newyearsletters.be
Open in
urlscan Pro
62.213.219.59
Public Scan
URL:
https://newyearsletters.be/
Submission Tags: phishingrod
Submission: On March 07 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On March 07 via api from DE — Scanned from DE
Summary
This website contacted 6 IPs
in 4 countries
across 6 domains to perform 16 HTTP transactions.
The main IP is 62.213.219.59, located in
Herent, Belgium and
belongs to STUART-AS Stuart Networks, Brussels datacenter, Belgium, BE.
The main domain is newyearsletters.be.
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.
This is the only time newyearsletters.be was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.
This is the only time newyearsletters.be was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 62.213.219.59 62.213.219.59 | 28707 (STUART-AS...) (STUART-AS Stuart Networks) | |
| 2 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2001:4860:480... 2001:4860:4802:38::178 | 15169 (GOOGLE) (GOOGLE) | |
| 16 | 6 |
9
62.213.219.59
(Herent, Belgium)
ASN28707 (STUART-AS Stuart Networks, Brussels datacenter, Belgium, BE)
PTR: 62.213.219.59.one.cloudstar.be
ASN28707 (STUART-AS Stuart Networks, Brussels datacenter, Belgium, BE)
PTR: 62.213.219.59.one.cloudstar.be
| newyearsletters.be |
1
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
newyearsletters.be
newyearsletters.be |
3 MB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 |
20 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339 |
132 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
811 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
47 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 693 |
30 KB |
| 16 | 6 |
| Domain | Requested by | |
|---|---|---|
| 9 | newyearsletters.be |
newyearsletters.be
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | cdn.jsdelivr.net |
newyearsletters.be
cdn.jsdelivr.net |
| 1 | fonts.googleapis.com |
newyearsletters.be
|
| 1 | www.googletagmanager.com |
newyearsletters.be
|
| 1 | code.jquery.com |
newyearsletters.be
|
| 16 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.oddball.be |
| www.creatief.be |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| newyearsletters.be R3 |
2023-03-07 - 2023-06-05 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://newyearsletters.be/
Frame ID: 41FA2B06A752DDF013F248BD0C2E60C4
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Oddball - Happy New EarsDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.oddball.be/
Search URL Search Domain Scan URL
URL: https://www.creatief.be/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
newyearsletters.be/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/ |
93 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
global.min.css
newyearsletters.be/assets/css/ |
258 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oddball-creatief.svg
newyearsletters.be/assets/img/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oddball-icon.svg
newyearsletters.be/assets/img/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
creatief-icon.svg
newyearsletters.be/assets/img/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.bundle.min.js
newyearsletters.be/assets/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
newyearsletters.be/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
121 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oddball_-_newyear_rabbit_animation_16-9_v3.mp4
newyearsletters.be/assets/video/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newyearletter.mp4
newyearsletters.be/assets/video/ |
2 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
959 B 811 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/ |
118 KB 119 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery number| uidEvent object| bootstrap object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .newyearsletters.be/ | Name: _ga Value: GA1.2.1628914601.1678188942 |
|
| .newyearsletters.be/ | Name: _gid Value: GA1.2.384240641.1678188942 |
|
| .newyearsletters.be/ | Name: _gat_UA-188264747-2 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
newyearsletters.be
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:38::178
2001:4de0:ac18::1:a:3b
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a04:4e42:400::485
62.213.219.59
0209c308038f5510a68cc686cdc325254a280650b86b8866b957c44a0428938a
04510766373ec71a8a22916bd88e235325658459fe89b42ce142d1a4c8bdb2ed
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
54d7ebe18856db34ed60832e0b09edbfbb47dbca264a5ea481ddc7a87fec0848
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a798286c19a9280eed009575160b0ec8fd807e1fc06712c70f997f4fe5d23b3
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9aad2556ddde17ac780cb016d369964f01b79ab09249bac051daa9ad30cbcac0
9fa7f66bab5b4c1d404deda54e8013fbd49c8f97f43ff0f63eeb35434acffa4e
ba7fb6055110503b28874d88d6b811343879ddc7a848dc7daeff8614c11149e2
be6c52a2b4a142797855ccbc7d336ea21c0452bfbda4aa2b0c4c5fc21b267574
d56dc246337537840d1fc2346a3774bc29a26a39421b5c8c2558f0c26159ed53
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d