![](/screenshots/d3946e31-abc6-4159-8f97-ef53a562b6e2.png)
0.greenskymotions.com
Open in
urlscan Pro
185.177.94.152
Public Scan
Effective URL: https://0.greenskymotions.com/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed17
Submission: On December 21 via api from SE — Scanned from SE
Summary
TLS certificate: Issued by R3 on December 18th 2022. Valid for: 3 months.
This is the only time 0.greenskymotions.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 212.76.85.96 212.76.85.96 | 41176 (SAHARANET...) (SAHARANET-AS Sahara Net Main NOC AS) | |
2 5 | 91.211.91.114 91.211.91.114 | 206638 (HOSTFORY) (HOSTFORY) | |
1 | 91.211.91.104 91.211.91.104 | 206638 (HOSTFORY) (HOSTFORY) | |
2 | 185.177.94.152 185.177.94.152 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 185.177.92.179 185.177.92.179 | () () | |
10 | 6 |
ASN41176 (SAHARANET-AS Sahara Net Main NOC AS, SA)
PTR: sl19.sahara.net.sa
www.jomac-ksa.com |
ASN206638 (HOSTFORY, UA)
cdn.weatherplllatform.com | |
go.weatherplllatform.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-152.ah-server.com
greenskymotions.com | |
0.greenskymotions.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
weatherplllatform.com
2 redirects
cdn.weatherplllatform.com go.weatherplllatform.com |
3 KB |
2 |
greenskymotions.com
greenskymotions.com Failed 0.greenskymotions.com |
104 KB |
2 |
jomac-ksa.com
1 redirects
www.jomac-ksa.com |
1 KB |
1 |
di4.biz
di4.biz |
|
1 |
cdnbestplatform.com
away.cdnbestplatform.com |
553 B |
10 | 5 |
Domain | Requested by | |
---|---|---|
3 | go.weatherplllatform.com |
2 redirects
cdn.weatherplllatform.com
go.weatherplllatform.com |
2 | cdn.weatherplllatform.com |
www.jomac-ksa.com
|
2 | www.jomac-ksa.com | 1 redirects |
1 | di4.biz |
www.jomac-ksa.com
|
1 | 0.greenskymotions.com |
www.jomac-ksa.com
|
1 | greenskymotions.com |
away.cdnbestplatform.com
|
1 | away.cdnbestplatform.com |
go.weatherplllatform.com
|
10 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jomac-ksa.com cPanel, Inc. Certification Authority |
2022-10-01 - 2022-12-30 |
3 months | crt.sh |
cdn.weatherplllatform.com R3 |
2022-11-13 - 2023-02-11 |
3 months | crt.sh |
go.weatherplllatform.com R3 |
2022-09-25 - 2022-12-24 |
3 months | crt.sh |
away.cdnbestplatform.com R3 |
2022-10-27 - 2023-01-25 |
3 months | crt.sh |
greenskymotions.com R3 |
2022-12-18 - 2023-03-18 |
3 months | crt.sh |
di4.biz R3 |
2022-11-27 - 2023-02-25 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://di4.biz/?auf=gjstmzlfha5dcnrqgixtcmjrhe3c6nbpmy2tezlemi2dklzrgixtcnrxge3dgojrgy2a&p=b&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0
Frame ID: AD42C04814E257F8242FAF76B131CFF9
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/d3946e31-abc6-4159-8f97-ef53a562b6e2.png)
Page Title
## Please tap the Allow button to continue ##Page URL History Show full URLs
-
http://www.jomac-ksa.com/.well-known/anti/torsion/
HTTP 301
https://www.jomac-ksa.com/.well-known/anti/torsion/ Page URL
-
https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
HTTP 302
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
- https://greenskymotions.com/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed17 Page URL
- https://0.greenskymotions.com/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed17 Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.jomac-ksa.com/.well-known/anti/torsion/
HTTP 301
https://www.jomac-ksa.com/.well-known/anti/torsion/ Page URL
-
https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
HTTP 302
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
- https://greenskymotions.com/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed17 Page URL
- https://0.greenskymotions.com/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed17 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.jomac-ksa.com/.well-known/anti/torsion/ HTTP 301
- https://www.jomac-ksa.com/.well-known/anti/torsion/
- https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
- https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
- https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.jomac-ksa.com/.well-known/anti/torsion/ Redirect Chain
|
897 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
cdn.weatherplllatform.com/ |
2 KB 818 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
result.js
cdn.weatherplllatform.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow.js
go.weatherplllatform.com/fly/ |
172 B 300 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fly.php
go.weatherplllatform.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.php
away.cdnbestplatform.com/ Redirect Chain
|
828 B 553 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mu4genjugq5dcmjrhe3a
greenskymotions.com/go/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mu4genjugq5dcmjrhe3a
greenskymotions.com/go/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
0.greenskymotions.com/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
di4.biz/ |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- go.weatherplllatform.com
- URL
- https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
- Domain
- greenskymotions.com
- URL
- https://greenskymotions.com/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed17
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| languages undefined| text string| relevanteLang string| lang function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.greenskymotions.com/ | Name: uuid Value: fe2d9fb7-11f2-4a89-889c-9a70ae60ace8 |
|
.0.greenskymotions.com/ | Name: uuid Value: fe2d9fb7-11f2-4a89-889c-9a70ae60ace8 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.greenskymotions.com
away.cdnbestplatform.com
cdn.weatherplllatform.com
di4.biz
go.weatherplllatform.com
greenskymotions.com
www.jomac-ksa.com
go.weatherplllatform.com
greenskymotions.com
185.177.92.179
185.177.94.152
212.76.85.96
91.211.91.104
91.211.91.114
47c26583ed4752d1629f66750f49472cfa5dec16e9dee950f3d87df4c3aa1605
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
97ace9f2b3e1ab15b911363a273a2b807d10089c39603e1327616d36535ed8fb
be7d4031d64bb895a738d867d36304137c2ee03d584d2a8a64d03c46995e1f76
d0abde5ec9b61db80e8df95c74edfc9e91844a929aa3695bc6ee4e21c7487f23
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69