bluesmods.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 192.124.249.5, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is bluesmods.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 31st 2021. Valid for: a year.

This is the only time bluesmods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	192.124.249.5 192.124.249.5	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
7	2

6 192.124.249.5 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10005.sucuri.net

bluesmods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	bluesmods.com bluesmods.com	365 KB
1	googleapis.com fonts.googleapis.com	1 KB
7	2

	Domain	Requested by
6	bluesmods.com	bluesmods.com
1	fonts.googleapis.com	bluesmods.com
7	2

This site contains links to these domains. Also see Links.

Domain
drive.google.com

Subject Issuer	Validity	Valid
bluesmods.com Starfield Secure Certificate Authority - G2	`2021-03-31` - `2022-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bluesmods.com/bluecord/
Frame ID: 97A617FBB2CADB359A55431D3AADB804
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Bluecord - Discord APK Mod

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

366 kB
Transfer

395 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://drive.google.com/file/d/1I1Emu5BScnQyX6UPdI6aI6mEJdYb9Pxo/view?usp=sharing
Title: Download (Google Drive)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bluesmods.com/bluecord/ 5 KB
2 KB 46ms
7ms Document
text/html 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

0fa015b04764ebf2b488ea5dd5e1a43837ae5791fc8e82c2e4ff89911c0123de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 23 Nov 2021 12:08:36 GMT
content-type: text/html
x-sucuri-id: 15005
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 14 Oct 2021 10:46:25 GMT
vary: Accept-Encoding
etag: W/"61680a81-130d"
strict-transport-security: max-age=31536000
content-encoding: gzip
x-sucuri-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:34:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 12:08:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 12:08:36 GMT

GET
H2 200 styles-download.css
bluesmods.com/assets/ 25 KB
5 KB 8ms
7ms Stylesheet
text/css 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bluesmods.com/assets/styles-download.css

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

69e1cf90cebbbb450a051644919d45245ff27287f2e2e6fc86814eef0c5b5137

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/bluecord/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 11 May 2021 03:18:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6099f799-628f"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blueLogoNoBg.png
bluesmods.com/assets/ 141 KB
141 KB 8ms
8ms Image
image/png 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluesmods.com/assets/blueLogoNoBg.png

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

36aa186fd60d7a4aa983c47fb122592a4d6460e45d7da2314b49c5c667b72d6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/bluecord/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:36 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 143986
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Apr 2020 06:45:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e955c07-23272"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bluecord_logo.png
bluesmods.com/assets/ 13 KB
13 KB 22ms
22ms Image
image/png 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluesmods.com/assets/bluecord_logo.png

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

39fc853a17275e523a5dbb579f3ada31c70cc528fadd069c215838d01dcf01ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/bluecord/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:36 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 13375
x-xss-protection: 1; mode=block
last-modified: Fri, 28 May 2021 01:57:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60b04e03-343f"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main_download.js Show response
bluesmods.com/assets/ 5 KB
2 KB 7ms
7ms Script
application/javascript 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bluesmods.com/assets/main_download.js

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/bluecord/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

aa9eb671b9f229948aabbdcbc9f77b8aa7bd9104cdc3ba1a4b218caa5ffac630

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/bluecord/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 11 May 2021 03:29:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6099fa0f-14ef"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blueSplash.png
bluesmods.com/assets/ 201 KB
201 KB 7ms
7ms Image
image/png 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluesmods.com/assets/blueSplash.png

Requested by

Host: bluesmods.com
URL: https://bluesmods.com/assets/styles-download.css

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

14162a28cedc4a9bb2a508d2a9f2940d33c02d8eab09d68e3450e62262ac630c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bluesmods.com/assets/styles-download.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:08:36 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 205483
x-xss-protection: 1; mode=block
last-modified: Sat, 01 May 2021 10:46:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "608d31a3-322ab"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluesmods.com
fonts.googleapis.com
192.124.249.5
2a00:1450:4001:810::200a
0fa015b04764ebf2b488ea5dd5e1a43837ae5791fc8e82c2e4ff89911c0123de
14162a28cedc4a9bb2a508d2a9f2940d33c02d8eab09d68e3450e62262ac630c
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
36aa186fd60d7a4aa983c47fb122592a4d6460e45d7da2314b49c5c667b72d6a
39fc853a17275e523a5dbb579f3ada31c70cc528fadd069c215838d01dcf01ec
69e1cf90cebbbb450a051644919d45245ff27287f2e2e6fc86814eef0c5b5137
aa9eb671b9f229948aabbdcbc9f77b8aa7bd9104cdc3ba1a4b218caa5ffac630

bluesmods.com Open in urlscan Pro 192.124.249.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

366 kBTransfer

395 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

bluesmods.com Open in urlscan Pro
192.124.249.5 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

366 kB
Transfer

395 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions