urlscan.io logo urlscan.io
SecurityTrails logo

www.gobluefire.com Open in urlscan Pro
34.237.254.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.halosecure.net/
Effective URL: https://www.gobluefire.com/
Submission: On October 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 46 HTTP transactions. The main IP is 34.237.254.19, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.gobluefire.com.
TLS certificate: Issued by R3 on September 3rd 2021. Valid for: 3 months.
This is the only time www.gobluefire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.68.182.72 16509 (AMAZON-02)
1 1 34.213.106.51 16509 (AMAZON-02)
25 34.237.254.19 14618 (AMAZON-AES)
1 151.139.242.29 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.37 16509 (AMAZON-02)
2 65.52.54.98 8075 (MICROSOFT...)
1 52.222.236.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.84 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 63.34.251.77 16509 (AMAZON-02)
1 18.66.112.79 16509 (AMAZON-02)
46 17
1    54.68.182.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-182-72.us-west-2.compute.amazonaws.com
www.halosecure.net
1    34.213.106.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-106-51.us-west-2.compute.amazonaws.com
halopays.com
25    34.237.254.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-254-19.compute-1.amazonaws.com
www.gobluefire.com
1    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
images.dmca.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
2    65.52.54.98 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
analytics.clickdimensions.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    63.34.251.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-251-77.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
vc.hotjar.io
Domain Requested by
25 www.gobluefire.com www.gobluefire.com
4 fonts.gstatic.com fonts.googleapis.com
2 analytics.clickdimensions.com www.googletagmanager.com
analytics.clickdimensions.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com www.gobluefire.com
ajax.googleapis.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 www.google.de www.gobluefire.com
1 www.google.com www.gobluefire.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com www.gobluefire.com
1 ajax.googleapis.com www.gobluefire.com
1 images.dmca.com www.gobluefire.com
1 halopays.com 1 redirects
1 www.halosecure.net 1 redirects
46 18
Subject Issuer Validity Valid
www.gobluefire.com
R3		 2021-09-03 -
2021-12-02		 3 months crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2020-03-13 -
2022-04-04		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.clickdimensions.com
Go Daddy Secure Certificate Authority - G2		 2020-12-10 -
2022-01-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.gobluefire.com/
Frame ID: 1254BE1221C82282DAE532289E955EFB
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: C267558CB0F4AF63E547BAEF8E1C3F01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BlueFire

Page URL History Show full URLs

  1. https://www.halosecure.net/ HTTP 301
    https://halopays.com/ HTTP 301
    https://www.gobluefire.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

46
Requests

100 %
HTTPS

44 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

9700 kB
Transfer

11245 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.halosecure.net/ HTTP 301
    https://halopays.com/ HTTP 301
    https://www.gobluefire.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gobluefire.com/
Redirect Chain
  • https://www.halosecure.net/
  • https://halopays.com/
  • https://www.gobluefire.com/
73 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx / WP Engine
Resource Hash
aa0ddfae963ee87f9ddc8010382746777cbeb776e08f795887e54c0440300185

Request headers

:method
GET
:authority
www.gobluefire.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 11 Oct 2021 10:56:06 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://www.gobluefire.com/wp-json/>; rel="https://api.w.org/" <https://www.gobluefire.com/wp-json/wp/v2/pages/427>; rel="alternate"; type="application/json" <https://www.gobluefire.com/>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-cache-group
normal
content-encoding
br

Redirect headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-type
text/html
content-length
143
location
https://www.gobluefire.com/
er-request-id
276634c1cbed658b4f038c758f2bac0c
pragma
no-cache
cache-control
no-store, max-age=0
x-content-type-options
nosniff
er-rule-id
r-62117b25-a52d-495b-b5d4-23255dbafda5
content-encoding
gzip
server
EasyRedir
style.min.css
www.gobluefire.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
946f41245d8ecc8d8fa6763c672ccfca.css
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		353 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/946f41245d8ecc8d8fa6763c672ccfca.css
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5d39687a5c2ffcb7e79f600627b714a1bbf7a4431c4f1316a6289466636446bd

Request headers

:path
/wp-content/uploads/hummingbird-assets/946f41245d8ecc8d8fa6763c672ccfca.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:33:34 GMT
server
nginx
etag
W/"61535ffe-584ee"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
4c5080d3fbf03edeeb2a4766b7e7ada9.css
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/4c5080d3fbf03edeeb2a4766b7e7ada9.css
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
454b4a95c8659da8df74b2bb5a9e7af154f56f502f26b33cab0647f9b5e8a9e9

Request headers

:path
/wp-content/uploads/hummingbird-assets/4c5080d3fbf03edeeb2a4766b7e7ada9.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:33:35 GMT
server
nginx
etag
W/"61535fff-71a7"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
2c8516898dd2efe80412160ee1069a11.css
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		181 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/2c8516898dd2efe80412160ee1069a11.css
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
03d3e43c1061b736cbf19e8252d66a1355f3d929afe773ad459f12cfe883370a

Request headers

:path
/wp-content/uploads/hummingbird-assets/2c8516898dd2efe80412160ee1069a11.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Sun, 10 Oct 2021 23:15:35 GMT
server
nginx
etag
W/"61637417-2d537"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
81385564d3331a46299c2dd196e6be8b.js
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/81385564d3331a46299c2dd196e6be8b.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0d8fce81d557aec4a2db5cb4391e6c38c6103d863f50ec2dc866f9bef2d3cf59

Request headers

:path
/wp-content/uploads/hummingbird-assets/81385564d3331a46299c2dd196e6be8b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:33:38 GMT
server
nginx
etag
W/"61536002-189b4"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
384faab351e210d5d8a2f752915707e9.js
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		894 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/384faab351e210d5d8a2f752915707e9.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3345671b9932dd2525427a35c1d4769366d5125102649ab153cad67f76fb40f1

Request headers

:path
/wp-content/uploads/hummingbird-assets/384faab351e210d5d8a2f752915707e9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:34:43 GMT
server
nginx
etag
W/"61536043-37e"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b181f16d28d51:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Wed, 10 Nov 2021 10:55:24 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 08:57:22 GMT
server
ESF
date
Mon, 11 Oct 2021 10:56:06 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 11 Oct 2021 10:56:06 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.3/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 18:52:27 GMT
x-content-type-options
nosniff
age
403420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17380
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 06 Oct 2022 18:52:27 GMT
wp-emoji-release.min.js
www.gobluefire.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
7e9e34f9eb7c029d160390f97c58682f.js
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/7e9e34f9eb7c029d160390f97c58682f.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cc3f7d838f7b881a4ab4667862d857cb429334cbad185b9754b4cab8f901ef4c

Request headers

:path
/wp-content/uploads/hummingbird-assets/7e9e34f9eb7c029d160390f97c58682f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:34:47 GMT
server
nginx
etag
W/"61536047-25157"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
comment-reply.min.js
www.gobluefire.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
etag
W/"60539267-ba8"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
da39eb77753872983028ff27ae32a99d.js
www.gobluefire.com/wp-content/uploads/hummingbird-assets/ 		606 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/da39eb77753872983028ff27ae32a99d.js
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c92c2dd21c907c551e8e7676842f4474ed2434cfe883c48f291c65e8ffad1385

Request headers

:path
/wp-content/uploads/hummingbird-assets/da39eb77753872983028ff27ae32a99d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:06 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 18:34:48 GMT
server
nginx
etag
W/"61536048-97777"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		157 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MP6VBC7
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e04e5d48bbddcf3156e7d771d051216fb8f528eff20eceaa01828326ba9e8dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59016
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Oct 2021 10:56:07 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
smartphone_section_bg.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/smartphone_section_bg.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e075b13ca3f45631f9ec4ccd6dc5c52b46376119130ead5bd327dc30b3deaf08

Request headers

:path
/wp-content/uploads/2015/10/smartphone_section_bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:42 GMT
server
nginx
etag
"5e7db2e6-668a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
26250
light_gradient_violet_bg.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/light_gradient_violet_bg.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
179f200abb608f74d269eec36d4506913906d0fde4b10e4fd3e528f44ec836be

Request headers

:path
/wp-content/uploads/2015/10/light_gradient_violet_bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:41 GMT
server
nginx
etag
"5e7db2e5-8232"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
33330
light_gradient_bg.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/light_gradient_bg.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a2083ee1f408bff3594bcbe231a2a3044c977d31fbb9ad97bb45d5c609259fb3

Request headers

:path
/wp-content/uploads/2015/10/light_gradient_bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:41 GMT
server
nginx
etag
"5e7db2e5-51eb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20971
light_gradient_bands_bg.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/light_gradient_bands_bg.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f3012a16a078ca4ffb9b7b4f011fba1f17ed20908f161ca1c46edf455e1c4d3a

Request headers

:path
/wp-content/uploads/2015/10/light_gradient_bands_bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:41 GMT
server
nginx
etag
"5e7db2e5-7dc8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
32200
cheddar_jack-webfont.woff
www.gobluefire.com/wp-content/uploads/2016/06/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/uploads/2016/06/cheddar_jack-webfont.woff
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/2c8516898dd2efe80412160ee1069a11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a5dd9a275d82e4ad0e44dda244dabeefcf9a22c14240bf59e22e64ef7350336b

Request headers

:path
/wp-content/uploads/2016/06/cheddar_jack-webfont.woff
pragma
no-cache
origin
https://www.gobluefire.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/2c8516898dd2efe80412160ee1069a11.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/2c8516898dd2efe80412160ee1069a11.css
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:23 GMT
server
nginx
etag
"5e7db2d3-7cc4"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31940
fontawesome-webfont.woff2
www.gobluefire.com/wp-content/themes/Avada/assets/fonts/fontawesome/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/themes/Avada/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/4c5080d3fbf03edeeb2a4766b7e7ada9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path
/wp-content/themes/Avada/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
origin
https://www.gobluefire.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/4c5080d3fbf03edeeb2a4766b7e7ada9.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/4c5080d3fbf03edeeb2a4766b7e7ada9.css
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:30 GMT
server
nginx
etag
"5e7db2da-118d8"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
71896
icomoon.woff
www.gobluefire.com/wp-content/themes/Avada/assets/fonts/icomoon/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gobluefire.com/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.woff
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/946f41245d8ecc8d8fa6763c672ccfca.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0d1e57117fc0a2608e025f3cc20b24f1af0e8e023d6177f7b09dc0f156717ef2

Request headers

:path
/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.woff
pragma
no-cache
origin
https://www.gobluefire.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/946f41245d8ecc8d8fa6763c672ccfca.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gobluefire.com/wp-content/uploads/hummingbird-assets/946f41245d8ecc8d8fa6763c672ccfca.css
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:30 GMT
server
nginx
etag
"5e7db2da-30cc"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12492
css
fonts.googleapis.com/ 		8 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,300,900%7CUbuntu:300italic&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f1ae2fc5cc96382e02afa8db8126b959d21e65089d259b4d5c8d06e8d85d49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 10:56:07 GMT
server
ESF
date
Mon, 11 Oct 2021 10:56:07 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 11 Oct 2021 10:56:07 GMT
bluefire-logo-sm-1.png
www.gobluefire.com/wp-content/uploads/2016/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2016/04/bluefire-logo-sm-1.png
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1fe86af42cc712f22d4072afbeed27218c9cff3f4c9f2e925f4cb394fe65e3a

Request headers

:path
/wp-content/uploads/2016/04/bluefire-logo-sm-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:24 GMT
server
nginx
etag
"5e7db2d4-10db"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4315
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,300,900%7CUbuntu:300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:08:57 GMT
x-content-type-options
nosniff
age
524830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 09:08:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,300,900%7CUbuntu:300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 04:26:59 GMT
x-content-type-options
nosniff
age
23348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 04:26:59 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,300,900%7CUbuntu:300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ba0f48573cc9e7e9c073582fa327ed9682680e5e00a667c138881cc5709739d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 17:35:38 GMT
x-content-type-options
nosniff
age
62429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15324
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Oct 2022 17:35:38 GMT
4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:600,300,900%7CUbuntu:300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83464c090d730c4caa01efe2f196b176d7764c80e9a56e3d7ff29745fb8b39f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gobluefire.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 17:36:05 GMT
x-content-type-options
nosniff
age
62402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37548
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:15 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Oct 2022 17:36:05 GMT
lightstock_1251_full_eric_bigoness.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/lightstock_1251_full_eric_bigoness.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
942dfd5ba6275aba97eb2309d7658227dcdb3d8945fcdde29ec3384116444b7e

Request headers

:path
/wp-content/uploads/2015/10/lightstock_1251_full_eric_bigoness.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:42 GMT
server
nginx
etag
"5e7db2e6-651279"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6623865
computer-1.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/computer-1.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
327974aadfcbe04584d1239de36e5322a1925816696a97c47e61b2d7420f338e

Request headers

:path
/wp-content/uploads/2015/10/computer-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:29 GMT
server
nginx
etag
"5e7db2d9-1e523"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
124195
smartphone-1.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/smartphone-1.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fadc82026e27353a58b791bb2a2cc1e45fdc5601396bd95ea7742cc1929d2e8f

Request headers

:path
/wp-content/uploads/2015/10/smartphone-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:42 GMT
server
nginx
etag
"5e7db2e6-2aa38"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
174648
eating.jpg
www.gobluefire.com/wp-content/uploads/2015/10/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/eating.jpg
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe7a68985d4d9e2be4275238c498d17360eb1dee4f149860aba60f3bfdca58d0

Request headers

:path
/wp-content/uploads/2015/10/eating.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:35 GMT
server
nginx
etag
"5e7db2df-3a18c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
237964
stats.png
www.gobluefire.com/wp-content/uploads/2015/10/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2015/10/stats.png
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7ed21ab2f92f3a52952c2ff9235358755232703920a44ec972a65659fe63fbeb

Request headers

:path
/wp-content/uploads/2015/10/stats.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
last-modified
Fri, 27 Mar 2020 08:01:43 GMT
server
nginx
etag
"5e7db2e7-5dbc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23996
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP6VBC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3301
date
Mon, 11 Oct 2021 10:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 11 Oct 2021 12:01:06 GMT
hotjar-786494.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-786494.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP6VBC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
22cc97d303bc5a09f4786297f667807224682822cfd97ef4e0b46e3716b74858
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/a218a4784f59d7cec81bc71c126f7a09
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1945
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id
6MG-Zqj-0CPE9tzKmFO8ZrT3AXp5ZyXpFQhdbGt9-E6TnBpVa3cVJQ==
ts.js
analytics.clickdimensions.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.clickdimensions.com/ts.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP6VBC7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.54.98 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c3b0a1a1d408302cec37984cb6d8427d2da451a9f0d28095deb411555f945e98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 08:18:28 GMT
server
Microsoft-IIS/10.0
etag
"02236c5f7a2d71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
16634
expires
-1
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=235888947&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gobluefire.com%2F&ul=en-us&de=UTF-8&dt=BlueFire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=58252871&gjid=1226780552&cid=926640902.1633949767&tid=UA-96802628-1&_gid=552716996.1633949767&_r=1&gtm=2wga60MP6VBC7&z=942088704
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gobluefire.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Oct 2021 10:56:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gobluefire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.e95f6e2deb67f1b24d8e.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-786494.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1132142
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59787
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 08:26:22 GMT
etag
"4c2c45df8457d0c2a07b3285a23cd7a4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 34fdfb7c7c11559df7e622af2b62f5cb.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
cLS04MEF5v13JYEYCr5PlbLTvV6cElgulwltrpxwmSPZnGVWRcz2Dg==
collect
stats.g.doubleclick.net/j/ 		4 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-96802628-1&cid=926640902.1633949767&jid=58252871&gjid=1226780552&_gid=552716996.1633949767&_u=YEBAAAAAAAAAAC~&z=279833013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gobluefire.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Oct 2021 10:56:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.gobluefire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame C267 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-786494.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gobluefire.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
jAx8MPGeYqdZewoLT_VLHjTU76d6OU7sg2gs0BnU7iWxoNKy-qycrg==
age
7163462
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-96802628-1&cid=926640902.1633949767&jid=58252871&_u=YEBAAAAAAAAAAC~&z=1070974156
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Oct 2021 10:56:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-96802628-1&cid=926640902.1633949767&jid=58252871&_u=YEBAAAAAAAAAAC~&z=1070974156
Requested by
Host: www.gobluefire.com
URL: https://www.gobluefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Oct 2021 10:56:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/786494/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/786494/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.251.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-251-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://www.gobluefire.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
786494
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/786494?s=0.25&r=0.18008035792562715
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:07 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
iRYvMQR5qOEMysXb93w8sYURnMTH7gTxWmM5t1-v98OtfXcYTl2r3Q==
tsr.js
analytics.clickdimensions.com/ 		8 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.clickdimensions.com/tsr.js?ac=a4tn1wIWai0Wch5TuqyS7E&urk=1633949767785&cm=&s=1633949767785&v=&lc=English&pt=BlueFire&dn=gobluefire.com&dnk=&pk=&hn=www.gobluefire.com&uri=https%3A%2F%2Fwww.gobluefire.com%2F&r=&t=PAGE&b=CHROME&os=LINUX&fv=&ar=false&pr=false&sc=0&sv=5.0.0&qd=&dt=1633949767785&pvon=
Requested by
Host: analytics.clickdimensions.com
URL: https://analytics.clickdimensions.com/ts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.52.54.98 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebe41801037df7a354b168593f4545e58fd4a15dc7c2252cf5c0e7f5a799c048

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Oct 2021 10:56:07 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type, Accept, g-recaptcha-response
content-length
127
expires
-1
Admin_Forms.gif
www.gobluefire.com/wp-content/uploads/2017/09/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gobluefire.com/wp-content/uploads/2017/09/Admin_Forms.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.237.254.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-254-19.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6c60769f40b03786b7466c51951a3f368d3c685ded11aad1d0bad0675558a8d1

Request headers

:path
/wp-content/uploads/2017/09/Admin_Forms.gif
pragma
no-cache
cookie
_ga=GA1.2.926640902.1633949767; _gid=GA1.2.552716996.1633949767; _gat_UA-96802628-1=1; _hjid=52460054-d0a9-4316-bdcc-b0b9376c5ff9; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; cusid=1633949767785; cuvon=1633949767785; cusid=1633949767785
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gobluefire.com
referer
https://www.gobluefire.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gobluefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:56:09 GMT
last-modified
Fri, 27 Mar 2020 08:01:23 GMT
server
nginx
etag
"5e7db2d3-1c72e7"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1864423

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| WebFontConfig string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer_content object| doc object| mbforms_script_vars object| regeneratorRuntime object| __core-js_shared__ object| core object| addComment object| toTopscreenReaderText object| js_local_vars object| webfont object| WebFont function| wrap_gravity_selects function| calc_select_arrow_dimensions function| recursive_gform_submission_handler function| avadaAddWoocommerceQuantityBoxes function| fusionResizeCrossfadeImages function| fusion_resize_crossfade_images_container function| fusion_calc_woocommerce_tabs_layout function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| fusion_side_header_scroll function| add_styles_for_old_ie_versions function| get_adminbar_height function| get_sticky_header_height function| get_waypoint_top_offset function| get_waypoint_offset function| insertParam function| register_youtube_players function| load_youtube_iframe_api function| onYouTubePlayerAPIReady function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers object| cssua function| Froogaloop object| $avada_lightbox object| $il_instances object| _fusionImageParallaxImages number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| $youtubeBGVideos function| generate_carousel function| fusion_reanimate_slider function| fusion_calculate_responsive_type_values function| YT_ready undefined| orig_logo_height string| orig_logo_container_margin_top string| orig_logo_container_margin_bottom undefined| orig_menu_height number| wrapper_position boolean| is_parallax_tfs_slider undefined| $hash function| $f function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| NiceScroll object| Modernizr object| browserPrefixes boolean| $bottom boolean| $top number| $last_window_position number| $last_window_height object| lazySizes object| wp function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings string| cdJsHost object| twemoji object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| clickdimensions string| CD_LANDING_PAGE string| CD_FORM string| CD_SURVEY string| CD_FILE string| CD_EMAIL string| CD_PAGE string| CD_LINK object| cdAnalytics number| $header_parent_height number| $header_height number| $scrolled_header_height object| $sticky_trigger number| $sticky_trigger_position number| $wp_adminbar_height number| $woo_store_notice number| $sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height string| $container boolean| page_smoothHeight boolean| flex_smoothHeight

10 Cookies

Domain/Path Name / Value
.gobluefire.com/ Name: _ga
Value: GA1.2.926640902.1633949767
.gobluefire.com/ Name: _gid
Value: GA1.2.552716996.1633949767
.gobluefire.com/ Name: _gat_UA-96802628-1
Value: 1
.gobluefire.com/ Name: _hjid
Value: 52460054-d0a9-4316-bdcc-b0b9376c5ff9
.gobluefire.com/ Name: _hjFirstSeen
Value: 1
www.gobluefire.com/ Name: _hjIncludedInPageviewSample
Value: 1
.gobluefire.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.www.gobluefire.com/ Name: cusid
Value: 1633949767785
.gobluefire.com/ Name: cuvon
Value: 1633949767785
.gobluefire.com/ Name: cusid
Value: 1633949767785

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.clickdimensions.com
fonts.googleapis.com
fonts.gstatic.com
halopays.com
images.dmca.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.gobluefire.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.halosecure.net
151.139.242.29
18.66.112.79
18.66.139.84
18.66.97.37
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c02::9b
34.213.106.51
34.237.254.19
52.222.236.122
54.68.182.72
63.34.251.77
65.52.54.98
03d3e43c1061b736cbf19e8252d66a1355f3d929afe773ad459f12cfe883370a
0d1e57117fc0a2608e025f3cc20b24f1af0e8e023d6177f7b09dc0f156717ef2
0d8fce81d557aec4a2db5cb4391e6c38c6103d863f50ec2dc866f9bef2d3cf59
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
179f200abb608f74d269eec36d4506913906d0fde4b10e4fd3e528f44ec836be
22cc97d303bc5a09f4786297f667807224682822cfd97ef4e0b46e3716b74858
2f1ae2fc5cc96382e02afa8db8126b959d21e65089d259b4d5c8d06e8d85d49c
327974aadfcbe04584d1239de36e5322a1925816696a97c47e61b2d7420f338e
3345671b9932dd2525427a35c1d4769366d5125102649ab153cad67f76fb40f1
357abb4b6b6c077e1285a2c8b2d2e03c268a0ef223062782d094728b85cd2f6c
36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
454b4a95c8659da8df74b2bb5a9e7af154f56f502f26b33cab0647f9b5e8a9e9
4ba0f48573cc9e7e9c073582fa327ed9682680e5e00a667c138881cc5709739d
5d39687a5c2ffcb7e79f600627b714a1bbf7a4431c4f1316a6289466636446bd
6c60769f40b03786b7466c51951a3f368d3c685ded11aad1d0bad0675558a8d1
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ed21ab2f92f3a52952c2ff9235358755232703920a44ec972a65659fe63fbeb
83464c090d730c4caa01efe2f196b176d7764c80e9a56e3d7ff29745fb8b39f5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
942dfd5ba6275aba97eb2309d7658227dcdb3d8945fcdde29ec3384116444b7e
a2083ee1f408bff3594bcbe231a2a3044c977d31fbb9ad97bb45d5c609259fb3
a5dd9a275d82e4ad0e44dda244dabeefcf9a22c14240bf59e22e64ef7350336b
aa0ddfae963ee87f9ddc8010382746777cbeb776e08f795887e54c0440300185
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
b1fe86af42cc712f22d4072afbeed27218c9cff3f4c9f2e925f4cb394fe65e3a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3b0a1a1d408302cec37984cb6d8427d2da451a9f0d28095deb411555f945e98
c92c2dd21c907c551e8e7676842f4474ed2434cfe883c48f291c65e8ffad1385
cc3f7d838f7b881a4ab4667862d857cb429334cbad185b9754b4cab8f901ef4c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e04e5d48bbddcf3156e7d771d051216fb8f528eff20eceaa01828326ba9e8dbf
e075b13ca3f45631f9ec4ccd6dc5c52b46376119130ead5bd327dc30b3deaf08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ebe41801037df7a354b168593f4545e58fd4a15dc7c2252cf5c0e7f5a799c048
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f3012a16a078ca4ffb9b7b4f011fba1f17ed20908f161ca1c46edf455e1c4d3a
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
fadc82026e27353a58b791bb2a2cc1e45fdc5601396bd95ea7742cc1929d2e8f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe7a68985d4d9e2be4275238c498d17360eb1dee4f149860aba60f3bfdca58d0