)
9 3
Apex Domain
Subdomains		 Transfer
8 newyearnewme.app
newyearnewme.app
143 KB
1 nye.page
auth.nye.page
9 2
Domain Requested by
8 newyearnewme.app 1 redirects newyearnewme.app
1 auth.nye.page newyearnewme.app
9 2

This site contains no links.

Subject Issuer Validity Valid
newyearnewme.app
GTS CA 1P5		 2024-01-01 -
2024-03-31		 3 months crt.sh
auth.nye.page
ZeroSSL ECC Domain Secure Site CA		 2023-12-31 -
2024-03-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://newyearnewme.app/
Frame ID: 16F91F645A749091616ABF2C48639A34
Requests: 6 HTTP requests in this frame

Frame: https://newyearnewme.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: 9EAAD976E1B961BACEDC30E77231AE0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Year's Eve

Page Statistics

9
Requests

78 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

143 kB
Transfer

426 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://newyearnewme.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://newyearnewme.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newyearnewme.app/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204ff8985b9d447a2babf4de4c5280e2bc44e1dd0e2fed172a723759ccbc41ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85d097c17ce32bb0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 11:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Bg5FNhnqR9IMgy9gMg5J88FCT83dguXGBeSUZZIJd7TmfsA5VkIp1N%2F651bGBwjuyguN%2BCpdFIpfIC6pmfzCULJi7WDpirwshL3Wjf0oAmoJqxm7uNjrBRtaNgpcTk02FxCzmexi94rQburvbAb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
index-Qcn8pWBG.js
newyearnewme.app/assets/ 		259 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/assets/index-Qcn8pWBG.js
Requested by
Host: newyearnewme.app
URL: https://newyearnewme.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9a0ab7e2077e70259d81ee62c98f2bf10c92b62a4e69ae3b62f090994944b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newyearnewme.app/
Origin
https://newyearnewme.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"f367974a6d4220e5aa28e2cba40eff12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYso7tVtpwZW1KjdQt7iAFFMN43WJM%2BfRTltgiB4COhF3SbDCidTqV9n21XS2uOsmEajzjDzZBQ344juHNkdILk2HNFKF21oorxwQq4sPVzh2z%2FwH5y3xQGuoguychD%2F8HtpoPSYdI2Y%2FM9dkzcW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85d097c21d5c2bb0-FRA
alt-svc
h3=":443"; ma=86400
G6kSzgdV.js
newyearnewme.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/G6kSzgdV.js
Requested by
Host: newyearnewme.app
URL: https://newyearnewme.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce30d49f8afa5b010aff7604899ecd33cc13984df6ef3071e5283861ee89da96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newyearnewme.app/
Origin
https://newyearnewme.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"b435d33db978fbaf75a254c8893b3b5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiRHew425SBoVFGKRl%2FhdU2Z2odvaVlW6TTnqjr9Pekmt294ldAGHt5%2BZfv2KFNHBXs29pzoT3dCuB1YsJcDHUPEFzmyOuqhC2T2L6bjfini0gGhlA4T27aHyFAsnTL7Y9VPFXVX9XtCU9GKVUYG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85d097c21d5f2bb0-FRA
alt-svc
h3=":443"; ma=86400
yY-_MrVw.js
newyearnewme.app/ 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/yY-_MrVw.js
Requested by
Host: newyearnewme.app
URL: https://newyearnewme.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15029cdb5de635d51ea3c92983971fdaa91a85e625c4c32a4621bb1801e6cd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newyearnewme.app/
Origin
https://newyearnewme.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"710ea345f3933af84ec35c1e5e13aab5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDd2XRssmNSjvpyIE5B5s23OWm5l5M%2B84QTxHooBZm%2BtvWR9S6Mp4jaBO4RjygpSSnUxiD0AnjsgZpaIVTj9ZI5XSPqSLgCNt%2F5KLmC%2BfL3laaMJuOL9dmkf1CYl2kiSE6iu3n6%2F170rVMARXIAw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85d097c21d602bb0-FRA
alt-svc
h3=":443"; ma=86400
index-3KbueXKS.css
newyearnewme.app/assets/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/assets/index-3KbueXKS.css
Requested by
Host: newyearnewme.app
URL: https://newyearnewme.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018cf34553eb972d3e6037c603701bea621889fb93526e3df9cb5d46d8d3ed12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newyearnewme.app/
Origin
https://newyearnewme.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"e3ebd5ba68312d95c7131b66b8d79ef9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8Zdhx4UlVmkYIXd5BKns6WlnKuoaTClNMUGyglo18JyI4w8c61HGiQyaS5a8H4sl%2FkxJsPPnXFxiZ2WE2%2FaclBQKfXAR0PzhERITuaE%2FR8K%2FP5Q%2BRoTH2tlDFE9LK3rUVyF7cB0JLaiHvB%2BDuIS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85d097c21d5a2bb0-FRA
alt-svc
h3=":443"; ma=86400
main.js
newyearnewme.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame 9EAA
Redirect Chain
  • https://newyearnewme.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://newyearnewme.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Protocol
H3
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8283b0383d71685b697214dada30cb0d45dd604ad4dba1221c394903f6ee6eb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSx4urnojP753FUeM%2BbeaVRi%2BmV1KeFJQNtsn%2BZw6SEkS5dFMxFXCA03p7NoNSVb%2FdmPZf1oaIGecgmPueaWZ0nApffv5MhLQ4E6FAdMjw%2B6T3Mh7Sx1OVBWuV9ehi%2FIHPQ1pMc92VmtcNKZJxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85d097c37cf35d4a-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 29 Feb 2024 11:33:30 GMT
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uabpVlzJmHBnONOnfP%2Bm6f%2BTKJV5Gq0UjacS2n%2BfTM2fuiROkpZubEe34kaEfEhSMwTy4%2F4cQIadWxMSRCXJ85PoVuoh%2BfQJizkJJuqgJN9DbJ%2BujI2%2F0j6p33BZSiHY4vS%2Bt%2BnHDRkPEgbJXc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
cache-control
max-age=300, public
cf-ray
85d097c35cd55d4a-FRA
alt-svc
h3=":443"; ma=86400
token
auth.nye.page/oauth2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.nye.page/oauth2/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.75.36.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-36-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
kinde-sdk
Access-Control-Request-Method
POST
Origin
https://newyearnewme.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
*, Kinde-SDK
access-control-allow-methods
GET, POST
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 29 Feb 2024 11:33:31 GMT
vary
Origin
token
auth.nye.page/oauth2/ 		0
0
85d097c17ce32bb0
newyearnewme.app/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9EAA 		0
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newyearnewme.app/cdn-cgi/challenge-platform/h/g/jsd/r/85d097c17ce32bb0
Requested by
Host: newyearnewme.app
URL: https://newyearnewme.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Feb 2024 11:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3%2FYBAae3MJtuIZo8a14BszxzPxCP2QBT7XyH1kEec2pF%2FvNEgWqx1JZyYUv9oAJaQsg81KKrNa7Md0QjzVYKLmz0Ryr6eZkS9hlPCC3Kqt8bj7SYmpDZxYcuANRnTbOOU%2FSt%2BQinesQz6edzFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85d097c40d455d4a-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.nye.page
URL
https://auth.nye.page/oauth2/token

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.newyearnewme.app/ Name: cf_clearance
Value: UsunGx6tQvt8zhcjBg3okkhsa1v4hUrT8KFfkQGtA.E-1709206410-1.0-AVGu5bPTcWrhR6rPhz5vzMy13I0X1iNRBSlYuL5FxCkhmdlznxPEJASyMb8vFwyUmM3AuVqyDrC5xO+TD2gJyCc=

2 Console Messages

Source Level URL
Text
javascript error URL: https://newyearnewme.app/
Message:
Access to fetch at 'https://auth.nye.page/oauth2/token' from origin 'https://newyearnewme.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://auth.nye.page/oauth2/token
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff