whybbluosa.click - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 198.23.135.21, located in Dallas, United States and belongs to AS-COLOCROSSING, CA. The main domain is whybbluosa.click.
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.

This is the only time whybbluosa.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	198.23.135.21 198.23.135.21		36352 (AS-COLOCR...) (AS-COLOCROSSING)
7	2

6 198.23.135.21 (Dallas, United States)

ASN36352 (AS-COLOCROSSING, CA)
PTR: 198-23-135-21-host.colocrossing.com

whybbluosa.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	whybbluosa.click whybbluosa.click	92 KB
7	1

	Domain	Requested by
6	whybbluosa.click	whybbluosa.click
7	1

This site contains links to these domains. Also see Links.

Domain
www.lrmb.net
www.photovaco.com
validator.w3.org
jigsaw.w3.org

Subject Issuer	Validity	Valid
www.whybbluosa.click R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://whybbluosa.click/
Frame ID: 1E096FEE5E9679148FE1DEC94D94EE72
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Site - free website template

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

92 kB
Transfer

91 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lrmb.net/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.photovaco.com/
Title: Photovaco.com

Search URL Search Domain Scan URL

URL: http://validator.w3.org/check?uri=referer
Title: XHTML

Search URL Search Domain Scan URL

URL: http://jigsaw.w3.org/css-validator/check/referer
Title: CSS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
whybbluosa.click/ 8 KB
9 KB 706ms
207ms Document
text/html 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL

https://whybbluosa.click/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

21dab04e7657903fc3cfaed01e76bcea36aa4c7ec2b5c64a04b05a94a4420de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 8656
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 17:58:15 GMT
etag: "61d31084-21d0"
last-modified: Mon, 03 Jan 2022 15:04:36 GMT
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET templatemo_style.css
whybbluosa.click/ 0
0

GET
H2 200 templatemo_logo.png
whybbluosa.click/images/ 6 KB
7 KB 159ms
157ms Image
text/plain 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whybbluosa.click/images/templatemo_logo.png

Requested by

Host: whybbluosa.click
URL: https://whybbluosa.click/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

512b00d1f5891ad6472d07b9d391615212f9843a63d8064856ca9f07a691de4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whybbluosa.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:58:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 15:04:36 GMT
server: nginx
etag: "61d31084-1967"
x-frame-options: DENY
content-type: text/plain; charset=utf-8
accept-ranges: bytes
content-length: 6503
x-xss-protection: 1; mode=block

GET
H2 200 templatemo_image_02.jpg
whybbluosa.click/images/ 28 KB
28 KB 342ms
339ms Image
image/jpeg 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whybbluosa.click/images/templatemo_image_02.jpg

Requested by

Host: whybbluosa.click
URL: https://whybbluosa.click/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

4acc6db4c1d263f2b80f10b991042da5ad8e02ecb96d23f26e2cb9c6097936e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whybbluosa.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:58:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 15:04:36 GMT
server: nginx
etag: "61d31084-6e4c"
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
content-length: 28236
x-xss-protection: 1; mode=block

GET
H2 200 templatemo_image_03.jpg
whybbluosa.click/images/ 38 KB
38 KB 204ms
181ms Image
image/jpeg 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whybbluosa.click/images/templatemo_image_03.jpg

Requested by

Host: whybbluosa.click
URL: https://whybbluosa.click/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

729dd6b9cdde6077adb2ba27bb2a50830273cb75f4cc71570b8fb2324d1db0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whybbluosa.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:58:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 15:04:36 GMT
server: nginx
etag: "61d31084-988f"
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
content-length: 39055
x-xss-protection: 1; mode=block

GET
H2 200 templatemo_image_01.jpg
whybbluosa.click/images/ 9 KB
10 KB 342ms
320ms Image
image/jpeg 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whybbluosa.click/images/templatemo_image_01.jpg

Requested by

Host: whybbluosa.click
URL: https://whybbluosa.click/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

136bf37f253c9fac886f3049813eb0297aef13609a1349c7f19c2cd59402e1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whybbluosa.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:58:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 15:04:36 GMT
server: nginx
etag: "61d31084-25fd"
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
content-length: 9725
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
whybbluosa.click/ 548 B
654 B 150ms
150ms Other
text/html 198.23.135.21
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL

https://whybbluosa.click/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

198.23.135.21 Dallas, United States, ASN36352 (AS-COLOCROSSING, CA),

Reverse DNS

198-23-135-21-host.colocrossing.com

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://whybbluosa.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:58:15 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 548
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: whybbluosa.click
URL: https://whybbluosa.click/templatemo_style.css

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clearText

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://whybbluosa.click/ Message: Refused to apply style from 'https://whybbluosa.click/templatemo_style.css' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	warning	URL: https://whybbluosa.click/(Line 40) Message: Mixed Content: The page at 'https://whybbluosa.click/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.lrmb.net/'. This endpoint should be made available over a secure connection.
network	error	URL: https://whybbluosa.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

whybbluosa.click
whybbluosa.click
198.23.135.21
136bf37f253c9fac886f3049813eb0297aef13609a1349c7f19c2cd59402e1d0
21dab04e7657903fc3cfaed01e76bcea36aa4c7ec2b5c64a04b05a94a4420de4
4acc6db4c1d263f2b80f10b991042da5ad8e02ecb96d23f26e2cb9c6097936e4
512b00d1f5891ad6472d07b9d391615212f9843a63d8064856ca9f07a691de4a
729dd6b9cdde6077adb2ba27bb2a50830273cb75f4cc71570b8fb2324d1db0bf
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

whybbluosa.click Open in urlscan Pro 198.23.135.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

92 kBTransfer

91 kBSize

0 Cookies

4 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

whybbluosa.click Open in urlscan Pro
198.23.135.21 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

92 kB
Transfer

91 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions