helloskygreen.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.urdreamlf.com/85SPX7/2KTQH2G/
Effective URL:
https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.co...
Submission: On December 16 via api (December 16th 2024, 7:45:13 am UTC) from DE — Scanned from DK

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is helloskygreen.com.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.

This is the only time helloskygreen.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:d202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	1

1 2606:4700:3030::ac43:d202 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.urdreamlf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

helloskygreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	helloskygreen.com helloskygreen.com	9 MB
1	urdreamlf.com 1 redirects www.urdreamlf.com	1 KB
24	2

	Domain	Requested by
24	helloskygreen.com	helloskygreen.com
1	www.urdreamlf.com	1 redirects
24	2

This site contains no links.

Subject Issuer	Validity	Valid
helloskygreen.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp
Frame ID: 58EBFA3D1BBF2E00A7E393880CFF8C17
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADAC - Umfragebelohnungen

Page URL History Show full URLs

https://www.urdreamlf.com/85SPX7/2KTQH2G/ HTTP 302
https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.c... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

8966 kB
Transfer

9798 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.urdreamlf.com/85SPX7/2KTQH2G/ HTTP 302
https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response helloskygreen.com/Z53FSH/2T32BD7/ Redirect Chain https://www.urdreamlf.com/85SPX7/2KTQH2G/? https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp	44 KB 9 KB	1009ms 375ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash `768520b0d92b35c4bc01a61dcd538706e30d2d929db57893e0c886b0ff4d267b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f2d0d073bafbe3f-CPH content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 16 Dec 2024 07:44:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6BjEIQfa5%2Byrbtly70MAsYaMl89NxCgCeUvAyqcN8nh8QzZl8cwzQSMJAVFN8KMadRl5fFNr5y86Nw1fidKnj931U5q7oHzcBHnbwEnUK9Gu4zjSEniz%2Fv5pXArWAape9%2FUVlcFuLjugkud4OiO3g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=41165&min_rtt=36582&rtt_var=11861&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4192&recv_bytes=4556&delivery_rate=484&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=945&x=1" cfExtPri cfHdrFlush;dur=0 x-powered-by PHP/8.0.30 Redirect headers accept-ch Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f2d0cff2db4ebca-CPH content-type text/html; charset=utf-8 date Mon, 16 Dec 2024 07:44:54 GMT location https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FOfYAf5aL%2F7fcpSXyA8tyCzcB0DI%2Fzco6QOoIBgjA7rPCwfjsm7By5R8PKnBNRGXnz4PuQx5D6CxpocBHQb3NhwO7KBZKvQjA%2F8OLRPyfykCwyrY6UfZW7SqxhB8IPz%2FD%2Boi0rGFFXFfw2xa7pgAHw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=35493&min_rtt=30704&rtt_var=10307&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4041&recv_bytes=2369&delivery_rate=129700&cwnd=253&unsent_bytes=0&cid=9daeee4bb1d60fa0&ts=693&x=0" vary Origin x-eflow-request-id b4cdcf50-8834-41de-b5d4-c4e0cf8bf0df
GET H3	200	style.css helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	16 KB 4 KB	67ms 66ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/style.css Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9402dc3acea12a0f74c921fdb10931aafdb61da326d39c64ea90cd0f88f62843` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers content-encoding zstd cf-cache-status HIT etag W/"3edc-622df06e72ccb" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCcKK7iCMXUN%2BZH4e3GkyE1mD58wl9UEoit%2BF2zmYeBWFnRagmYsrr80ic8%2FxMDS0JJwBOb7pPoQgmDnOHC9Mz8XxdgNDRDpJkh7EsvlRfocVjWZYv78ewVZKw%2FhsV4y8l1pYJ6ONFz1xLrbGn0D3w%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=44722&min_rtt=30673&rtt_var=14459&sent=33&recv=24&lost=0&retrans=0&sent_bytes=22675&recv_bytes=7407&delivery_rate=9833&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1257&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 16 Dec 2024 07:44:55 GMT content-type text/css last-modified Tue, 24 Sep 2024 15:19:09 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0abe3f-CPH server cloudflare
GET H3	200	animate.min.css helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	70 KB 7 KB	65ms 62ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/animate.min.css Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers content-encoding zstd cf-cache-status HIT etag W/"11846-622df06ad7f2c" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bj%2BOozgGMbAWyCTKyvd2TfKWSXysZXopiim9x6GQW60xExSPzr0m0VFTvW95MBs%2F4gFREK%2FKmGaXZQ%2FEW5shfBsC6%2Fi1w%2F0G7uMjhIb1V3%2BRewscHxxBuLLCUOwjrP4vOLn%2Fu0NKDH5M78xeen2Alw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=44722&min_rtt=30673&rtt_var=14459&sent=26&recv=24&lost=0&retrans=0&sent_bytes=14832&recv_bytes=7407&delivery_rate=9833&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1257&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 16 Dec 2024 07:44:55 GMT content-type text/css last-modified Tue, 24 Sep 2024 15:19:05 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0bbe3f-CPH server cloudflare
GET H3	200	all.js Show response helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	1 MB 439 KB	1051ms 1048ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/all.js Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://helloskygreen.com Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers content-encoding zstd cf-cache-status HIT etag W/"1242a2-622df06bb88ec" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=418fRjPsttPTxdbpvQmEgcEuN1zeXT%2F52wYzDkQlFkw5C4KL9iAKJ5xOTghrpSJtfhgLRexONti9jnIOkrcaXBe%2FqicGgab1wQRPJ1ZDyo9y8WEobO3hTl8gtSzKif%2Fi7vTB7h%2BpCXztIDMvANbEcQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1580&x=1", cfExtPri, cfHdrFlush;dur=9 date Mon, 16 Dec 2024 07:44:55 GMT content-type application/javascript last-modified Tue, 24 Sep 2024 15:19:06 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f01be3f-CPH server cloudflare
GET H3	200	datehead.js Show response helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	2 KB 2 KB	62ms 56ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/datehead.js Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e060ccf23f1760f9f5b5b0e72f5dfbb979c2f442112c0a19576e0c141b2b61b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers content-encoding zstd cf-cache-status HIT etag W/"99b-622df06a2d0cd" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38Nf%2BQOoSl4t2b%2FgdcKTsWpavdxhBv89by%2Ft%2B9m4miz%2FZj2NJT6pa1Pr2D9bcYmOp89a1E31%2FSlfJ0sRoyaSjLFJj14%2BsdjShVEt8mdKtYMqef6bBa%2BEgUMR3vA8pUj2Z%2BL2HpDOSIQkrwBG6lo3kw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=44722&min_rtt=30673&rtt_var=14459&sent=25&recv=24&lost=0&retrans=0&sent_bytes=14110&recv_bytes=7407&delivery_rate=9833&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1257&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 16 Dec 2024 07:44:55 GMT content-type application/javascript last-modified Tue, 24 Sep 2024 15:19:04 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0cbe3f-CPH server cloudflare
GET H3	200	64d5p99gj0 Show response helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	8 KB 9 KB	316ms 311ms	Script text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/64d5p99gj0 Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4f88d06e6022a4a5b893b3d3ed3a457763d03a7af4372b9f09ecc06d7597aaec` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag "1fcc-622df06d5c7ab" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8SyI0LHi2jviPZwyespZlEOh44o30d0XdIJsjYK%2B68Jo%2FwyJ0OYu86v8C4ltm7Zg0yOuhEcpen1%2BqQMu33mzvOhQ9c4aaWEInz92WihFZDUlljqASK1Bxf1feBMXrAVivC8OAtoVLS4VbQLJxem3A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0dbe3f-CPH accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37575&min_rtt=30673&rtt_var=6450&sent=55&recv=41&lost=0&retrans=0&sent_bytes=45215&recv_bytes=8970&delivery_rate=417444&cwnd=21600&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1526&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 8140 date Mon, 16 Dec 2024 07:44:55 GMT last-modified Tue, 24 Sep 2024 15:19:07 GMT server cloudflare priority u=1,i=?0
GET H3	200	logo.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	13 KB 14 KB	89ms 85ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/logo.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6ad817e680e7e89c5593b6871316b33bb6fe60e0c129ec98a1bf19f0211438a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "3596-622df06db45eb" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6ObM9y7TmZ4QcElRrNkBLEpAtRTF%2FRO1yZFudd%2FnEVO3xaSXFdH%2BxdnfVUqg6XdMi0llHKVrarZFXEj91%2FlNgmT5w6Foj5p%2FKIdH6%2BuDehqPQQppNiDDOEQCq5sfNuY6VmBjaHczm3ZuhXgwJdUgg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=44722&min_rtt=30673&rtt_var=14459&sent=37&recv=24&lost=0&retrans=0&sent_bytes=26110&recv_bytes=7407&delivery_rate=9833&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1258&x=1", cfExtPri, cfHdrFlush;dur=41 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:08 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0ebe3f-CPH accept-ranges bytes content-length 13718 server cloudflare
GET H3	200	flaglogo.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	2 KB 3 KB	88ms 85ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/flaglogo.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "998-622df06e3d16b" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoesmLZTvyLfeWrJemzQcEm2tkdFn43wPdDPAjDLd%2Fn8EkZ5gmcLMdHStsM1aHqQGdH32lfm4q0%2Fks5CIN4R%2F7RHbqfIFwpGe%2FLSh51wDvEM%2Fpf46uPHWRCiAfFUsQOBC9ov4QUvHtljjYYKyk5Emw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=44722&min_rtt=30673&rtt_var=14459&sent=37&recv=24&lost=0&retrans=0&sent_bytes=26110&recv_bytes=7407&delivery_rate=9833&cwnd=12000&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1258&x=1", cfExtPri, cfHdrFlush;dur=41 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:08 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0b3e0fbe3f-CPH accept-ranges bytes content-length 2456 server cloudflare
GET H3	200	product.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	1 MB 1 MB	48ms 47ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/product.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd64d193b13884349f3e9744957d10458ea4b5a8d709c03d1c4c8b4143965f87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "11e30b-622df06c12e3c" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AGpv6QZZGg5yCVTqVGmjfUdGM1HDZi8NXh8fWLgTUHtF3%2F9v2G9A4UCk5qhjHWl8FLc5UikE%2BOWdQfD0vV332Ljp%2FrZ1ieA0ofGYvSqN8caFcOuvvhB%2FeEo8%2BU19WQwycxMSurTcmyHW2NMxRaZ5g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37575&min_rtt=30673&rtt_var=6450&sent=63&recv=41&lost=0&retrans=0&sent_bytes=54214&recv_bytes=8970&delivery_rate=417444&cwnd=21600&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1533&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:06 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0cfed2be3f-CPH accept-ranges bytes content-length 1172235 server cloudflare
GET H3	200	loadingRD.gif helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	121 KB 122 KB	66ms 65ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/loadingRD.gif Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8426ce592fcfa7c59cc83781492b73a99b07b3796687f981ebda85aac588cffd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "1e5a8-622df06a78bbd" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gU3YLNA9bucLvQ3tJJZFlociyNsPhV4qzbdePQbptgkeLESBkvagr%2BhX9ue%2BIc39YB8ZMo62L4h0zk1qj9iy5L6ETBpNw6dGPIuqSu40ai3IgadQoxnk2FZrf5zjAVVn2SbwDdNPS9IPzyp9EVRVIA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37575&min_rtt=30673&rtt_var=6450&sent=74&recv=41&lost=0&retrans=0&sent_bytes=66815&recv_bytes=8970&delivery_rate=417444&cwnd=21600&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1535&x=1", cfExtPri, cfHdrFlush;dur=23 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/gif last-modified Tue, 24 Sep 2024 15:19:04 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0cfed3be3f-CPH accept-ranges bytes content-length 124328 server cloudflare
GET H3	200	prize1.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	1 MB 1 MB	58ms 55ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/prize1.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c0acefaab37732f6979096afcc259d00ed81235bab3b723e592db986a98d1b75` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "11e319-622df06f584aa" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sg3blMmP%2Bu4VwTyzOszCm0WZv4fYum1HPAvClD%2FgNzgjOeR1JY2xrMgbNkWwcSjEmIr6q9MYzAXGed6qrJAqcL1tPPfHApbSGeRQbo2K0DYV%2F4DsGM41WpN6IRFUdCAhK0qoSvHUYPS3lK8%2FMDkVbg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1580&x=1", cfExtPri, cfHdrFlush;dur=9 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:10 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3efebe3f-CPH accept-ranges bytes content-length 1172249 server cloudflare
GET H3	200	1.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	44 KB 45 KB	1399ms 1395ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/1.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "b0d0-622df070a934a" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTapr6yQDMcDkD3NoLzkjr9b2pklr%2Bjra1PFKv0M68cOdQUzYlSHmsAirJcLy82%2B7PAJTInlrTvccnEMSYGKMVdWnQo1jhNLk66vRNwvE2H1FeuaPYuHL%2FB3%2F3BQp9J9hp2KGpXJ3J5z9sPjabDWUA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1579&x=1", cfExtPri, cfHdrFlush;dur=10 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:11 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f02be3f-CPH accept-ranges bytes content-length 45264 server cloudflare
GET H3	200	2.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	45 KB 45 KB	1375ms 1373ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/2.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "b223-622df0701b9aa" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2Ff7MEfWF5ZcigIIIoWs%2BU9kK5SjxFvQjI0aQ2%2BYEcVoIBiuVYF%2FN1OBdVz5%2FuX9908DdQtl7eobUlLpwqemg0Cjxqaydmz4i1MZH9Sg0AHP7Sh3hPrhQ52w7uHCF8aUL9wljThZGNjvW%2BjfsgFWYA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1579&x=1", cfExtPri, cfHdrFlush;dur=10 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:10 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f03be3f-CPH accept-ranges bytes content-length 45603 server cloudflare
GET H3	200	comm_pic_1.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	117 KB 118 KB	1396ms 1393ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/comm_pic_1.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `624a7a5d76af17f419dc83d2d76da7169984a8c0aab3e6dcca44d65f1a3bda9c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "1d326-622df06ca07dc" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3bDKHRVGnZfi7OLL%2FKUioenkZL2Sm9ogFWA6vK%2BEj%2B8cWEndmZpB2dMmkWaAEghM2e%2FB%2BDV6DMkYR%2FWECWafvX4yWfoBT3UdWIoQSmeVWuhuQ%2FlK3KVa2nUWsetbS6LWzgpzCRoHePJaQnWv3mGGCA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1579&x=1", cfExtPri, cfHdrFlush;dur=10 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:07 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f04be3f-CPH accept-ranges bytes content-length 119590 server cloudflare
GET H3	200	3.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	38 KB 39 KB	1396ms 1393ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/3.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "982d-622df07069baa" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5a0LWYjln8FkZarNUIVC5DXKd6XzCIGQ30UCCcQWw0GaIqKe1G1OdBGQkXZPzR%2BopT8jnwIlaHpKzyzISsB9LYZFRp3kSIeV6kxACwNoP9GM7xbFBIXBR8G65llVYmtPOJu8OdZUwhV4ay7wUVNvg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1579&x=1", cfExtPri, cfHdrFlush;dur=10 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:11 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f05be3f-CPH accept-ranges bytes content-length 38957 server cloudflare
GET H3	200	4.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	38 KB 39 KB	1396ms 1393ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/4.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "97bf-622df06f0066a" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzNlzyHb6tclq8mOEfequtqG%2F2DBQ%2Fx1oU1F2L406iC8o0qa0D7bpf4RVzx9eRKb%2Fpo7GaU87g2dLufz%2BGBRdI74wxLzED7F18C6U06CFsuesJOMs1Foyblq3RIb%2BYmahQRNgHXdjFCinmNpJ5yjJA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1583&x=1", cfExtPri, cfHdrFlush;dur=6 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:09 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f06be3f-CPH accept-ranges bytes content-length 38847 server cloudflare
GET H3	200	comm_pic_2.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	101 KB 102 KB	1398ms 1395ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/comm_pic_2.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fceb0d068af15a9a7f7e1164b97f543a1755fcadfe95ca71dea2eb8dbd07be1d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "19383-622df06d2935b" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wR8tganQu4gu%2B5kAguF%2B3DfsKYa%2FP5JL7vxVLn6rFOCR1cIVTuNTS2uGj041%2FJaHoX8jA9g9jUA55S1E2PbROyskEMTGwyKcsE962RmLJtdehoEoYvoGTgyp709wbZDQtdTcGKW3MKQfHLOsJTo6Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1581&x=1", cfExtPri, cfHdrFlush;dur=8 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:07 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f07be3f-CPH accept-ranges bytes content-length 103299 server cloudflare
GET H3	200	5.jpg helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	46 KB 47 KB	1358ms 1356ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/5.jpg Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "b7ec-622df06f8e00a" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHW4OP%2FteMmx49GsEGF1bhBoa5Kvp0XAx5q46c1keuoJckVDkqw56MJeSP%2B4DSgg0CCoxXLjuH%2BMA%2FEVWqdAfsuQi7veh2LvNNW5ODVMmzcoV5HLPEz7JssbGWFWXIC2ATLJeDfiLawr7Tgeda5WlA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1585&x=1", cfExtPri, cfHdrFlush;dur=20 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/jpeg last-modified Tue, 24 Sep 2024 15:19:10 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f08be3f-CPH accept-ranges bytes content-length 47084 server cloudflare
GET H3	200	f_guarantee.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	6 KB 7 KB	1358ms 1356ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/f_guarantee.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "18d0-622df06c4628c" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3SHw0sLCQZqDfOyHl7KKG%2Bw1gIbpROBW%2BTguOgWN6yzsbgeQ0vO%2FGx%2BMuc%2BkxxROMD9eE6Dk%2BOzf0ttlY2NEqXUho08FM6q9ZVwoNJ%2F%2BBPC3Tg1uLCJ%2BJEPptUUwO3552Z%2FWvhpTNjlzqQGt0ZhhA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1581&x=1", cfExtPri, cfHdrFlush;dur=24 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:06 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f09be3f-CPH accept-ranges bytes content-length 6352 server cloudflare
GET H3	200	f_secure_1.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	10 KB 10 KB	1373ms 1370ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/f_secure_1.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "2686-622df06fe102a" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjNRPIRWsR7A6TRYv65jMTJ8pbdR0mYLMXwE2AbfXoE2P8MaI0mrxevgpSIv1mIRARUCB0ooJaGMRknSJXMTsgIbo%2FvgamqRUDLF9YveTky4XnlZl%2Frl7dfrHPGi7%2BvBnFFmFjaEsUuIna5esTkkYg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1580&x=1", cfExtPri, cfHdrFlush;dur=25 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:10 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f0abe3f-CPH accept-ranges bytes content-length 9862 server cloudflare
GET H3	200	logo2.png helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	13 KB 14 KB	1390ms 1388ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/logo2.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d877dd303e4b50075c2bf184f028747608f46cac0d896f7a2c5477d4d0e67159` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cf-cache-status HIT etag "35b7-622df06de7a3b" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P45YpJa1dstALdN4NP89M6tYZ3zueXvq9vtaTLqsFOyI3rNYyfItKzGZb4hHymhJp7k0Ps578CHKRE4CGL8eRD4%2FgZS5ITkjXKlkBqATm%2Fy95vTYOmcAW9hFWc6x8uQzYX2nTjZ5nADp1egH5IHErg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40151&min_rtt=30673&rtt_var=5549&sent=109&recv=63&lost=0&retrans=0&sent_bytes=108214&recv_bytes=15095&delivery_rate=674071&cwnd=41400&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1581&x=1", cfExtPri, cfHdrFlush;dur=24 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Tue, 24 Sep 2024 15:19:08 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f0bbe3f-CPH accept-ranges bytes content-length 13751 server cloudflare
GET H3	200	script.js Show response helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/	9 KB 2 KB	631ms 626ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/script.js?ve=9 Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc96baeea1a6a9f75af79966492e579ca458206cb41ff12d8cb8767dd93050de` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"2413-62390dcdd6a50" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BSdSnTOZUADD39Uh7FRdVkVWP4NjraWhYB7uZ2%2F9Lou%2FMNL6P9Qo%2F7Excmu0t1WxuE8zy9c6qaBF%2FgmiILHlZ6qOu5xBHQB1B%2FtIe3bb%2B9CcJ41fMrlr59fkwBMraSnZ%2BMdTuQgRIWF3Q45JOb5Yg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f2d0d0d3f00be3f-CPH alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=40553&min_rtt=30673&rtt_var=4677&sent=1420&recv=206&lost=124&retrans=124&sent_bytes=1646191&recv_bytes=22213&delivery_rate=4107726&cwnd=173531&unsent_bytes=0&cid=9b4d1a48090dd562&ts=2141&x=1", cfExtPri, cfHdrFlush;dur=18 date Mon, 16 Dec 2024 07:44:56 GMT content-type application/javascript last-modified Thu, 03 Oct 2024 11:29:08 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	bg.png helloskygreen.com/Z53FSH/2T32BD7/images/	5 MB 5 MB	1344ms 1343ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://helloskygreen.com/Z53FSH/2T32BD7/images/bg.png Requested by Host: helloskygreen.com URL: https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `feb708ba71322adfdc0dbd394ac38676f123bb2d47f28205ad59627d7450289a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/ADAC_Umfragebelohnungen_files/style.css Response headers cf-cache-status HIT etag "57713c-6280e6325be6e" age 619 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ulect42pQVK%2FD6RFn5fKgA1jSaknnT4wVRlaB8cBw1t%2B1vqMHQt3mMbITIEOKIIBH2ItytT2x2yu87gdCYsepF3Ugo8l5Y0ursbniSOKfwVj8DtpIrZGl0TbmYtl0OFMz%2FpOUzkxg7si5KhmLhs4DQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32175&min_rtt=30673&rtt_var=1094&sent=215&recv=83&lost=0&retrans=0&sent_bytes=230040&recv_bytes=16326&delivery_rate=1435905&cwnd=99600&unsent_bytes=0&cid=9b4d1a48090dd562&ts=1634&x=1", cfExtPri, cfHdrFlush;dur=2 date Mon, 16 Dec 2024 07:44:55 GMT content-type image/png last-modified Fri, 29 Nov 2024 14:55:18 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f2d0d0d8f2bbe3f-CPH accept-ranges bytes content-length 5730620 server cloudflare
GET H3	404	favicon.ico helloskygreen.com/	196 B 861 B	389ms 389ms	Other text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helloskygreen.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://helloskygreen.com/Z53FSH/2T32BD7/?source_id=158&sub1=479f275419224bfcbdab39ca37dc0fb8&dm=www.celestialnovaforce.com%2Fcmp Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z709FGIUe4q%2F8pET%2BgrMHdGGYKMwDuSbmHpRMRoZh59w7FPVLbBjpJ9Ve7CFfhI0zmv4QRu40cXQg9WJ%2BJutSsyHCMek4PPhxeQLMdwTTKG%2BiEhfvD1chfKu4WSijBBnx2LKe3bwMZbTuB0ENgF8Mg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f2d0d2d39b4be3f-CPH alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=39481&min_rtt=30348&rtt_var=10537&sent=8461&recv=994&lost=489&retrans=489&sent_bytes=9972874&recv_bytes=58614&delivery_rate=463684&cwnd=50554&unsent_bytes=0&cid=9b4d1a48090dd562&ts=7032&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 16 Dec 2024 07:45:01 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare priority u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.urdreamlf.com/	1970-01-21 02:15:49	Name: uniqueClick_2KTQH2G Value: 09c0580a-fb8f-4ef6-adf3-cd525c47469c:1734335094
			www.urdreamlf.com/	1970-01-21 03:55:11	Name: transaction_id Value: 479f275419224bfcbdab39ca37dc0fb8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://helloskygreen.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helloskygreen.com
www.urdreamlf.com
2606:4700:3030::ac43:d202
2a06:98c1:3121::3
08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6
12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529
36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18
4e060ccf23f1760f9f5b5b0e72f5dfbb979c2f442112c0a19576e0c141b2b61b
4f88d06e6022a4a5b893b3d3ed3a457763d03a7af4372b9f09ecc06d7597aaec
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
624a7a5d76af17f419dc83d2d76da7169984a8c0aab3e6dcca44d65f1a3bda9c
768520b0d92b35c4bc01a61dcd538706e30d2d929db57893e0c886b0ff4d267b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8426ce592fcfa7c59cc83781492b73a99b07b3796687f981ebda85aac588cffd
9402dc3acea12a0f74c921fdb10931aafdb61da326d39c64ea90cd0f88f62843
9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4
bc96baeea1a6a9f75af79966492e579ca458206cb41ff12d8cb8767dd93050de
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0acefaab37732f6979096afcc259d00ed81235bab3b723e592db986a98d1b75
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
cd64d193b13884349f3e9744957d10458ea4b5a8d709c03d1c4c8b4143965f87
d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3
d877dd303e4b50075c2bf184f028747608f46cac0d896f7a2c5477d4d0e67159
f6ad817e680e7e89c5593b6871316b33bb6fe60e0c129ec98a1bf19f0211438a
fceb0d068af15a9a7f7e1164b97f543a1755fcadfe95ca71dea2eb8dbd07be1d
feb708ba71322adfdc0dbd394ac38676f123bb2d47f28205ad59627d7450289a

helloskygreen.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

8966 kBTransfer

9798 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

helloskygreen.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

8966 kB
Transfer

9798 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!