www.bluelight.org Open in urlscan Pro
104.21.90.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bluelight.org/
Effective URL:
https://www.bluelight.org/xf/
Submission: On October 13 via manual (October 13th 2021, 7:15:23 am UTC) from DE — Scanned from DE

Summary HTTP 32 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 32 HTTP transactions. The main IP is 104.21.90.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bluelight.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time www.bluelight.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	104.21.90.209 104.21.90.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	172.67.161.103 172.67.161.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
3	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
32	5

4 104.21.90.209 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

bluelight.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bluelight.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.161.103 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bluelight.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	bluelight.org 4 redirects bluelight.org www.bluelight.org	1 MB
3	google-analytics.com www.google-analytics.com	20 KB
2	youtube.com www.youtube.com	48 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
32	4

	Domain	Requested by
28	www.bluelight.org	2 redirects www.bluelight.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.bluelight.org www.youtube.com
2	bluelight.org	2 redirects
1	www.googletagmanager.com	www.bluelight.org
32	5

This site contains links to these domains. Also see Links.

Domain
store.maps.org
xenforo.com
www.dragonbyte-tech.com
www.themehouse.com
8wayrun.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bluelight.org/xf/
Frame ID: 97127017AE3160D04523AA924CC7E0EB
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bluelight.org | Bluelight.org

Page URL History Show full URLs

http://bluelight.org/ HTTP 301
https://bluelight.org/ HTTP 301
http://www.bluelight.org/xf HTTP 301
https://www.bluelight.org/xf HTTP 301
https://www.bluelight.org/xf/ Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1417 kB
Transfer

2362 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://store.maps.org/np/clients/maps/donation.jsp?campaign=15
Title: Donations (via MAPS)

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Forum software by XenForo® © 2010-2020 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://www.dragonbyte-tech.com/store/categories/xenforo.5/?utm_source=bluelight.org&utm_campaign=site&utm_medium=footer&utm_content=footer
Title: XenForo add-ons from DragonByte™

Search URL Search Domain Scan URL

URL: https://www.dragonbyte-tech.com/?utm_source=bluelight.org&utm_campaign=site&utm_medium=footer&utm_content=footer
Title: DragonByte Technologies Ltd.

Search URL Search Domain Scan URL

URL: https://www.dragonbyte-tech.com/store/details/?products=345&utm_source=bluelight.org&utm_campaign=product&utm_medium=footer&utm_content=footer
Title: Details

Search URL Search Domain Scan URL

URL: https://www.themehouse.com/?utm_source=www.bluelight.org&utm_medium=xf2product&utm_campaign=product_branding
Title: Add-ons by ThemeHouse

Search URL Search Domain Scan URL

URL: https://xenforo.com/community/resources/6023/
Title: XenPorta 2 PRO

Search URL Search Domain Scan URL

URL: https://8wayrun.com/
Title: 8WAYRUN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bluelight.org/ HTTP 301
https://bluelight.org/ HTTP 301
http://www.bluelight.org/xf HTTP 301
https://www.bluelight.org/xf HTTP 301
https://www.bluelight.org/xf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bluelight.org/xf/
Redirect Chain

http://bluelight.org/
https://bluelight.org/
http://www.bluelight.org/xf
https://www.bluelight.org/xf
https://www.bluelight.org/xf/

70 KB
17 KB

164ms
164ms

Document
text/html

104.21.90.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluelight.org/xf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.90.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b7d7f664f8663ca2f5e7c336e4c73cc4da446178b42a0cc33d8e5aed492e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bluelight.org
:scheme: https
:path: /xf/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 13 Oct 2021 07:15:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 07:11:24 GMT
expires: Wed, 13 Oct 2021 07:16:24 GMT
cache-control: private, no-cache, max-age=0
x-xf-cache-status: HIT
vary: Accept-Encoding
set-cookie: xf_csrf=WKyX9CNoafAQ72zR; path=/; secure
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrUt2F0762UTaMFGp2m5j2W2euC%2Fy0S6wimyOJ%2Bo6r4GNY8%2Bb4TzQAFNYIyna9%2FyEZSR6Y9J%2F%2F2Wklfks5z4ljM8jL9yRa%2F4lMHA6yXwIXkvNMvbhsrSHC3jFARP%2FCCU6mr0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d6c6a44aa127c0-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 13 Oct 2021 07:15:17 GMT
content-type: text/html; charset=iso-8859-1
content-length: 237
location: https://www.bluelight.org/xf/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXSP0gutZMlILo2K%2Bf6LnSEUe3jTFTwcY%2BgAdMCDRzwg6SA%2BUtzFJTsTZbK9UXSFgq%2B8z%2BOz2DZ8gdVXrFzwCrito3odSynOPskrtL3vMaYBMDchwsfYtTv0gII07PhWxuFqjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d6c6a37a6027c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 fa-regular-400.woff2
www.bluelight.org/xf/styles/fonts/fa/ 169 KB
170 KB 58ms
58ms Font
application/octet-stream 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/styles/fonts/fa/fa-regular-400.woff2?_v=5.14.0
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Request headers

sec-fetch-mode: cors
origin: https://www.bluelight.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: xf_csrf=WKyX9CNoafAQ72zR
:path: /xf/styles/fonts/fa/fa-regular-400.woff2?_v=5.14.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bluelight.org/xf/
Origin: https://www.bluelight.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:35 GMT
server: cloudflare
age: 907
etag: "2a4a4-5b457cbaf43f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYg3nRM%2BjKvUAXMZW%2BK44sPvj%2FZaJy%2B7q%2Fv3PAb5oikUNIRs7GioVkN6VRUVEdU11wUbjkSgbh0zYHQ2VYveeOXw7g3oROjTD62ZY1m%2BZ8s9Nz0aw2YBptDlQ94810HnoZX5HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69d6c6a57fa14108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 173220

GET
H3 200 fa-solid-900.woff2
www.bluelight.org/xf/styles/fonts/fa/ 137 KB
138 KB 33ms
33ms Font
application/octet-stream 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/styles/fonts/fa/fa-solid-900.woff2?_v=5.14.0
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

sec-fetch-mode: cors
origin: https://www.bluelight.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: xf_csrf=WKyX9CNoafAQ72zR
:path: /xf/styles/fonts/fa/fa-solid-900.woff2?_v=5.14.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bluelight.org/xf/
Origin: https://www.bluelight.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:17 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:36 GMT
server: cloudflare
age: 907
etag: "225a0-5b457cbafd092"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MevmvSJbtAISTd6QVJ1yexXGOFuRPlFg43mMnAW%2FRZQHEitOt9f5mFjxepHi%2B1EWJIPm6XpSpUbSqRPIkDykCMTqzL7OHbiS6ra8DLzjb9T6C0eHQT4Co3LZIXTekEFgdk%2FWMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69d6c6a57fa24108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 140704

GET
H3 200 fa-brands-400.woff2
www.bluelight.org/xf/styles/fonts/fa/ 76 KB
76 KB 19ms
19ms Font
application/octet-stream 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/styles/fonts/fa/fa-brands-400.woff2?_v=5.14.0
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

sec-fetch-mode: cors
origin: https://www.bluelight.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: xf_csrf=WKyX9CNoafAQ72zR
:path: /xf/styles/fonts/fa/fa-brands-400.woff2?_v=5.14.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bluelight.org/xf/
Origin: https://www.bluelight.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:17 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:35 GMT
server: cloudflare
age: 907
etag: "12e40-5b457cbadadb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmjtAklMLdOlnNbQx%2FWAwEyQdFHNZdMoaYwokhOxqZ1AEcc0wLAxrN5KVVlUc8EGLp7gnmNYFOp0UA%2FxVQw7UqbQacCsjKJwzqNamR5pQm%2BDeeYT0v%2BGDQPDjwHESexmfhc4DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69d6c6a57fa34108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77376

GET
H3 200 css.php
www.bluelight.org/xf/ 389 KB
64 KB 222ms
222ms Stylesheet
text/css 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluelight.org/xf/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1632924567&k=066ac51be34c480f2be99e7776893850ad8517dc

Requested by

Host: www.bluelight.org
URL: https://www.bluelight.org/xf/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a4dfb8c74f4903bcc6d37e3ee4d8a0a4389a1b826292e912efe9fb223ed32a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /xf/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=4&l=1&d=1632924567&k=066ac51be34c480f2be99e7776893850ad8517dc
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Sep 2021 14:09:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuowE8y%2F3aKshZ%2B9hmJFsWuF10vwJJczYdUU0NvYGQVvLoRCZy8N7%2FwwxakZJ0E6K9JaNyZchtAYghoZq7RScTZ6%2FVSFu%2BfFUshJ5D9VSqpbbYDPzmw7M8TapiUiwifSB0WVBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a57fa44108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 13 Oct 2022 07:15:18 GMT

GET
H3 200 css.php
www.bluelight.org/xf/ 49 KB
9 KB 234ms
233ms Stylesheet
text/css 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluelight.org/xf/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_EWRporta_features.less%2Cpublic%3Aextra.less&s=4&l=1&d=1632924567&k=01dbfd36881d8d5cccd8f52db744adcf0862d4ab

Requested by

Host: www.bluelight.org
URL: https://www.bluelight.org/xf/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7af13168066f335810b50ecc2cef7356bc3631576a8a9d51b0c9cd341a52ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /xf/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_EWRporta_features.less%2Cpublic%3Aextra.less&s=4&l=1&d=1632924567&k=01dbfd36881d8d5cccd8f52db744adcf0862d4ab
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Sep 2021 14:09:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1yLVZD3lxsaPJIizmTIkSd1aagwgmgZ73Pi8rb7SysD4bSzlP20uaGBRYZ6YVCes9EHuYlqCHuGyi3SD7ti2y3AWA0fFrIwE%2FpQ6muNOotioAy9fV8liiwdahrJhvHQ%2BlKqvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a57fa54108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 13 Oct 2022 07:15:18 GMT

GET
H3 200 preamble.min.js Show response
www.bluelight.org/xf/js/xf/ 3 KB
2 KB 84ms
84ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/xf/preamble.min.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823

Request headers

:path: /xf/js/xf/preamble.min.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:21 GMT
server: cloudflare
age: 4309
etag: W/"c4a-5b457cad8ea1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsxpUoBfZPOKLf65ov2%2BsfbIi5pceBevCtNjhTHbjJJQl%2FIUmTIcEga6OU3ren%2BQXHRVWl%2F2Rc0VUMQL9sWieGEDArvETIlhXw2I01W8BQQybjOh%2FYtGsn070JkLawolqthlRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a57fa64108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 44ms
19ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47884043-1

Requested by

Host: www.bluelight.org
URL: https://www.bluelight.org/xf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

23a37d9a02132cc40ccb21a097c2118e4abe60b0e91bb213242f5b5ffef46109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38587
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 07:15:18 GMT

GET
H3 200 invisible.js Show response
www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/ 39 KB
14 KB 43ms
43ms Script
text/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981c7b279b50f5d23baec3cdb05e390f5694393c63dd72b7a52cfe97b8234b8f

Request headers

:path: /cdn-cgi/challenge-platform/h/b/scripts/invisible.js
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRw9NenkVsshmcn1tfrAmzgaDdVVFDQunhetwv%2FJuj5ijIwFXkBC32IwXqvKYzwP9CGF4pGl90K5UG16yADx%2FcJCVCtjTo6FO5oGp4Ba7Z3LuCcxBXRpfcvTSCDkloxyedwVzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 69d6c6a7585f4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 BlueLight_Logo.png
www.bluelight.org/xf/BL_Images/ 14 KB
14 KB 38ms
37ms Image
image/png 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/BL_Images/BlueLight_Logo.png
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d9e80b8faec8b867f23bc3ce7cc6f1f58867e3a341704f516510db92cd4763

Request headers

:path: /xf/BL_Images/BlueLight_Logo.png
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4309
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14245
last-modified: Fri, 31 May 2019 19:39:25 GMT
server: cloudflare
etag: "37a5-58a342c04d540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8y9DRmVcMDHJdYRVlG%2F%2FycUNUeyc3c72iVH%2FTeTznBVPq0MO56fiNeTwyD%2B4r%2FGSujpnrUd%2FC2f4fMw59jzwylRbTIDhv0KDm7Rg6gu9fZnFHactG0oH0UwgRAjSeltQ1FVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758604108-PRG

GET
H3 200 jquery-3.5.1.min.js Show response
www.bluelight.org/xf/js/vendor/jquery/ 87 KB
32 KB 20ms
20ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/vendor/jquery/jquery-3.5.1.min.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path: /xf/js/vendor/jquery/jquery-3.5.1.min.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:21 GMT
server: cloudflare
age: 4309
etag: W/"15d84-5b457cacdde0b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YShfO8uIfmntoUIgcAarBZ7OE4U4mZMpNE5ulv%2BCG%2BmgOQcLhl%2FqW%2F9KNa2vavPCOjBkJRb9SkZ8G4dOAoDNTKjiNWNz3rmFdXi%2F60z2p%2FcfhB2GHrB7sfY%2F1Jgpua8nCakGbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a6f8344108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 vendor-compiled.js Show response
www.bluelight.org/xf/js/vendor/ 69 KB
22 KB 19ms
19ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/vendor/vendor-compiled.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3

Request headers

:path: /xf/js/vendor/vendor-compiled.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:21 GMT
server: cloudflare
age: 4309
etag: W/"113ab-5b457cace998a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeZ5XPr9as20CwYFn%2BTUif06O6mzQSpIKe5%2BZ9aOMQXgdANTivhZf69wUIMcaF24Utv0rKtwqLNS6SsXIO7jhGmINpLKHD3a7EqeRnUCA7AoCJ2%2Beg807CheMxlNbIILCdnkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a7183a4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 core-compiled.js Show response
www.bluelight.org/xf/js/xf/ 218 KB
63 KB 23ms
23ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/xf/core-compiled.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afe41155bf1fef6148527c69cc082fb95c2520ebcd698092338b18d0c163b37

Request headers

:path: /xf/js/xf/core-compiled.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 01:47:22 GMT
server: cloudflare
age: 4309
etag: W/"36697-5b457cada8ffa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy8PAG7Dn0toflsVHPWCD5k3xDULNM8uS%2FTJB%2BCHE8p%2B7CL4gv3UFQNQ3bFD1ak02csTKfvBaLxFpQ8MVjiQmZthy3qrM5JBH8oOv4Fg9pHUOjuopTRJ1Z1b3kL927SZfr%2BXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a7183d4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 slider.js Show response
www.bluelight.org/xf/js/8wayrun/porta/ 66 KB
16 KB 19ms
19ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/8wayrun/porta/slider.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95eba6b6f49a71db3f7c7e63ddd1efe16fd7c12f69d36afdd0fdd3c0b8ac084d

Request headers

:path: /xf/js/8wayrun/porta/slider.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 02:06:24 GMT
server: cloudflare
age: 4309
etag: W/"109e7-5b4580efa0369-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNntEYVa0m4r%2Fwd%2BMK12sx7y%2F1aYjQZq8GTHgpFOBglqwtipzvyokSF1HCvI1WZuVQrlu0q2SlekUZQdRvxwvPwCuLPwwULLsTBrh26qpTsEJIQ%2BWzXsXKXO%2BBoZ5oiltdQcCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a7585c4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 portal.js Show response
www.bluelight.org/xf/js/8wayrun/porta/ 7 KB
2 KB 38ms
37ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/8wayrun/porta/portal.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b719452e7a240b691564a0e0bb3280195cde4ece957993a3fe28f2250fb914

Request headers

:path: /xf/js/8wayrun/porta/portal.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 02:06:24 GMT
server: cloudflare
age: 4309
etag: W/"1a46-5b4580ef9f3c9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IofrKL4jXfunIuXEJJSV3KM8t5l69I0k1QaQAJe3hNellyqLtkLwW4X%2FzICl%2FgqhDNELIcGwBzgmgDDAiqbKf71fxGX%2Byg4Xbn8naO2mWvnk75fUhmecE4Mw41gNM5HRE3GnYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a7585d4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 notice.min.js Show response
www.bluelight.org/xf/js/xf/ 4 KB
2 KB 17ms
17ms Script
application/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/xf/js/xf/notice.min.js?_v=efd18614
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a

Request headers

:path: /xf/js/xf/notice.min.js?_v=efd18614
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 11:24:10 GMT
server: cloudflare
age: 4309
etag: W/"101d-5858a603aca80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qB7dZOCZciWpFUyQ8uXki80yAJGvk0WkH8h32uu1Wl0CFWwSeiKpVpzSLtXLvvSwYqEf%2BKo8f7LrjMpQdgz6PnNL089C2EbhAqmIMelnu7Ms5gU%2BLemQ5JYTJi1VaQ1IWK7mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69d6c6a7585e4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 903403.jpg
www.bluelight.org/xf/data/features/ 24 KB
25 KB 19ms
18ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/903403.jpg?1623018048
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4b9e1bea97b82199f1367222d3d0674930e0d7a8771a762397b670ac7b889f

Request headers

:path: /xf/data/features/903403.jpg?1623018048
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24818
last-modified: Sun, 06 Jun 2021 22:20:48 GMT
server: cloudflare
etag: "60f2-5c42056412c4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaZ75Rj7tYrizXBB19HvNWU3iH66A%2BdtyGTXuYDqIcTBqoo1aij6Iszg%2FlhjBAoVkaZDnKuFYd%2FPUCy9qKVKyXYEjJlcBJ%2Be5H6hVMtP6LxEGSNVZcUU6xtvgGCg%2FvSeTzXp%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758614108-PRG

GET
H3 200 901932.jpg
www.bluelight.org/xf/data/features/ 101 KB
102 KB 19ms
19ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/901932.jpg?1620748494
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4433bbb69a80dafe9fef2e69c922b7cc3ba5f7db16b5f49619a31b3986259c65

Request headers

:path: /xf/data/features/901932.jpg?1620748494
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 103873
last-modified: Tue, 11 May 2021 15:54:54 GMT
server: cloudflare
etag: "195c1-5c20fea4e9606"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J0pz7T982ucWH2Rlxqn7saFb%2F1NXLGiFddYuSKGjOfpAPTIkECBn3StgSN12vcYFfl27%2F2n8TbgVThhU5BkNskkag4XHbGoBEHZvzUmnPWuvVZYbtEZSzPu%2FxEhx0Ptd7LkPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758644108-PRG

GET
H3 200 892802.jpg
www.bluelight.org/xf/data/features/ 89 KB
90 KB 36ms
35ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/892802.jpg?1605390878
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc52c588c323fa4fdf1b541f8cb37cefc7fc9cd01403911183a8197cda2771e

Request headers

:path: /xf/data/features/892802.jpg?1605390878
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91106
last-modified: Sat, 14 Nov 2020 21:54:38 GMT
server: cloudflare
etag: "163e2-5b4183109b532"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fj18buunajkW67ZKqEgyVG2r822KGSLYOxa2qJVj0MsG%2Bn125s3aXEw72F8YnrQdLYH0PwspKYm6Zm8Bs1YYPBw7U6cOx5rvBnY6kMIp%2B6uc3BTf4PrmEevx8iRbzyrVNjGtqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758654108-PRG

GET
H3 200 893364.jpg
www.bluelight.org/xf/data/features/ 76 KB
76 KB 33ms
32ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/893364.jpg?1603320899
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b210e384a70355d0c890142ba11938997f3ed800207704bac0472064f821174d

Request headers

:path: /xf/data/features/893364.jpg?1603320899
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77542
last-modified: Wed, 21 Oct 2020 22:54:59 GMT
server: cloudflare
etag: "12ee6-5b2363caf93be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv7jf39USmRNw1J5rWFizjnmd7EOpBxW9YBwAUMyc2ev%2BtSSTv9p%2BSdWK3i9PStGYrFUElAaogm1o2zfuP%2F07rE49PuZTsV3BFtn5NJ0%2FPdWmZNsKEF%2F0XNQr77DwTmuYy3hGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758664108-PRG

GET
H3 200 329837.jpg
www.bluelight.org/xf/data/features/ 84 KB
84 KB 18ms
17ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/329837.jpg?1602799613
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89cc2fae579ebd7cafc17f07b6913c46626d5509569500d6a5d08f1d1f97bbd7

Request headers

:path: /xf/data/features/329837.jpg?1602799613
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85525
last-modified: Thu, 15 Oct 2020 22:06:54 GMT
server: cloudflare
etag: "14e15-5b1bcdda3b8e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksvR5pjhx%2FxTn0IWgw17%2BmGN0XqI0Ltb03tL88QhKfPMS61fBTt%2B%2FLgLEQ99SPEOk7NSWHU%2Fy5jhqusqh8ILXtO2EedsvaM0gJ0de7nAw7lmujzXQ8Y8OWCMMZKCixS%2BzFvR8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758674108-PRG

GET
H3 200 819932.jpg
www.bluelight.org/xf/data/features/ 79 KB
80 KB 28ms
27ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/819932.jpg?1602464869
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7827d95691722e3604d88182f3632ced4cc5f613deb005f10a79debcd7edf02d

Request headers

:path: /xf/data/features/819932.jpg?1602464869
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 81323
last-modified: Mon, 12 Oct 2020 01:07:49 GMT
server: cloudflare
etag: "13dab-5b16eed555dae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44XHHaC4hxtrRZr%2B73tPahheRK81wMISf5P4FPN3yFnX0gHFiG6arG5AjiBb3zQKdp6urxZCaDqxbAB7dVVjhtc9YYeE6dWFgfHBqhxoPLTyN25NlFRx16ly6Z38FzxRbMRINg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758684108-PRG

GET
H3 200 891313.jpg
www.bluelight.org/xf/data/features/ 68 KB
69 KB 43ms
42ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/891313.jpg?1601729619
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ca87aa52b15a4da5b4283a0ce6ee8a39d87cd4a7a32fe1353395e1b42d2b32

Request headers

:path: /xf/data/features/891313.jpg?1601729619
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70000
last-modified: Sat, 03 Oct 2020 12:53:39 GMT
server: cloudflare
etag: "11170-5b0c3bcfaabb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDWVFdd9PiPD9ROz9FG%2BbKPrqDSQNF6R6QA7eM4Amq13g862DvEQGRzdhMNEfbDBXlI4VK8H2vNGyq8Wat%2BqpWKGikq4H%2BNbyGLjPC8HGKEMj77LQuZjjFz7mg9Hp%2BtDV%2BJgdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a758694108-PRG

GET
H3 200 886728.jpg
www.bluelight.org/xf/data/features/ 124 KB
125 KB 30ms
29ms Image
image/jpeg 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/data/features/886728.jpg?1601326432
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4d093b3b7d6bf4cec2cff41e47a6f87f21a900930cc1c187d6a8a934e854e2

Request headers

:path: /xf/data/features/886728.jpg?1601326432
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 127372
last-modified: Mon, 28 Sep 2020 20:53:52 GMT
server: cloudflare
etag: "1f18c-5b065dd33ebec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVIgOi%2BDw3XuAs2qWLuPr9grvROXAleQxQn4ex7CsbrpMK9u12piuEqhMK1Bu%2Fa7EQgnGu50D1PlYP7Ov0ytrnIya4sAmwfxyuj600Eobc9mJYEsBLiUETnw3fYRzog9Z03jtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a7586a4108-PRG

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 73ms
35ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api?_=1634109318392

Requested by

Host: www.bluelight.org
URL: https://www.bluelight.org/xf/js/vendor/jquery/jquery-3.5.1.min.js?_v=efd18614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

ccf09e8e26c4205258c8bcad3d97c1ec7f88f530df3ddbd5dbe0cca6ef2877c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Wed, 13 Oct 2021 07:15:18 GMT

GET
H3 200 _slider.png
www.bluelight.org/xf/styles/8wayrun/porta/ 9 KB
9 KB 17ms
17ms Image
image/png 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bluelight.org/xf/styles/8wayrun/porta/_slider.png
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_EWRporta_features.less%2Cpublic%3Aextra.less&s=4&l=1&d=1632924567&k=01dbfd36881d8d5cccd8f52db744adcf0862d4ab
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587edf3e7493af0fb71b88000fef1069dd468ae553af8a96ab3e14926bcb2ba8

Request headers

:path: /xf/styles/8wayrun/porta/_slider.png
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_EWRporta_features.less%2Cpublic%3Aextra.less&s=4&l=1&d=1632924567&k=01dbfd36881d8d5cccd8f52db744adcf0862d4ab
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/css.php?css=public%3AEWRporta.less%2Cpublic%3AEWRporta_articles.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_EWRporta_features.less%2Cpublic%3Aextra.less&s=4&l=1&d=1632924567&k=01dbfd36881d8d5cccd8f52db744adcf0862d4ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9067
last-modified: Wed, 18 Nov 2020 02:06:24 GMT
server: cloudflare
etag: "236b-5b4580efa1309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjBJs3sJDfFTGDFAcNT8mdlYUX8XLzqAzH6BZ7Hv2Q7Ee%2Bk07gFJjNS97jHH%2FH%2Bqd7bD2xvarp%2BbP9iP3rN%2F48Fb5kza5c04gcExgPkRXcs6On4J2LGTLCTxWnhS3zZxku303g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69d6c6a848a64108-PRG

GET
H3 200 pica.js
www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/ 23 KB
8 KB 24ms
23ms Other
text/javascript 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/xf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c164b6ecd21c5b2c8028ce60cddc32ba6d45eda1e39a8dd20f056fffb9a2ba

Request headers

:path: /cdn-cgi/challenge-platform/h/b/scripts/pica.js
pragma: no-cache
cookie: xf_csrf=WKyX9CNoafAQ72zR
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/xf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmdH%2FpQJphdWHSID8MfpQWiKJMPFDLI%2FGSWxM0VO%2Ba8iDy9M%2FTe9%2B%2BTmoBuxvdNdsGTbffL%2BAZlFn5DCaggkh9adxswJvNbwO41CeF532YNso2COrwvIrh5pcLOqYwil3jDNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 69d6c6a878c94108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47884043-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 4452
date: Wed, 13 Oct 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 08:01:06 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/387dfd49/www-widgetapi.vflset/ 142 KB
46 KB 22ms
7ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1634109318392

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

03acef6d8ab381462caceb6c144a15de5a51e774cde5cc552b8899105ee549f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47092
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Oct 2022 06:36:51 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 41ms
20ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=32770998&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bluelight.org%2Fxf%2F&ul=en-us&de=UTF-8&dt=Bluelight.org%20%7C%20Bluelight.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=365313277&gjid=534587160&cid=1005442471.1634109319&tid=UA-47884043-1&_gid=1626281960.1634109319&_r=1&gtm=2ouab0&z=710828012

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluelight.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:15:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluelight.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=32770998&t=timing&_s=2&dl=https%3A%2F%2Fwww.bluelight.org%2Fxf%2F&ul=en-us&de=UTF-8&dt=Bluelight.org%20%7C%20Bluelight.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1193&pdt=19&dns=0&rrt=440&srt=164&tcp=0&dit=1062&clt=1062&_gst=1121&_gbt=1160&_cst=923&_cbt=1108&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1005442471.1634109319&tid=UA-47884043-1&_gid=1626281960.1634109319&gtm=2ouab0&z=1982005196

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bluelight.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 08:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82046
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 result Show response
www.bluelight.org/cdn-cgi/challenge-platform/h/b/cv/ 2 B
756 B 66ms
66ms XHR
text/plain 172.67.161.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluelight.org/cdn-cgi/challenge-platform/h/b/cv/result?req_id=69d6c6a44aa127c0
Requested by: Host: www.bluelight.org
URL: https://www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode: cors
origin: https://www.bluelight.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: xf_csrf=WKyX9CNoafAQ72zR; _ga=GA1.2.1005442471.1634109319; _gid=GA1.2.1626281960.1634109319; _gat_gtag_UA_47884043_1=1; xf_dbtechSecuritySession=93a9dbce7223b5816a3ed92e89403dc5
content-length: 14333
:path: /cdn-cgi/challenge-platform/h/b/cv/result?req_id=69d6c6a44aa127c0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.bluelight.org
referer: https://www.bluelight.org/xf/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.bluelight.org/xf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Oct 2021 07:15:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83j53j2%2FKct2iNQdJIe2uGMldJXSo3p0296Qpw8N4Cm4YGc7GzU5IpYmKoEdrvlB6ECebI0fE9xdeurNhh770wFzLVvjR6sBo5JO9OqVGCVpIODY8LC4XD4VIYVY91QA0K9X3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: __cf_bm=6ax_X33hR_qWpYM0y8HUQ0yAbqRAlI4qD0H89J1si_0-1634109318-0-AQCCIFJOMb1aO55t+wPdmbdRwnKtrbVzy0n3pwCfYPfyf5M2x1dKyAJRzjrbICD5mQTWUG/EcFTJcSfERKNBGNnokTDYeafwZX/Vnf2Lck1D4OxK57ec7mirVi4ebCbcwA==; path=/; expires=Wed, 13-Oct-21 07:45:18 GMT; domain=.bluelight.org; HttpOnly; Secure; SameSite=None
cf-ray: 69d6c6aaf99f4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bluelight.org/	1969-12-31 23:59:59	Name: xf_csrf Value: WKyX9CNoafAQ72zR
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 46P9tmcopJA
.youtube.com/	1970-01-20 02:14:21	Name: VISITOR_INFO1_LIVE Value: 6y6yye4K9UU
.bluelight.org/	1970-01-20 15:26:21	Name: _ga Value: GA1.2.1005442471.1634109319
.bluelight.org/	1970-01-19 21:56:35	Name: _gid Value: GA1.2.1626281960.1634109319
.bluelight.org/	1970-01-19 21:55:09	Name: _gat_gtag_UA_47884043_1 Value: 1
www.bluelight.org/	1970-01-19 22:38:21	Name: xf_dbtechSecuritySession Value: 93a9dbce7223b5816a3ed92e89403dc5
.bluelight.org/	1970-01-19 21:55:11	Name: __cf_bm Value: 6ax_X33hR_qWpYM0y8HUQ0yAbqRAlI4qD0H89J1si_0-1634109318-0-AQCCIFJOMb1aO55t+wPdmbdRwnKtrbVzy0n3pwCfYPfyf5M2x1dKyAJRzjrbICD5mQTWUG/EcFTJcSfERKNBGNnokTDYeafwZX/Vnf2Lck1D4OxK57ec7mirVi4ebCbcwA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.bluelight.org/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluelight.org
www.bluelight.org
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.21.90.209
142.250.184.232
142.250.74.206
172.217.16.142
172.67.161.103
03acef6d8ab381462caceb6c144a15de5a51e774cde5cc552b8899105ee549f7
05b719452e7a240b691564a0e0bb3280195cde4ece957993a3fe28f2250fb914
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a
0afe41155bf1fef6148527c69cc082fb95c2520ebcd698092338b18d0c163b37
23a37d9a02132cc40ccb21a097c2118e4abe60b0e91bb213242f5b5ffef46109
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
36a4dfb8c74f4903bcc6d37e3ee4d8a0a4389a1b826292e912efe9fb223ed32a
4433bbb69a80dafe9fef2e69c922b7cc3ba5f7db16b5f49619a31b3986259c65
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
55ca87aa52b15a4da5b4283a0ce6ee8a39d87cd4a7a32fe1353395e1b42d2b32
587edf3e7493af0fb71b88000fef1069dd468ae553af8a96ab3e14926bcb2ba8
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
5c4b9e1bea97b82199f1367222d3d0674930e0d7a8771a762397b670ac7b889f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7827d95691722e3604d88182f3632ced4cc5f613deb005f10a79debcd7edf02d
7a4d093b3b7d6bf4cec2cff41e47a6f87f21a900930cc1c187d6a8a934e854e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c164b6ecd21c5b2c8028ce60cddc32ba6d45eda1e39a8dd20f056fffb9a2ba
89cc2fae579ebd7cafc17f07b6913c46626d5509569500d6a5d08f1d1f97bbd7
95eba6b6f49a71db3f7c7e63ddd1efe16fd7c12f69d36afdd0fdd3c0b8ac084d
981c7b279b50f5d23baec3cdb05e390f5694393c63dd72b7a52cfe97b8234b8f
a97392a02775136f7fcda1786540414e4a6595f79c49dc1bc9c790f472a9a9f3
ac7af13168066f335810b50ecc2cef7356bc3631576a8a9d51b0c9cd341a52ba
b210e384a70355d0c890142ba11938997f3ed800207704bac0472064f821174d
b48fc223d524430ef86336e524ca8b95b74927ca840abc04a0407b58e5905823
b6d9e80b8faec8b867f23bc3ce7cc6f1f58867e3a341704f516510db92cd4763
ccf09e8e26c4205258c8bcad3d97c1ec7f88f530df3ddbd5dbe0cca6ef2877c1
dcc52c588c323fa4fdf1b541f8cb37cefc7fc9cd01403911183a8197cda2771e
f6b7d7f664f8663ca2f5e7c336e4c73cc4da446178b42a0cc33d8e5aed492e84
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.bluelight.org Open in urlscan Pro 104.21.90.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

1417 kBTransfer

2362 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bluelight.org Open in urlscan Pro
104.21.90.209 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1417 kB
Transfer

2362 kB
Size

8
Cookies

32 HTTP transactions
0 data transactions