urlscan.io logo urlscan.io
SecurityTrails logo

blueskymotions.net Open in urlscan Pro
185.177.94.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html
Effective URL: https://blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Submission: On November 08 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 185.177.94.108, located in and belongs to . The main domain is blueskymotions.net.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.
This is the only time blueskymotions.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 98.129.229.50 53824 (LIQUIDWEB)
2 5 91.211.91.114 206638 (HOSTFORY)
1 91.211.91.104 206638 (HOSTFORY)
1 185.177.94.108 ()
11 5
Apex Domain
Subdomains		 Transfer
5 weatherplllatform.com
main.weatherplllatform.com — Cisco Umbrella Rank: 689983
go.weatherplllatform.com — Cisco Umbrella Rank: 561657
cdn.weatherplllatform.com — Cisco Umbrella Rank: 758827
4 KB
1 blueskymotions.net
blueskymotions.net Failed
0.blueskymotions.net Failed
18 KB
1 cdnbestplatform.com
away.cdnbestplatform.com — Cisco Umbrella Rank: 344315
557 B
1 abundancealive.com
abundancealive.com
3 KB
0 bettershitecolumn.com Failed
away.bettershitecolumn.com Failed
11 5
Domain Requested by
3 go.weatherplllatform.com 2 redirects main.weatherplllatform.com
go.weatherplllatform.com
1 blueskymotions.net away.cdnbestplatform.com
1 away.cdnbestplatform.com go.weatherplllatform.com
1 cdn.weatherplllatform.com abundancealive.com
1 main.weatherplllatform.com abundancealive.com
1 abundancealive.com
0 0.blueskymotions.net Failed abundancealive.com
0 away.bettershitecolumn.com Failed cdn.weatherplllatform.com
11 8

This site contains no links.

Subject Issuer Validity Valid
main.weatherplllatform.com
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
go.weatherplllatform.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
cdn.weatherplllatform.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
away.cdnbestplatform.com
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
blueskymotions.net
R3		 2022-10-25 -
2023-01-23		 3 months crt.sh

This page contains 1 frames:

Frame: https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Frame ID: 0861520988DAF5BAD8E3954C4270E270
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-... Page URL
  2. https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
    https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
    https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
  3. https://blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17 Page URL

Page Statistics

11
Requests

45 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

5
IPs

2
Countries

26 kB
Transfer

31 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html Page URL
  2. https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
    https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
    https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
  3. https://blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
  • https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
  • https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html
abundancealive.com/news/article-10384865/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html
Protocol
HTTP/1.1
Server
98.129.229.50 , United States, ASN53824 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4 /
Resource Hash
63d1a5b5869eee1bc6402b64fbba324d3a2ef08ae9aa340a6151ed7a0b457442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
2891
Content-Type
text/html; charset=UTF-8
Date
Tue, 08 Nov 2022 17:38:53 GMT
Server
Apache/2.4
cdn.js
main.weatherplllatform.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.weatherplllatform.com/cdn.js?v=1.3.9
Requested by
Host: abundancealive.com
URL: http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
97ace9f2b3e1ab15b911363a273a2b807d10089c39603e1327616d36535ed8fb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://abundancealive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:38:55 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Tue, 18 Oct 2022 12:23:20 GMT
server
nginx
etag
W/"634e9ab8-d0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
follow.js
go.weatherplllatform.com/fly/ 		172 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.weatherplllatform.com/fly/follow.js?v=3.7.3
Requested by
Host: main.weatherplllatform.com
URL: https://main.weatherplllatform.com/cdn.js?v=1.3.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://abundancealive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:38:57 GMT
strict-transport-security
max-age=15768000;
server
nginx
x-powered-by
PHP/7.3.33
content-length
172
content-type
text/html; charset=UTF-8
base.js
cdn.weatherplllatform.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weatherplllatform.com/base.js?v=33.4
Requested by
Host: abundancealive.com
URL: http://abundancealive.com/news/article-10384865/Nancy-Pelosi-says-thinks-Manchin-agree-support-Bidens-Build-Better-plan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
05ef9bfd66dae3164848fdf3d71c46be48eb894850bcd692a37ab410b81a0f86
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://abundancealive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:38:56 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 20:14:42 GMT
server
nginx
etag
W/"6334ab32-1835"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
speak.php
away.bettershitecolumn.com/ 		0
0
speak.php
away.bettershitecolumn.com/ 		0
0
fly.php
go.weatherplllatform.com/ 		0
0
go.php
away.cdnbestplatform.com/
Redirect Chain
  • https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
  • https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29
  • https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
836 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
Requested by
Host: go.weatherplllatform.com
URL: https://go.weatherplllatform.com/fly/follow.js?v=3.7.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
http://abundancealive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
414
content-type
text/html; charset=UTF-8
date
Tue, 08 Nov 2022 17:38:59 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 08 Nov 2022 17:38:57 GMT
location
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
server
nginx
strict-transport-security
max-age=15768000;
x-powered-by
PHP/7.3.33
/
blueskymotions.net/ 		0
0
Primary Request /
blueskymotions.net/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Requested by
Host: away.cdnbestplatform.com
URL: https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a56404877b06ef857b58f8cd9b3c23aceac33b1f47e622f8d344737c5275f9d5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 08 Nov 2022 17:39:00 GMT
server
nginx
strict-transport-security
max-age=31536000
/
0.blueskymotions.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
away.bettershitecolumn.com
URL
https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
Domain
away.bettershitecolumn.com
URL
https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
Domain
go.weatherplllatform.com
URL
https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
Domain
blueskymotions.net
URL
https://blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Domain
0.blueskymotions.net
URL
https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
abundancealive.com/ Name: X-Mapping-ocpcmbel
Value: 2D02F40D96695C27054719FECC096114