Submitted URL: http://www.bluesstayawayfromme.com/
Effective URL: https://www.bluesstayawayfromme.com/
Submission: On July 29 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 72.167.253.128, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.bluesstayawayfromme.com.
TLS certificate: Issued by R10 on July 25th 2024. Valid for: 3 months.
This is the only time www.bluesstayawayfromme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 72.167.253.128 26496 (AS-26496-...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains
Transfer
15 bluesstayawayfromme.com
www.bluesstayawayfromme.com
190 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 225
accounts.google.com — Cisco Umbrella Rank: 46
113 KB
0 paypal.com Failed
images.paypal.com Failed
21 3
Domain Requested by
15 www.bluesstayawayfromme.com www.bluesstayawayfromme.com
3 apis.google.com www.bluesstayawayfromme.com
apis.google.com
1 accounts.google.com apis.google.com
0 images.paypal.com Failed www.bluesstayawayfromme.com
21 4
Subject Issuer Validity Valid
www.bluesstayawayfromme.com
R10
2024-07-25 -
2024-10-23
3 months crt.sh
*.apis.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
accounts.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.bluesstayawayfromme.com/
Frame ID: 64FC6712EA4BC1E2D50CDB26DF2961F0
Requests: 15 HTTP requests in this frame

Frame: https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Frame ID: 33507BE8F31B9AF424621F35A21B51F0
Requests: 11 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.bluesstayawayfromme.com&url=https%3A%2F%2Fwww.bluesstayawayfromme.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.2mastjuPklA.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg%2Fm%3D__features__
Frame ID: 409BD30C19B2C4D12B5BB84848FAA5C5
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bluesstayawayfromme.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.2mastjuPklA.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg%2Fm%3D__features__
Frame ID: 06BC0908F755D86F7DE10D0FB291DFEA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Frank Wakefield - Blues Stay Away From Me - Now Available on CD!

Page URL History Show full URLs

  1. http://www.bluesstayawayfromme.com/ HTTP 307
    https://www.bluesstayawayfromme.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

21
Requests

90 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

304 kB
Transfer

1016 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bluesstayawayfromme.com/ HTTP 307
    https://www.bluesstayawayfromme.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.bluesstayawayfromme.com/
Redirect Chain
  • http://www.bluesstayawayfromme.com/
  • https://www.bluesstayawayfromme.com/
8 KB
3 KB
Document
General
Full URL
https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
a7e26fc31869f921eee1ab785a229df2de71b525b4f21266c281e6d6ad968070

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
2584
content-type
text/html
date
Mon, 29 Jul 2024 20:43:19 GMT
etag
"112192b-1fad-5c49ca8978d80-br"
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://www.bluesstayawayfromme.com/
Non-Authoritative-Reason
HttpsUpgrades
animate.js
www.bluesstayawayfromme.com/
0
0
Script
General
Full URL
https://www.bluesstayawayfromme.com/animate.js
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
frankcover.jpg
www.bluesstayawayfromme.com/images/
45 KB
45 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/frankcover.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
e2536364731841aaa081c960c84def35762bb286c85f646ace10a70e1874cef0

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112190d-b23d-5c49ca8978d80"
content-length
45629
content-type
image/jpeg
x-click-but5.gif
images.paypal.com/images/
0
0

websforasongbanner2.jpg
www.bluesstayawayfromme.com/images/
14 KB
14 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/websforasongbanner2.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
2160d90fc53b27386ca2536d1bdfe967d5935fae130adee308eda3864e2d566c

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112190a-38b9-5c49ca8978d80"
content-length
14521
content-type
image/jpeg
whoiskingtet.jpg
www.bluesstayawayfromme.com/images/
34 KB
34 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/whoiskingtet.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
fbdf6e36293c9b608a32e9c572e445f8eb59e3595dac98576ea5ffb0ab2bf69e

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112190f-86d5-5c49ca8978d80"
content-length
34517
content-type
image/jpeg
Tetplate2.gif
www.bluesstayawayfromme.com/images/
23 KB
23 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/Tetplate2.gif
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
2acfb766d0e42cb475f4cf54750b2dc6a53c90fed35a679ee85f7106e583bd6a

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112190c-5ca5-5c49ca8978d80"
content-length
23717
content-type
image/gif
banjoman2.jpg
www.bluesstayawayfromme.com/images/
11 KB
11 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/banjoman2.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
d268e7aba01ec24f7b11a10591d7f68cc39551214b9c9a27cd2eed8357067bdb

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112191c-2a73-5c49ca8978d80"
content-length
10867
content-type
image/jpeg
ktp-logo.gif
www.bluesstayawayfromme.com/images/
2 KB
3 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/ktp-logo.gif
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
67595859b6c88e22bbbb9397298c17033adebc258bcc13e99f16bcc984b6f2e8

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112191b-9ef-5c49ca8978d80"
content-length
2543
content-type
image/gif
raggedbutrightbanner.jpg
www.bluesstayawayfromme.com/images/
30 KB
30 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/raggedbutrightbanner.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
3b505e2bdb360d0668fbef495793d905b7538635f23c82671e8afd99fe9c57d1

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"112190b-7670-5c49ca8978d80"
content-length
30320
content-type
image/jpeg
plusone.js
apis.google.com/js/
55 KB
22 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24ec2240952ff0b4272681274e27323e2e15e088a71b5b4090a6ada60e966c00
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 20:43:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21627
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"7d49ed84670ac069"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jul 2024 20:43:19 GMT
frankpattern.jpg
www.bluesstayawayfromme.com/images/
21 KB
21 KB
Image
General
Full URL
https://www.bluesstayawayfromme.com/images/frankpattern.jpg
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
cb4210563698d35513463ccf2dec1bdf748c57aa4053baeb59d90a043b2f3120

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
accept-ranges
bytes
etag
"1121910-525f-5c49ca8978d80"
content-length
21087
content-type
image/jpeg
bonaparte.wav
www.bluesstayawayfromme.com/mp3a/ Frame 3350
0
0
Document
General
Full URL
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.bluesstayawayfromme.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-type
audio/x-wav
date
Mon, 29 Jul 2024 20:43:19 GMT
etag
"1121907-79f3a-5c49ca8978d80-br"
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
vary
Accept-Encoding
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.2mastjuPklA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg/
162 KB
57 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.2mastjuPklA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae5d7b6a53e55ef67eb5a471781d05451fbb37981fd3ba664bc3861f8a547a48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57457
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 18:55:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Jul 2025 11:56:20 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.2mastjuPklA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg/
101 KB
35 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.2mastjuPklA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15464bf8366a65b092db99c2df1be9a120943e56d9d1a5d68ff3e2ffedb5c5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35604
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 18:55:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Jul 2025 11:48:27 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 409B
0
0

postmessageRelay
accounts.google.com/o/oauth2/ Frame 06BC
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bluesstayawayfromme.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.2mastjuPklA.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.2mastjuPklA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-mQvnzIYiYOGj0dfNEaUj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bluesstayawayfromme.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-mQvnzIYiYOGj0dfNEaUj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Mon, 29 Jul 2024 20:43:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3350
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
bonaparte.wav
www.bluesstayawayfromme.com/mp3a/ Frame 3350
41 KB
0
Media
General
Full URL
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Requested by
Host: www.bluesstayawayfromme.com
URL: https://www.bluesstayawayfromme.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 29 Jul 2024 20:43:19 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
etag
"1121907-79f3a-5c49ca8978d80"
vary
Accept-Encoding
content-type
audio/x-wav
Content-Range
bytes 0-499513/499514
accept-ranges
bytes
Content-Length
499514
truncated
/ Frame 3350
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3350
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3350
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
www.bluesstayawayfromme.com/
4 KB
545 B
Other
General
Full URL
https://www.bluesstayawayfromme.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
74ca34b0cf7dae3d208458327942993843114b31259345b0d4e4d86f5eb2e293

Request headers

Referer
https://www.bluesstayawayfromme.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:43:20 GMT
content-encoding
br
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
etag
"1121900-e36-5c49ca8978d80-br"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
content-length
454
bonaparte.wav
www.bluesstayawayfromme.com/mp3a/ Frame 3350
8 KB
8 KB
Media
General
Full URL
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash
40471f3de792045c17bbff8961b097339010bbf1127ce05945cf56a9744d8596

Request headers

Referer
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=491520-

Response headers

date
Mon, 29 Jul 2024 20:43:20 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
etag
"1121907-79f3a-5c49ca8978d80"
vary
Accept-Encoding
content-type
audio/x-wav
Content-Range
bytes 491520-499513/499514
accept-ranges
bytes
Content-Length
7994
bonaparte.wav
www.bluesstayawayfromme.com/mp3a/ Frame 3350
456 KB
0
Media
General
Full URL
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.253.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
128.253.167.72.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://www.bluesstayawayfromme.com/mp3a/bonaparte.wav
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

date
Mon, 29 Jul 2024 20:43:20 GMT
last-modified
Sun, 13 Jun 2021 02:40:06 GMT
server
Apache
etag
"1121907-79f3a-5c49ca8978d80"
vary
Accept-Encoding
content-type
audio/x-wav
Content-Range
bytes 32768-499513/499514
accept-ranges
bytes
Content-Length
466746
truncated
/ Frame 3350
180 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3350
382 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3350
198 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.paypal.com
URL
https://images.paypal.com/images/x-click-but5.gif
Domain
apis.google.com
URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.bluesstayawayfromme.com&url=https%3A%2F%2Fwww.bluesstayawayfromme.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.2mastjuPklA.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9_z4f5QJO6r_0C5Yvz-VY4qO8oIg%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| dynAnimation function| clickSwapImg object| gapi object| ___jsl object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

0 Cookies

5 Console Messages

Source Level URL
Text
security warning URL: https://www.bluesstayawayfromme.com/
Message:
Mixed Content: The page at 'https://www.bluesstayawayfromme.com/' was loaded over HTTPS, but requested an insecure element 'http://images.paypal.com/images/x-click-but5.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://images.paypal.com/images/x-click-but5.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.bluesstayawayfromme.com/animate.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://www.bluesstayawayfromme.com/(Line 140)
Message:
Mixed Content: The page at 'https://www.bluesstayawayfromme.com/' was loaded over HTTPS, but requested an insecure element 'http://images.paypal.com/images/x-click-but5.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://apis.google.com/js/plusone.js(Line 63)
Message:
Mixed Content: The page at 'https://www.bluesstayawayfromme.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1722285799732&_gfid=I0_1722285799732&parent=https%3A%2F%2Fwww.bluesstayawayfromme.com&pfname=&rpctoken=42021713'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
images.paypal.com
www.bluesstayawayfromme.com
apis.google.com
images.paypal.com
2a00:1450:4001:827::200e
2a00:1450:4013:c16::54
72.167.253.128
15464bf8366a65b092db99c2df1be9a120943e56d9d1a5d68ff3e2ffedb5c5e1
2160d90fc53b27386ca2536d1bdfe967d5935fae130adee308eda3864e2d566c
24ec2240952ff0b4272681274e27323e2e15e088a71b5b4090a6ada60e966c00
2acfb766d0e42cb475f4cf54750b2dc6a53c90fed35a679ee85f7106e583bd6a
30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64
3b505e2bdb360d0668fbef495793d905b7538635f23c82671e8afd99fe9c57d1
40471f3de792045c17bbff8961b097339010bbf1127ce05945cf56a9744d8596
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67595859b6c88e22bbbb9397298c17033adebc258bcc13e99f16bcc984b6f2e8
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74ca34b0cf7dae3d208458327942993843114b31259345b0d4e4d86f5eb2e293
a7e26fc31869f921eee1ab785a229df2de71b525b4f21266c281e6d6ad968070
ae5d7b6a53e55ef67eb5a471781d05451fbb37981fd3ba664bc3861f8a547a48
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
cb4210563698d35513463ccf2dec1bdf748c57aa4053baeb59d90a043b2f3120
d268e7aba01ec24f7b11a10591d7f68cc39551214b9c9a27cd2eed8357067bdb
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e2536364731841aaa081c960c84def35762bb286c85f646ace10a70e1874cef0
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
fbdf6e36293c9b608a32e9c572e445f8eb59e3595dac98576ea5ffb0ab2bf69e