urlscan.io logo urlscan.io
SecurityTrails logo

blueskyactivecontrol.net Open in urlscan Pro
185.177.94.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uvetonline.com/
Effective URL: https://blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89
Submission: On August 23 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 185.177.94.108, located in and belongs to . The main domain is blueskyactivecontrol.net.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time blueskyactivecontrol.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 91.211.91.114 206638 (HOSTFORY)
1 2 45.155.121.224 35277 (LLHOST-IN...)
1 91.211.91.104 206638 (HOSTFORY)
1 185.177.94.108 ()
8 6
1    2606:4700:3031::ac43:b98b (United States)

ASN13335 (CLOUDFLARENET, US)
uvetonline.com
1    91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)
simple.cofounderspecials.com
2    45.155.121.224 (Katowice, Poland)

ASN35277 (LLHOST-INC-SRL, RO)
PTR: vps.24399345.llhost-inc.eu
space.bettershitecolumn.com
1    91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)
door.cofounderspecials.com
1    185.177.94.108 (None, )

ASN- ()
blueskyactivecontrol.net
Apex Domain
Subdomains		 Transfer
2 bettershitecolumn.com
space.bettershitecolumn.com — Cisco Umbrella Rank: 538933 Failed
1 KB
2 cofounderspecials.com
simple.cofounderspecials.com
door.cofounderspecials.com — Cisco Umbrella Rank: 667255
3 KB
1 blueskyactivecontrol.net
blueskyactivecontrol.net Failed
0.blueskyactivecontrol.net Failed
18 KB
1 uvetonline.com
uvetonline.com
777 B
8 4
Domain Requested by
2 space.bettershitecolumn.com uvetonline.com
1 blueskyactivecontrol.net door.cofounderspecials.com
1 door.cofounderspecials.com uvetonline.com
1 simple.cofounderspecials.com uvetonline.com
1 uvetonline.com
0 0.blueskyactivecontrol.net Failed uvetonline.com
8 6

This site contains no links.

Subject Issuer Validity Valid
simple.cofounderspecials.com
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
door.cofounderspecials.com
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
space.bettershitecolumn.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
blueskyactivecontrol.com
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh

This page contains 1 frames:

Frame: https://0.blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89
Frame ID: AD6E59642F297A6C39D3DB284884587C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://uvetonline.com/ Page URL
  2. https://space.bettershitecolumn.com/cadfl8k.php?key=osyg7q7bz5ig7cma3vc7 HTTP 302
    https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejh... Page URL
  3. https://blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89 Page URL

Page Statistics

8
Requests

50 %
HTTPS

20 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

23 kB
Transfer

33 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uvetonline.com/ Page URL
  2. https://space.bettershitecolumn.com/cadfl8k.php?key=osyg7q7bz5ig7cma3vc7 HTTP 302
    https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898 Page URL
  3. https://blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://space.bettershitecolumn.com/cadfl8k.php?key=osyg7q7bz5ig7cma3vc7 HTTP 302
  • https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
uvetonline.com/ 		109 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
http://uvetonline.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56472cc1ce3fb5ded262e3f23ffc4cae5d72d91f27a45f9b19f28a19b80df019

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
73f1bff3ee95918c-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 06:21:45 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HymxLs0z4C%2FbztzFHigNba33w%2BBpfH348lKD5%2FpAxX7n15yFUgE0KKJq2wiwF4Vd6KuGFUWk0SG2cJxk39nLjIkXjL3D9w2KCXghFuA%2FdujHLEbk5x3dXCKf%2FCkr219zngcWB8YQa0WqqycMPg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.js
simple.cofounderspecials.com/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simple.cofounderspecials.com/tag.js?v=2.00
Requested by
Host: uvetonline.com
URL: http://uvetonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://uvetonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:21:47 GMT
content-encoding
gzip
last-modified
Sat, 20 Aug 2022 10:26:28 GMT
server
nginx
etag
W/"6300b6d4-3997"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
expires
Thu, 31 Dec 2037 23:55:55 GMT
cadfl8k.php
space.bettershitecolumn.com/ 		0
0
way.php
door.cofounderspecials.com/
Redirect Chain
  • https://space.bettershitecolumn.com/cadfl8k.php?key=osyg7q7bz5ig7cma3vc7
  • https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898
844 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898
Requested by
Host: uvetonline.com
URL: http://uvetonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
http://uvetonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-length
416
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 06:21:49 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 06:21:48 GMT
Location
https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
cadfl8k.php
space.bettershitecolumn.com/ 		303 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://space.bettershitecolumn.com/cadfl8k.php?key=0df7sfualwr6glfeh2t5&lp_type=pixel
Requested by
Host: uvetonline.com
URL: http://uvetonline.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.155.121.224 Katowice, Poland, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS
vps.24399345.llhost-inc.eu
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://uvetonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 06:21:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.22.0
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
/
blueskyactivecontrol.net/ 		0
0
Primary Request /
blueskyactivecontrol.net/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89
Requested by
Host: door.cofounderspecials.com
URL: https://door.cofounderspecials.com/way.php?cid=436757&lid=88443&tid=65478433&uclick=gxe8ejho&uclickhash=gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
02fe2dd48d828337a306a7bc751da64601c4773be54d2f6331fb9315760d482d
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://door.cofounderspecials.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 06:21:50 GMT
server
nginx
strict-transport-security
max-age=31536000
/
0.blueskyactivecontrol.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
space.bettershitecolumn.com
URL
https://space.bettershitecolumn.com/cadfl8k.php?key=osyg7q7bz5ig7cma3vc7
Domain
blueskyactivecontrol.net
URL
https://blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89
Domain
0.blueskyactivecontrol.net
URL
https://0.blueskyactivecontrol.net/?p=gm2gezrzhe5gi3bpg42daoi&sub2=stonny89

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Domain/Path Name / Value
uvetonline.com/ Name: uclick
Value: gxe8ej1n
space.bettershitecolumn.com/ Name: uclick
Value: gxe8ejho
space.bettershitecolumn.com/ Name: uclickhash
Value: gxe8ejho-gxe8ejho-i4-0-i4-dz-bl-0cd898