blu3mercy.xyz Open in urlscan Pro
167.235.4.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blu3mercy.xyz/
Submission: On November 11 via automatic, source urlhaus (November 11th 2022, 7:08:25 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 167.235.4.117, located in Germany and belongs to HETZNER-AS, DE. The main domain is blu3mercy.xyz.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.

This is the only time blu3mercy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	167.235.4.117 167.235.4.117	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.55.163.71 23.55.163.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	3

6 167.235.4.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ha-127.brandesar.com

blu3mercy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.163.71 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-163-71.deploy.static.akamaitechnologies.com

cdn.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

avatars.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	blu3mercy.xyz blu3mercy.xyz	99 KB
2	steamstatic.com 1 redirects cdn.akamai.steamstatic.com — Cisco Umbrella Rank: 16427 avatars.steamstatic.com — Cisco Umbrella Rank: 172898	10 KB
0	googleapis.com Failed fonts.googleapis.com Failed
8	3

	Domain	Requested by
6	blu3mercy.xyz	blu3mercy.xyz
1	avatars.steamstatic.com	blu3mercy.xyz
1	cdn.akamai.steamstatic.com	1 redirects
0	fonts.googleapis.com Failed	blu3mercy.xyz
8	4

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
html5up.net

Subject Issuer	Validity	Valid
blu3mercy.xyz R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blu3mercy.xyz/
Frame ID: 08AB5824FB494A82A2A267E37DDD00E2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tayyab 'Blu3Mercy' K

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

8
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

109 kB
Transfer

145 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/blu3mercy
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Blu3mercycs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://html5up.net/
Title: HTML5 UP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/ba/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg HTTP 302
https://avatars.steamstatic.com/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response blu3mercy.xyz/	4 KB 1 KB	122ms 23ms	Document text/html	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://blu3mercy.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `5a6ddea49dcde3610cba390e1f5dad6db569bd2c8f68bc4dd0e24aae6ec8a234` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-encoding br content-length 952 content-type text/html date Fri, 11 Nov 2022 19:08:20 GMT last-modified Thu, 29 Sep 2022 03:05:13 GMT vary Accept-Encoding,User-Agent
GET H2	200	main.css blu3mercy.xyz/assets/css/	17 KB 4 KB	24ms 24ms	Stylesheet text/css	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://blu3mercy.xyz/assets/css/main.css Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `03ee42d6bb85a9dc0c49f11819d341ae3788374a527ff0f86ce7aa233709d255` Request headers accept-language de-DE,de;q=0.9 Referer https://blu3mercy.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT content-encoding br last-modified Wed, 28 Sep 2022 02:45:43 GMT vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 3566 expires Fri, 18 Nov 2022 19:08:20 GMT
GET H2	200	baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg avatars.steamstatic.com/ Redirect Chain https://cdn.akamai.steamstatic.com/steamcommunity/public/images/avatars/ba/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg https://avatars.steamstatic.com/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg	9 KB 10 KB	299ms 50ms	Image image/jpeg	2a02:26f0:6c00::210:ba12 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.steamstatic.com/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/ Protocol H2 Server 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `2241423f6154fb67a23dedf2ad067d786f4af7673333d2c5edc3a68cea3ac954` Request headers accept-language de-DE,de;q=0.9 Referer https://blu3mercy.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT last-modified Sat, 19 Mar 2022 10:46:11 GMT server nginx etag "fc4102af27792ddce3b93163903f3207" x-guploader-uploadid ADPycduZ-sRauLI-zrLSdZPEaZdGuaXrGeMSqfeWjlVjHcGFWS5PzjdI8-oO6Ep6kw7PTS-oi52ImHrT-VPpLiIwIiPW content-type image/jpeg access-control-allow-origin * cache-control public, max-age=314387585 accept-ranges bytes content-length 9554 expires Thu, 28 Oct 2032 13:01:25 GMT Redirect headers Date Fri, 11 Nov 2022 19:08:20 GMT Server nginx/1.10.3 (Ubuntu) Content-Type text/html Location https://avatars.steamstatic.com/baded1b29814c1848b4b3e38cbec346cc5598cce_full.jpg Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 Connection keep-alive Content-Length 170 Expires Mon, 08 Nov 2032 19:08:20 GMT
GET H2	200	font-awesome.min.css blu3mercy.xyz/assets/css/	26 KB 6 KB	24ms 24ms	Stylesheet text/css	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://blu3mercy.xyz/assets/css/font-awesome.min.css Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/assets/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829` Request headers accept-language de-DE,de;q=0.9 Referer https://blu3mercy.xyz/assets/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT content-encoding br last-modified Wed, 28 Sep 2022 02:45:43 GMT vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 5723 expires Fri, 18 Nov 2022 19:08:20 GMT
GET		css fonts.googleapis.com/	0 0

GET H2	200	overlay.png blu3mercy.xyz/assets/css/images/	3 KB 3 KB	24ms 24ms	Image image/png	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://blu3mercy.xyz/assets/css/images/overlay.png Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/assets/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `26ecd94fe4337eda5b2f1e37d73b53491561163802ee97f264e3ef30f59334ae` Request headers accept-language de-DE,de;q=0.9 Referer https://blu3mercy.xyz/assets/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT last-modified Wed, 28 Sep 2022 02:45:43 GMT vary User-Agent content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 3045 expires Fri, 18 Nov 2022 19:08:20 GMT
GET H2	200	bg.jpg blu3mercy.xyz/images/	23 KB 23 KB	25ms 25ms	Image image/jpeg	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://blu3mercy.xyz/images/bg.jpg Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/assets/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `b251fc7723cd93e34b22df57093d9b5aece01e1933545c83e9ab5b5e58fdb15d` Request headers accept-language de-DE,de;q=0.9 Referer https://blu3mercy.xyz/assets/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT last-modified Wed, 28 Sep 2022 02:45:43 GMT vary User-Agent content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 23359 expires Fri, 18 Nov 2022 19:08:20 GMT
GET H2	200	fontawesome-webfont.woff2 blu3mercy.xyz/assets/fonts/	63 KB 63 KB	47ms 47ms	Font font/woff2	167.235.4.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://blu3mercy.xyz/assets/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: blu3mercy.xyz URL: https://blu3mercy.xyz/assets/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.235.4.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ha-127.brandesar.com Software / Resource Hash `3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019` Request headers Referer https://blu3mercy.xyz/assets/css/font-awesome.min.css Origin https://blu3mercy.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 19:08:20 GMT last-modified Wed, 28 Sep 2022 02:45:43 GMT vary User-Agent content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes content-length 64464 expires Fri, 18 Nov 2022 19:08:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:300

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://blu3mercy.xyz/ Message: Mixed Content: The page at 'https://blu3mercy.xyz/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Source+Sans+Pro:300'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.steamstatic.com
blu3mercy.xyz
cdn.akamai.steamstatic.com
fonts.googleapis.com
fonts.googleapis.com
167.235.4.117
23.55.163.71
2a02:26f0:6c00::210:ba12
03ee42d6bb85a9dc0c49f11819d341ae3788374a527ff0f86ce7aa233709d255
2241423f6154fb67a23dedf2ad067d786f4af7673333d2c5edc3a68cea3ac954
26ecd94fe4337eda5b2f1e37d73b53491561163802ee97f264e3ef30f59334ae
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
5a6ddea49dcde3610cba390e1f5dad6db569bd2c8f68bc4dd0e24aae6ec8a234
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
b251fc7723cd93e34b22df57093d9b5aece01e1933545c83e9ab5b5e58fdb15d

blu3mercy.xyz Open in urlscan Pro 167.235.4.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

109 kBTransfer

145 kBSize

0 Cookies

3 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

blu3mercy.xyz Open in urlscan Pro
167.235.4.117 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

109 kB
Transfer

145 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions