happynewyear.gofromagazine.com Open in urlscan Pro
185.104.45.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://happynewyear.gofromagazine.com/
Effective URL:
http://happynewyear.gofromagazine.com/
Submission Tags: phishingrod
Submission: On January 22 via api (January 22nd 2023, 3:09:46 am UTC) from DE — Scanned from DE

Summary HTTP 7 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 185.104.45.199, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is happynewyear.gofromagazine.com.

This is the only time happynewyear.gofromagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 9	185.104.45.199 185.104.45.199		200000 (UKRAINE-AS) (UKRAINE-AS)
7	2

9 185.104.45.199 (Ukraine) 3 redirects

ASN200000 (UKRAINE-AS, UA)
PTR: d145.default-host.net

happynewyear.gofromagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gofromagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gofromagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gofromagazine.com 3 redirects happynewyear.gofromagazine.com www.gofromagazine.com gofromagazine.com	68 KB
7	1

	Domain	Requested by
6	happynewyear.gofromagazine.com	1 redirects happynewyear.gofromagazine.com
2	www.gofromagazine.com	2 redirects
1	gofromagazine.com	happynewyear.gofromagazine.com
7	3

This site contains links to these domains. Also see Links.

Domain
www.gofromagazine.com
www.facebook.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://happynewyear.gofromagazine.com/
Frame ID: 1B6F62FA6CBE506B32998DDED6A25E5C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Happy New Yaer 2019!

Page URL History Show full URLs

https://happynewyear.gofromagazine.com/ HTTP 301
http://happynewyear.gofromagazine.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

67 kB
Transfer

212 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gofromagazine.com/
Title: visit to our web site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TMT-Media-Group-Corrugated-Industry-304645873078748/
Title: facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://happynewyear.gofromagazine.com/ HTTP 301
http://happynewyear.gofromagazine.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif HTTP 301
https://www.gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif HTTP 301
https://gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif

7 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response happynewyear.gofromagazine.com/ Redirect Chain https://happynewyear.gofromagazine.com/ http://happynewyear.gofromagazine.com/	3 KB 1 KB	144ms 86ms	Document text/html	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL http://happynewyear.gofromagazine.com/ Protocol HTTP/1.1 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash `e94c5493e5899e580c4afbe6e33a0762e6f3018cc44715bb04de736690bc78c5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 22 Jan 2023 03:09:41 GMT ETag W/"ad8-57cfadd529ae2" Last-Modified Fri, 14 Dec 2018 12:49:40 GMT Server nginx Transfer-Encoding chunked x-ray p356:0.000/wn22444:0.000/wal22444:D=5932 Redirect headers content-length 162 content-type text/html date Sun, 22 Jan 2023 03:09:41 GMT location http://happynewyear.gofromagazine.com/ server nginx x-ray p356:0.000/wn22444:0.000/
GET H2	404	banner-NY-en.gif gofromagazine.com/wp-content/uploads/2018/12/ Redirect Chain http://www.gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif https://www.gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif https://gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif	0 0	283ms 249ms	Image text/html	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif Requested by Host: happynewyear.gofromagazine.com URL: http://happynewyear.gofromagazine.com/ Protocol H2 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://happynewyear.gofromagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Redirect headers location https://gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif x-page-speed on date Sun, 22 Jan 2023 03:09:41 GMT x-ray p356:0.000/wn22444:0.010/wa22444:D=2442 cache-control max-age=0, no-cache server nginx content-type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	206 Partial Content	JINGLE-GELLS-GOFRO.ogg happynewyear.gofromagazine.com/	34 KB 0	48ms 48ms	Media audio/ogg	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL http://happynewyear.gofromagazine.com/JINGLE-GELLS-GOFRO.ogg Requested by Host: happynewyear.gofromagazine.com URL: http://happynewyear.gofromagazine.com/ Protocol HTTP/1.1 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash Request headers Referer http://happynewyear.gofromagazine.com/ Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Range bytes=0- Response headers Date Sun, 22 Jan 2023 03:09:41 GMT x-ray p356:0.000/wn22444:0.000/wal22444:D=2833 Last-Modified Fri, 14 Dec 2018 10:14:43 GMT Server nginx ETag "20065c-57cf8b32f3136" Content-Type audio/ogg Content-Range bytes 0-2098779/2098780 Connection keep-alive Content-Length 2098780
GET H/1.1	206 Partial Content	JINGLE-GELLS-GOFRO.ogg happynewyear.gofromagazine.com/	12 KB 0	104ms 70ms	Media audio/ogg	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL http://happynewyear.gofromagazine.com/JINGLE-GELLS-GOFRO.ogg Requested by Host: happynewyear.gofromagazine.com URL: http://happynewyear.gofromagazine.com/ Protocol HTTP/1.1 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash Request headers Referer http://happynewyear.gofromagazine.com/ Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Range bytes=0- Response headers Date Sun, 22 Jan 2023 03:09:41 GMT x-ray p356:0.000/wn22444:0.010/wal22444:D=2290 Last-Modified Fri, 14 Dec 2018 10:14:43 GMT Server nginx ETag "20065c-57cf8b32f3136" Content-Type audio/ogg Content-Range bytes 0-2098779/2098780 Connection keep-alive Content-Length 2098780
GET H/1.1	206 Partial Content	JINGLE-GELLS-GOFRO.mp3 happynewyear.gofromagazine.com/	97 KB 0	132ms 88ms	Media audio/mpeg	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL http://happynewyear.gofromagazine.com/JINGLE-GELLS-GOFRO.mp3 Requested by Host: happynewyear.gofromagazine.com URL: http://happynewyear.gofromagazine.com/ Protocol HTTP/1.1 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash Request headers Referer http://happynewyear.gofromagazine.com/ Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Range bytes=0- Response headers Date Sun, 22 Jan 2023 03:09:41 GMT x-ray p356:0.000/wn22444:0.000/ Last-Modified Fri, 14 Dec 2018 10:00:09 GMT Server nginx ETag "5c137f29-124112" Content-Type audio/mpeg Content-Range bytes 0-1196305/1196306 Connection keep-alive Content-Length 1196306
GET DATA	200 OK	truncated /	180 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	354 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	206 Partial Content	JINGLE-GELLS-GOFRO.ogg happynewyear.gofromagazine.com/	66 KB 66 KB	134ms 90ms	Media audio/ogg	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL http://happynewyear.gofromagazine.com/JINGLE-GELLS-GOFRO.ogg Requested by Host: happynewyear.gofromagazine.com URL: http://happynewyear.gofromagazine.com/ Protocol HTTP/1.1 Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash `891189b3caba622a892f3fe4935d22b7bea22de2f15e7ae76fcad15fd6c76964` Request headers Referer http://happynewyear.gofromagazine.com/ Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Range bytes=2031616- Response headers Date Sun, 22 Jan 2023 03:09:41 GMT x-ray p356:0.000/wn22444:0.000/wal22444:D=2650 Last-Modified Fri, 14 Dec 2018 10:14:43 GMT Server nginx ETag "20065c-57cf8b32f3136" Content-Type audio/ogg Content-Range bytes 2031616-2098779/2098780 Connection keep-alive Content-Length 67164
GET		JINGLE-GELLS-GOFRO.ogg happynewyear.gofromagazine.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: happynewyear.gofromagazine.com
URL: http://happynewyear.gofromagazine.com/JINGLE-GELLS-GOFRO.ogg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gofromagazine.com/wp-content/uploads/2018/12/banner-NY-en.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gofromagazine.com
happynewyear.gofromagazine.com
www.gofromagazine.com
happynewyear.gofromagazine.com
185.104.45.199
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
891189b3caba622a892f3fe4935d22b7bea22de2f15e7ae76fcad15fd6c76964
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94c5493e5899e580c4afbe6e33a0762e6f3018cc44715bb04de736690bc78c5

happynewyear.gofromagazine.com Open in urlscan Pro 185.104.45.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

2 IPs

1 Countries

67 kBTransfer

212 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

happynewyear.gofromagazine.com Open in urlscan Pro
185.104.45.199 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

67 kB
Transfer

212 kB
Size

0
Cookies

7 HTTP transactions
3 data transactions