Report - blu-ig.com/

Report Overview

Submitted URL
blu-ig.com/
IP
207.210.229.91
ASN
#36024 AS-TIERP-36024
Submitted
2022-12-05 20:23:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.216.192.228
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	2.2 kB	142.250.74.106
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	982 B	78 kB	216.58.207.227
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	216.58.211.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	46 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	64 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
blu-ig.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	3.7 MB	207.210.229.91
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	blu-ig.com/	Phishing
2022-12-05	medium	blu-ig.com/	Phishing
2022-12-05	medium	blu-ig.com/js/jquery.appear.js	Phishing
2022-12-05	medium	blu-ig.com/js/parallaxie.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.kenburn.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/jquery-countTo.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.carousel.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/wow.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.actions.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.parallax.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.video.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.slideanims.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.migration.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.navigation.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/propper.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/bootstrap.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/tooltipster.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/functions.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/extensions/revolution.extension.layeranimation.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/jquery.themepunch.revolution.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/jquery.cubeportfolio.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/jquery-3.4.1.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/revolution/jquery.themepunch.tools.min.js	Phishing
2022-12-05	medium	blu-ig.com/webfonts/fa-brands-400.woff2	Phishing
2022-12-05	medium	blu-ig.com/webfonts/fa-solid-900.woff2	Phishing
2022-12-05	medium	blu-ig.com/js/jquery.fancybox.min.js	Phishing
2022-12-05	medium	blu-ig.com/js/owl.carousel.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	blu-ig.com/js/revolution/extensions/revolution.extension.actions.min.js	8.3 kB	2023-03-07	2024-03-27
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.actions.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-27 14:26:52 Times Seen628 Hash 1e23424880dfdb9e886fcff2f0aae6ee 8acaff02a625c997cbbb7ed8843e7cf610bf2b5b 0fc4db12b0d589fd17b3e43c3ba4cdca64183916637624bfe59aad7299284284 Loading...

	blu-ig.com/js/revolution/extensions/revolution.extension.migration.min.js	26 kB	2023-03-07	2024-03-27
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.migration.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-27 14:26:52 Times Seen1929 Hash 05ec8fa18732b68a634f95e7c2bebd2e 2204916097137e7afe60b7d8a612e04f86496cbc 38da5f0c3fd471c5a28d03d7155aba416ae2562ba4a73a2ca3920b19e4b47a63 Loading...

	blu-ig.com/js/tooltipster.min.js	47 kB	2023-03-08	2024-01-09
Pretty URL blu-ig.com/js/tooltipster.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2024-01-09 15:06:39 Times Seen13 Hash 8a28144c0a9b49b94f0d97bc6ee2e494 85b69483b377c5bf4035976aa720a1e4fbeca371 a5c69eec0e36d51019407a51db8f505cc1c1b6d37818c06b7dc167905f20ae81 Loading...

	blu-ig.com/js/owl.carousel.min.js	44 kB	2023-03-07	2024-01-11
Pretty URL blu-ig.com/js/owl.carousel.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:39 Last Seen2024-01-11 05:34:29 Times Seen30 Hash 939f069634bd9547d095f1c98d742083 df045f0003077594718687d4d91b5bd082f795d3 9a3c293d89be07fa3c48edb10c7f8d4144017df30e07c550a758e6f1cfc27d32 Loading...

	blu-ig.com/js/functions.js	60 kB	2023-03-08	2023-10-13
Pretty URL blu-ig.com/js/functions.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2023-10-13 21:21:28 Times Seen5 Hash d103b1ccd3e412c79dd805fbf592b81d 2206f3c86545f6f0264ab630b4188c6d68cfac2d b06551867250477acc6b771fa100de8be20ba264af73fc9a75f136ae59a55c4a Loading...

	blu-ig.com/js/jquery.cubeportfolio.min.js	79 kB	2023-03-08	2024-01-09
Pretty URL blu-ig.com/js/jquery.cubeportfolio.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2024-01-09 15:06:39 Times Seen15 Hash ff915f9c6be1d006cd14c44d7b2a4618 0d9316cf4fab9464385aa851bbdfebaaaa509b0f ebf381533048c98d721d5b7ec4fcedc4530f92587d35d7282f4afdcb566f46af Loading...

	www.googletagmanager.com/gtag/js?id=UA-153494034-1	115 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-153494034-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2023-03-08 19:48:07 Times Seen1 Hash 471f0c2d9e9d126f4ee9cb1ecff12b10 0608e279101e8b8cba7d8c85d8090422372bed33 1e1f42a114e4f02e1e3a2683583e2bae5ca0afb8e076616366f7e70c9442c727 Loading...

	blu-ig.com/js/wow.js	8.5 kB	2023-03-07	2024-01-09
Pretty URL blu-ig.com/js/wow.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-01-09 15:06:39 Times Seen21 Hash b8f5679619466a95aa503f88e4c56c66 92d029b83dc546490fa9cf59d17bf35c6a8dd59b 4d51e6d3072b8d89c7e1e9c38efa4e5c20bbfe856b8f930326edd03d872175ac Loading...

	blu-ig.com/	251 B	2023-03-08	2023-03-08
Pretty URL blu-ig.com/ IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2023-03-08 19:48:07 Times Seen1 Hash 7c5bb7d089ec06661f3ca79da3e0d89a 53e03f3f08f8066540216f69cdaa2e3c8bd5528c 5ae68cd1db08e38aef7eac1f1c92619bcf9dcf922f7bd519e24623ff4783f47d Loading...

	blu-ig.com/js/jquery.fancybox.min.js	68 kB	2023-03-08	2023-11-04
Pretty URL blu-ig.com/js/jquery.fancybox.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2023-11-04 01:12:58 Times Seen15 Hash cece310186f1e2ba2e81de89b73b5516 03d0936ae9a2b65039970f2a28a9b05f1d0cd993 a2b738c6210163384a26ee0c15d00cc57568cf853ca50a1c5979f492bb802c8b Loading...

	blu-ig.com/js/jquery.appear.js	1.3 kB	2023-03-07	2024-04-18
Pretty URL blu-ig.com/js/jquery.appear.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:09 Last Seen2024-04-18 23:00:16 Times Seen461 Hash 64531fe766285a4f78a602f316d52d48 9a0ace71a45e5546e2d3464f3439f563d865aed4 7212f627fb02a6e5780ddae7870b9b06906e322ba57b33a137444994f5fafb15 Loading...

	blu-ig.com/js/jquery-countTo.js	2.7 kB	2023-03-08	2024-01-09
Pretty URL blu-ig.com/js/jquery-countTo.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:48:07 Last Seen2024-01-09 15:06:39 Times Seen24 Hash 3e714cc8b5257c7d86790f1179dd38c7 f97bd9bde32a9302dae372d86deaddbba0095fe3 538175371e81ae885d7f17ca6d0127d46f0269a4b558c391f3d92c877685ed16 Loading...

	blu-ig.com/js/parallaxie.js	714 B	2023-03-08	2024-02-17
Pretty URL blu-ig.com/js/parallaxie.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:37:36 Last Seen2024-02-17 09:13:43 Times Seen93 Hash ad4cb3a8c7ec5f55365210bf6953ec81 61cd81474e7526b4d2dd3a3619ae20c2f497bf5d 2c72543080d3623bc00e4edd662a43345f1a8503df9d5ccee1d456f78a5a8909 Loading...

	blu-ig.com/js/revolution/extensions/revolution.extension.kenburn.min.js	3.8 kB	2023-03-07	2024-03-26
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.kenburn.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-26 11:27:53 Times Seen251 Hash 261d036ff4d77e01fbca0b39e05b3321 17c763757d51ca8dce4c3709acf87e061189d862 aa3a395c27bfaf020ed08d80d44b8470d2279339c2864d4b99c1c51520fc78e0 Loading...

	blu-ig.com/js/revolution/extensions/revolution.extension.video.min.js	26 kB	2023-03-07	2024-03-22
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.video.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:15 Last Seen2024-03-22 21:01:28 Times Seen224 Hash ded004ea2fecb5dfa4df995ba1867410 a1a82684d350a8183c83c91bb214ccfabbbb6b39 7e1cb0185b698144fe3c3cd6e367460838fb9a068989fdb6ae781a6973645c95 Loading...

	blu-ig.com/js/revolution/extensions/revolution.extension.slideanims.min.js	29 kB	2023-03-07	2024-04-17
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.slideanims.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-17 05:54:00 Times Seen2211 Hash 10f428f59d120bf8adbc39b86d547a2f fe92af104d1ca10761ec932fdd2da77f759286d4 e0a244f4ace8e695c3aa03697b9dd349f5f1abbae8974d87e879274808305595 Loading...

	blu-ig.com/js/revolution/jquery.themepunch.revolution.min.js	65 kB	2023-03-07	2024-04-21
Pretty URL blu-ig.com/js/revolution/jquery.themepunch.revolution.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-21 14:32:36 Times Seen3720 Hash e1223af8dbcd0552f6f6dc540431451e c01d6134f72ae04cb327a86918f3e88a63684e90 27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710 Loading...

	blu-ig.com/js/revolution/extensions/revolution.extension.carousel.min.js	7.6 kB	2023-03-07	2024-02-28
Pretty URL blu-ig.com/js/revolution/extensions/revolution.extension.carousel.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:18 Last Seen2024-02-28 12:42:20 Times Seen146 Hash 97693c9e323e737267165329b406c0f1 967f619064f8bf7d1ffc7d1f0ceb3d977058a574 6bef41bae310e2b5698ddf03e4f1dca51078f27ee6dd7bd4c857a755a5c44b7e Loading...

	blu-ig.com/js/propper.min.js	19 kB	2023-03-07	2024-04-19
Pretty URL blu-ig.com/js/propper.min.js IP 207.210.229.91 ASN #36024 AS-TIERP-36024 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:30 Last Seen2024-04-19 06:35:48 Times Seen455 Hash b1dbc64f8b1dfe0c089dd55b09bbbc72 a7da3b9714e3bf1f6fe61fdd30a96006431d0756 193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22 Loading...

HTTP Transactions (83)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 20:23:43 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1297
Cache-Control: max-age=138553
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:43 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:52:56 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 21:38:30 GMT
Date: Mon, 05 Dec 2022 20:23:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:20:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 204
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bZlwbmwXuccBNDSMJgv5wGlbl+7LPeO/nLUcXRBdHPUUb0G4O7vk8TMZv0X1bvOKANZk30GGMj2Kz2+/l1Cdkw==
x-amz-request-id: 3YW9K12E7YVT9DXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:46:48 GMT
age: 2215
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

blu-ig.com/

207.210.229.91

301 Moved Permanently

227 B

URL HTTP/1.1
blu-ig.com/
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
227 B (227 bytes)
Hash
d79a77569212793ba49cc2dd1c89fb6d
b9c8bda690323ee6c1a7a01377efdbc5010005c9
5b60f15e758976989757a5ee8916666d3b9567473205253cbfbbbb3a83702eb8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 20:23:43 GMT
Server: Apache
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer-when-downgrade
Location: https://blu-ig.com/
Content-Length: 227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:23:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:11:19 GMT
cache-control: public,max-age=3600
age: 744
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1289
Cache-Control: max-age=133478
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:43 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:28:21 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

blu-ig.com/

207.210.229.91

200 OK

31 kB

URL HTTP/2
blu-ig.com/
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (603), with CRLF line terminators
Size
31 kB (30713 bytes)
Hash
234b01de285c75aa4ca167eef79d8fb2
926e4aa46dce2e01de747d1ddb0ead5942430836
f49616e2f1a6f8036f2fe805149af9b0f71729539ec36c5ce3edddeb82d3ecc4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 17:31:08 GMT
accept-ranges: bytes
content-length: 30713
content-type: text/html
date: Mon, 05 Dec 2022 20:23:43 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.216.192.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.192.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bsF91W5CC7wBCMs4712SRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2mWtvy71KRvE+gHNGqfeTjvjlgA=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-153494034-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-153494034-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (44735 bytes)
Hash
bcc17b681f5c373f57632da051ff7ee6
70407408418f0661bf1388fe53bd487e4f293651
fc3434f4a264a45ac7bf49ae10e4ab9e3581e143caaf150e999cd37e0fc7acbf

HTTP Headers

GET /gtag/js?id=UA-153494034-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blu-ig.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:23:44 GMT
expires: Mon, 05 Dec 2022 20:23:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

blu-ig.com/css/revolution/navigation.css

207.210.229.91

200 OK

1.6 kB

URL HTTP/2
blu-ig.com/css/revolution/navigation.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1598 bytes)
Hash
4df717884c69ee46db2b725a18ad88f3
dcb611b82897dcb92b6b366a2120f3d7186cd08c
1a8e78ff485b7b462809dcb6ba62924a0cb3dfaa9538da2fcbb734d1d2cb6919

HTTP Headers

GET /css/revolution/navigation.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Jan 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 1598
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/owl.carousel.min.css

207.210.229.91

200 OK

2.9 kB

URL HTTP/2
blu-ig.com/css/owl.carousel.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (2846), with CRLF line terminators
Size
2.9 kB (2941 bytes)
Hash
11f8f55299612003d16158106d01f2f0
78bead4cb5ce15f16b6554065404a01df5f67325
8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e

HTTP Headers

GET /css/owl.carousel.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 2941
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blu-ig.com/css/tooltipster.min.css

207.210.229.91

200 OK

7.5 kB

URL HTTP/2
blu-ig.com/css/tooltipster.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (6495), with CRLF line terminators
Size
7.5 kB (7544 bytes)
Hash
cf29b43d29ff1afc62aa49ed88487bd5
2b6a97a75499c43568fca40b62b186b0baf9839f
a39c5f6146b41b7711c9fa01f6686461ae0e3d7ef904308d9714e70ea89301a2

HTTP Headers

GET /css/tooltipster.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Sep 2019 17:49:00 GMT
accept-ranges: bytes
content-length: 7544
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/jquery.fancybox.min.css

207.210.229.91

200 OK

13 kB

URL HTTP/2
blu-ig.com/css/jquery.fancybox.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (12795), with no line terminators
Size
13 kB (12795 bytes)
Hash
a2d42584292f64c5827e8b67b1b38726
1be9b79be02a1cfc5d96c4a5e0feb8f472babd95
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

HTTP Headers

GET /css/jquery.fancybox.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 12795
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/animate.min.css

207.210.229.91

200 OK

17 kB

URL HTTP/2
blu-ig.com/css/animate.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (16755), with CRLF line terminators
Size
17 kB (16962 bytes)
Hash
eab7261f4b1791d54131f5bb80d243e5
1e6d01f7ab2987cb29f8e11f2fbae31f2e4ad8c8
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 16962
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/chatWhatsApp.css

207.210.229.91

200 OK

1.6 kB

URL HTTP/2
blu-ig.com/css/chatWhatsApp.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1641 bytes)
Hash
53c988490a058206d9dfb22da5a62dd8
1a1f024162c3c6f2902e8a52a332717cc93680dd
f28644ed616f96422bb4af2da6a2fba7456ad9bcf6ae7763615ac27a46cfd3cb

HTTP Headers

GET /css/chatWhatsApp.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jul 2022 23:06:10 GMT
accept-ranges: bytes
content-length: 1641
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/jquery.appear.js

207.210.229.91

200 OK

1.3 kB

URL HTTP/2
blu-ig.com/js/jquery.appear.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (1266), with no line terminators
Size
1.3 kB (1266 bytes)
Hash
64531fe766285a4f78a602f316d52d48
9a0ace71a45e5546e2d3464f3439f563d865aed4
7212f627fb02a6e5780ddae7870b9b06906e322ba57b33a137444994f5fafb15

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.appear.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 1266
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/parallaxie.js

207.210.229.91

200 OK

714 B

URL HTTP/2
blu-ig.com/js/parallaxie.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (714), with no line terminators
Size
714 B (714 bytes)
Hash
ad4cb3a8c7ec5f55365210bf6953ec81
61cd81474e7526b4d2dd3a3619ae20c2f497bf5d
2c72543080d3623bc00e4edd662a43345f1a8503df9d5ccee1d456f78a5a8909

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/parallaxie.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Oct 2019 15:49:00 GMT
accept-ranges: bytes
content-length: 714
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/revolution/settings.css

207.210.229.91

200 OK

30 kB

URL HTTP/2
blu-ig.com/css/revolution/settings.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (29701), with CRLF line terminators
Size
30 kB (30072 bytes)
Hash
c4ce361995ff4e22f22c79d0ead65f35
2d07f0f1b10bef9b90540bb14181c019b0a32c2e
b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239

HTTP Headers

GET /css/revolution/settings.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Nov 2017 07:00:00 GMT
accept-ranges: bytes
content-length: 30072
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.kenburn.min.js

207.210.229.91

200 OK

3.8 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.kenburn.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (3515), with CRLF line terminators
Size
3.8 kB (3754 bytes)
Hash
261d036ff4d77e01fbca0b39e05b3321
17c763757d51ca8dce4c3709acf87e061189d862
aa3a395c27bfaf020ed08d80d44b8470d2279339c2864d4b99c1c51520fc78e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.kenburn.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 3754
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/jquery-countTo.js

207.210.229.91

200 OK

2.7 kB

URL HTTP/2
blu-ig.com/js/jquery-countTo.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2685 bytes)
Hash
3e714cc8b5257c7d86790f1179dd38c7
f97bd9bde32a9302dae372d86deaddbba0095fe3
538175371e81ae885d7f17ca6d0127d46f0269a4b558c391f3d92c877685ed16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-countTo.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 2685
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/all.min.css

207.210.229.91

200 OK

56 kB

URL HTTP/2
blu-ig.com/css/all.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (56331), with CRLF line terminators
Size
56 kB (56521 bytes)
Hash
ad10c9ef680ac0aa8f9d24bd0f53ed54
fe44f70dba801d5171e4f8837b1ce0c52783e038
04aec4107954c62d888f138cac63e9fd4508ca8bfcdaf9a9e3ade5eed2333b79

HTTP Headers

GET /css/all.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jul 2019 14:54:00 GMT
accept-ranges: bytes
content-length: 56521
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.carousel.min.js

207.210.229.91

200 OK

7.6 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.carousel.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (7370), with CRLF line terminators
Size
7.6 kB (7607 bytes)
Hash
97693c9e323e737267165329b406c0f1
967f619064f8bf7d1ffc7d1f0ceb3d977058a574
6bef41bae310e2b5698ddf03e4f1dca51078f27ee6dd7bd4c857a755a5c44b7e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.carousel.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 7607
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/cubeportfolio.min.css

207.210.229.91

200 OK

102 kB

URL HTTP/2
blu-ig.com/css/cubeportfolio.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (65247), with CRLF line terminators
Size
102 kB (101730 bytes)
Hash
66c03cd0fc6dd02edd16cce22f41ddd1
b397cea2c0b5c0a3732c63a68bd5bee70d21deff
22e4360dd7fd2aef0b89cc6353f03f5ff783763bc680de064eca9dac90360339

HTTP Headers

GET /css/cubeportfolio.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 101730
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/wow.js

207.210.229.91

200 OK

8.5 kB

URL HTTP/2
blu-ig.com/js/wow.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (8443), with CRLF line terminators
Size
8.5 kB (8474 bytes)
Hash
b8f5679619466a95aa503f88e4c56c66
92d029b83dc546490fa9cf59d17bf35c6a8dd59b
4d51e6d3072b8d89c7e1e9c38efa4e5c20bbfe856b8f930326edd03d872175ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/wow.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Dec 2018 07:00:00 GMT
accept-ranges: bytes
content-length: 8474
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.actions.min.js

207.210.229.91

200 OK

8.3 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.actions.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (8089), with CRLF line terminators
Size
8.3 kB (8329 bytes)
Hash
1e23424880dfdb9e886fcff2f0aae6ee
8acaff02a625c997cbbb7ed8843e7cf610bf2b5b
0fc4db12b0d589fd17b3e43c3ba4cdca64183916637624bfe59aad7299284284

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.actions.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 8329
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.parallax.min.js

207.210.229.91

200 OK

11 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.parallax.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (10692), with CRLF line terminators
Size
11 kB (10931 bytes)
Hash
5af695fc2f9242677472d46c921b407e
7ee73735c7b0e0c8b4ebaccac77ab3268a3ef00a
dd831ed9e0bf5acd44bcdaa92f5d357f65ba9fb8b839e60a9d0af23dfd0b68f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.parallax.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 10931
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/bootstrap.min.css

207.210.229.91

200 OK

156 kB

URL HTTP/2
blu-ig.com/css/bootstrap.min.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
156 kB (155764 bytes)
Hash
8fe70898895271ddc62823321011273a
60f0159744e3b554a45da027f9e7faa992aed71a
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Apr 2019 05:00:00 GMT
accept-ranges: bytes
content-length: 155764
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blu-ig.com/images/logoFooter2.png

207.210.229.91

200 OK

9.6 kB

URL HTTP/2
blu-ig.com/images/logoFooter2.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 400 x 119, 8-bit/color RGBA, non-interlaced\012- data
Size
9.6 kB (9609 bytes)
Hash
e020934f92b59d975277139a3d9e55f4
76b4cabc3715fc1aa412ac2b89e6e135aebc5537
a36a2633f86e22697ed169c9476b8d41180db4903c3ad58a0bb2f982af1c24ed

HTTP Headers

GET /images/logoFooter2.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 19:58:00 GMT
accept-ranges: bytes
content-length: 9609
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/logoFooter3.png

207.210.229.91

200 OK

10 kB

URL HTTP/2
blu-ig.com/images/logoFooter3.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 420 x 121, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10070 bytes)
Hash
91903b72849fc73ffa9129a9359cd54a
6f0195e32ece78d340bbf9030dcf4f34f8b84b7f
cb21a7e0395f18a528b840a9e7fa2e1e0c186ecc83a24713793e022b47d36ff4

HTTP Headers

GET /images/logoFooter3.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jul 2022 19:59:52 GMT
accept-ranges: bytes
content-length: 10070
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.video.min.js

207.210.229.91

200 OK

26 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.video.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (25833), with CRLF line terminators
Size
26 kB (26079 bytes)
Hash
ded004ea2fecb5dfa4df995ba1867410
a1a82684d350a8183c83c91bb214ccfabbbb6b39
7e1cb0185b698144fe3c3cd6e367460838fb9a068989fdb6ae781a6973645c95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.video.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 26079
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.slideanims.min.js

207.210.229.91

200 OK

29 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.slideanims.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (28818), with CRLF line terminators
Size
29 kB (29070 bytes)
Hash
10f428f59d120bf8adbc39b86d547a2f
fe92af104d1ca10761ec932fdd2da77f759286d4
e0a244f4ace8e695c3aa03697b9dd349f5f1abbae8974d87e879274808305595

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.slideanims.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 29070
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.migration.min.js

207.210.229.91

200 OK

26 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.migration.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (25862), with CRLF line terminators
Size
26 kB (26103 bytes)
Hash
05ec8fa18732b68a634f95e7c2bebd2e
2204916097137e7afe60b7d8a612e04f86496cbc
38da5f0c3fd471c5a28d03d7155aba416ae2562ba4a73a2ca3920b19e4b47a63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.migration.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 26103
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.navigation.min.js

207.210.229.91

200 OK

26 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.navigation.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (25862), with CRLF line terminators
Size
26 kB (26103 bytes)
Hash
05ec8fa18732b68a634f95e7c2bebd2e
2204916097137e7afe60b7d8a612e04f86496cbc
38da5f0c3fd471c5a28d03d7155aba416ae2562ba4a73a2ca3920b19e4b47a63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.navigation.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 26103
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/propper.min.js

207.210.229.91

200 OK

19 kB

URL HTTP/2
blu-ig.com/js/propper.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (19015), with CRLF line terminators
Size
19 kB (19193 bytes)
Hash
b1dbc64f8b1dfe0c089dd55b09bbbc72
a7da3b9714e3bf1f6fe61fdd30a96006431d0756
193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/propper.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 19193
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800|Open+Sans:300,400,600,700

142.250.74.106

200 OK

1.4 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800|Open+Sans:300,400,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1436 bytes)
Hash
cc71e24055ae86523fb05418bcbc3f74
a207d55c6e1d0a28674fda41677a9b2ffb02fbd0
7a2f173a95b2efbb741a8d7c7eb9c7bc4c4ae2c53b2806268ccf5511568b673f

HTTP Headers

GET /css?family=Montserrat:200,300,400,500,600,700,800|Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blu-ig.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 20:23:44 GMT
date: Mon, 05 Dec 2022 20:23:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blu-ig.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 5463
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

blu-ig.com/js/bootstrap.min.js

207.210.229.91

200 OK

49 kB

URL HTTP/2
blu-ig.com/js/bootstrap.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (48664), with CRLF line terminators
Size
49 kB (48950 bytes)
Hash
d061ab58270e692309b728296e90bba2
c9b4b1b279855515ea3f919adc71420664b18000
b00834c17c50af103e353ef86a69d90bbcaa819ed92b4d6ed670a425514e3c3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 48950
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/tooltipster.min.js

207.210.229.91

200 OK

47 kB

URL HTTP/2
blu-ig.com/js/tooltipster.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (32056), with CRLF line terminators
Size
47 kB (46706 bytes)
Hash
8a28144c0a9b49b94f0d97bc6ee2e494
85b69483b377c5bf4035976aa720a1e4fbeca371
a5c69eec0e36d51019407a51db8f505cc1c1b6d37818c06b7dc167905f20ae81

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/tooltipster.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Sep 2019 17:47:00 GMT
accept-ranges: bytes
content-length: 46706
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/banner1-4.jpg

207.210.229.91

200 OK

101 kB

URL HTTP/2
blu-ig.com/images/banner1-4.jpg
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1920x1080, components 3\012- data
Size
101 kB (100762 bytes)
Hash
6d96df339410045566562de787ae9e59
658c14ab2b2178c4d170c99866a16c92ef56b5cb
b25a73c6d1fe411819b9d401f36046dc777d6aed4968575cf3c85016d6c97dc1

HTTP Headers

GET /images/banner1-4.jpg HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Aug 2021 17:46:24 GMT
accept-ranges: bytes
content-length: 100762
content-type: image/jpeg
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blu-ig.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 309213
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

blu-ig.com/js/functions.js

207.210.229.91

200 OK

60 kB

URL HTTP/2
blu-ig.com/js/functions.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with CRLF line terminators
Size
60 kB (60496 bytes)
Hash
d103b1ccd3e412c79dd805fbf592b81d
2206f3c86545f6f0264ab630b4188c6d68cfac2d
b06551867250477acc6b771fa100de8be20ba264af73fc9a75f136ae59a55c4a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/functions.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Oct 2019 18:35:00 GMT
accept-ranges: bytes
content-length: 60496
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/banner1-2.jpg

207.210.229.91

200 OK

94 kB

URL HTTP/2
blu-ig.com/images/banner1-2.jpg
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1920x1080, components 3\012- data
Size
94 kB (93839 bytes)
Hash
fe7da79b08ba7e9e778cabe065979365
2a423bce74061b9d21bf7b2c6408cd4b652de444
936dfd6daaac78237f2856adedfd25d6e39244a9867a64c40e3ce71d93542117

HTTP Headers

GET /images/banner1-2.jpg HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Aug 2021 17:12:12 GMT
accept-ranges: bytes
content-length: 93839
content-type: image/jpeg
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/extensions/revolution.extension.layeranimation.min.js

207.210.229.91

200 OK

56 kB

URL HTTP/2
blu-ig.com/js/revolution/extensions/revolution.extension.layeranimation.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (55556), with CRLF line terminators
Size
56 kB (55809 bytes)
Hash
a78982b40bf915f977f2bcb73e907934
540b38654ca018e915d4de20f586f7999d5119f2
f46438dc69e006684fd2254a035cd58fa8fc9277206bdf0f8c9a278bbfbc8756

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/extensions/revolution.extension.layeranimation.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 55809
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/jquery.themepunch.revolution.min.js

207.210.229.91

200 OK

65 kB

URL HTTP/2
blu-ig.com/js/revolution/jquery.themepunch.revolution.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (64614), with CRLF line terminators
Size
65 kB (64949 bytes)
Hash
e1223af8dbcd0552f6f6dc540431451e
c01d6134f72ae04cb327a86918f3e88a63684e90
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/jquery.themepunch.revolution.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 64949
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/jquery.cubeportfolio.min.js

207.210.229.91

200 OK

79 kB

URL HTTP/2
blu-ig.com/js/jquery.cubeportfolio.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (32038), with CRLF line terminators
Size
79 kB (78617 bytes)
Hash
ff915f9c6be1d006cd14c44d7b2a4618
0d9316cf4fab9464385aa851bbdfebaaaa509b0f
ebf381533048c98d721d5b7ec4fcedc4530f92587d35d7282f4afdcb566f46af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.cubeportfolio.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Mar 2019 07:00:00 GMT
accept-ranges: bytes
content-length: 78617
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:23:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blu-ig.com/images/banner1-5.jpg

207.210.229.91

200 OK

146 kB

URL HTTP/2
blu-ig.com/images/banner1-5.jpg
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1920x1080, components 3\012- data
Size
146 kB (146426 bytes)
Hash
e7bed1b300d9dc59561e7f9d8283b894
16533bade1437fe3dd094e407a1e145dd97b5fab
a35d98a84090e0c1c214e10f4f957d49a58c6f5e9b844d65c32f4ab397a84096

HTTP Headers

GET /images/banner1-5.jpg HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 20:08:44 GMT
accept-ranges: bytes
content-length: 146426
content-type: image/jpeg
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/jquery-3.4.1.min.js

207.210.229.91

200 OK

88 kB

URL HTTP/2
blu-ig.com/js/jquery-3.4.1.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
88 kB (88145 bytes)
Hash
2f772fed444d5489079f275bd01e26cc
a8927ac2830b2fdd4a729eb0eb7f80923539ceb9
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jul 2019 12:59:00 GMT
accept-ranges: bytes
content-length: 88145
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/revolution/jquery.themepunch.tools.min.js

207.210.229.91

200 OK

111 kB

URL HTTP/2
blu-ig.com/js/revolution/jquery.themepunch.tools.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
ASCII text, with very long lines (27287), with CRLF line terminators
Size
111 kB (110564 bytes)
Hash
67a9644e880e7a471d49c73bb7621932
2ac89b145da02402ce1877c580850e08076c5109
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/revolution/jquery.themepunch.tools.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Aug 2018 05:00:00 GMT
accept-ranges: bytes
content-length: 110564
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/consultoria.png

207.210.229.91

200 OK

381 kB

URL HTTP/2
blu-ig.com/images/consultoria.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 920 x 460, 8-bit/color RGBA, non-interlaced\012- data
Size
381 kB (380686 bytes)
Hash
175aa82872f909fd6d6ac5cd0e312cca
edd1e87e77c5899c85766921a139e2ad07f479b2
7b36dedfb4d91dace083df3385dbf5fd2bddf2fac8a15aaadd0243db2f77f5fb

HTTP Headers

GET /images/consultoria.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Jun 2022 15:47:56 GMT
accept-ranges: bytes
content-length: 380686
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/tramites.png

207.210.229.91

200 OK

440 kB

URL HTTP/2
blu-ig.com/images/tramites.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 920 x 460, 8-bit/color RGBA, non-interlaced\012- data
Size
440 kB (440031 bytes)
Hash
6ee1ef62f14c6e26f0a299c485b2de9e
3e42f86812578a8d241fe6708684d88581176789
84ac884b0f3bc225ee17572ee445a94d161813a0b03963f93bed9281f94d13f7

HTTP Headers

GET /images/tramites.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Jun 2022 15:48:06 GMT
accept-ranges: bytes
content-length: 440031
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/marketing.png

207.210.229.91

200 OK

548 kB

URL HTTP/2
blu-ig.com/images/marketing.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 920 x 460, 8-bit/color RGBA, non-interlaced\012- data
Size
548 kB (548439 bytes)
Hash
b914e1bded8bab82bb5aa3986e394f2d
be5235a1b3271df04596eb09e990808f704f88c8
3e634a9043ae32589ccd6e819d393625dc287be41035c046e03dccf81a7e55d9

HTTP Headers

GET /images/marketing.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Jun 2022 15:47:24 GMT
accept-ranges: bytes
content-length: 548439
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/pyme.png

207.210.229.91

200 OK

700 kB

URL HTTP/2
blu-ig.com/images/pyme.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 920 x 460, 8-bit/color RGBA, non-interlaced\012- data
Size
700 kB (700393 bytes)
Hash
b549345b06a3378b424bce8294a9c55a
08f28d1a995e6f49e858ede0faa3d40916a93794
1831a9e2c563c23176b483941190fb332c2f04070778e17755b6b46405cdba10

HTTP Headers

GET /images/pyme.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Jun 2022 15:47:50 GMT
accept-ranges: bytes
content-length: 700393
content-type: image/png
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/webfonts/fa-brands-400.woff2

207.210.229.91

200 OK

75 kB

URL HTTP/2
blu-ig.com/webfonts/fa-brands-400.woff2
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
Web Open Font Format (Version 2), TrueType, length 74760, version 330.15728\012- data
Size
75 kB (74760 bytes)
Hash
4f786efdf6328877ec2448bf265bcc8f
9465c5894ca2f93655fa5767b820b762aff6b518
fe85646af222500a866fd63beedb6ae00576c4afab4e0d28b15d9d6d92cb7da5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webfonts/fa-brands-400.woff2 HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://blu-ig.com/css/all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jul 2019 14:54:00 GMT
accept-ranges: bytes
content-length: 74760
content-type: font/woff2
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/webfonts/fa-solid-900.woff2

207.210.229.91

200 OK

75 kB

URL HTTP/2
blu-ig.com/webfonts/fa-solid-900.woff2
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
Web Open Font Format (Version 2), TrueType, length 75392, version 330.15728\012- data
Size
75 kB (75392 bytes)
Hash
60ce8cf4dd9fe177abdfeda21e20798e
d378644ff0f7549fa6f217a08dfd2566a770638e
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webfonts/fa-solid-900.woff2 HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://blu-ig.com/css/all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jul 2019 14:54:00 GMT
accept-ranges: bytes
content-length: 75392
content-type: font/woff2
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:23:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:23:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:23:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:23:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 80444
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7728 bytes)
Hash
027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 80441
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 81479
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 81057
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 81584
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 81064
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

blu-ig.com/images/iconB.png

207.210.229.91

200 OK

7.3 kB

URL HTTP/2
blu-ig.com/images/iconB.png
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type
PNG image data, 276 x 301, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7314 bytes)
Hash
ea883bd71111f0ed0b1b7b9b365cc189
473cc86175d1b21fbaae1814162bf6e76fc8cc1f
7e58da83b3cd799c3dbedc998e70d38f4d4963d777ce780318095d803a6d5925

HTTP Headers

GET /images/iconB.png HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 20:00:56 GMT
accept-ranges: bytes
content-length: 7314
content-type: image/png
date: Mon, 05 Dec 2022 20:23:45 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11253 bytes)
Hash
557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 80809
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

blu-ig.com/js/jquery.fancybox.min.js

207.210.229.91

200 OK

0 B

URL HTTP/2
blu-ig.com/js/jquery.fancybox.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.fancybox.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jul 2019 20:34:00 GMT
accept-ranges: bytes
content-length: 68277
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/banner1-3.jpg

207.210.229.91

200 OK

0 B

URL HTTP/2
blu-ig.com/images/banner1-3.jpg
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/banner1-3.jpg HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Aug 2021 17:12:12 GMT
accept-ranges: bytes
content-length: 234569
content-type: image/jpeg
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/css/style.css

207.210.229.91

200 OK

0 B

URL HTTP/2
blu-ig.com/css/style.css
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/style.css HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 17:10:34 GMT
accept-ranges: bytes
content-length: 136982
content-type: text/css
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/images/banner1-1.jpg

207.210.229.91

200 OK

0 B

URL HTTP/2
blu-ig.com/images/banner1-1.jpg
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/banner1-1.jpg HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Aug 2021 17:12:12 GMT
accept-ranges: bytes
content-length: 144031
content-type: image/jpeg
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

blu-ig.com/js/owl.carousel.min.js

207.210.229.91

200 OK

0 B

URL HTTP/2
blu-ig.com/js/owl.carousel.min.js
IP
207.210.229.91:0
ASN
#36024 AS-TIERP-36024

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/owl.carousel.min.js HTTP/1.1
Host: blu-ig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blu-ig.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000
x-xss-protection: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Oct 2019 20:10:00 GMT
accept-ranges: bytes
content-length: 44352
content-type: application/javascript
date: Mon, 05 Dec 2022 20:23:44 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations