www.ctfire-ems.com Open in urlscan Pro
104.192.220.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ctfire-ems.com/
Effective URL:
http://www.ctfire-ems.com/forumV5/
Submission: On October 03 via manual (October 3rd 2019, 12:26:27 am UTC) from AU

Summary HTTP 75 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 75 HTTP transactions. The main IP is 104.192.220.131, located in Glendale, United States and belongs to GTT-BACKBONE GTT, DE. The main domain is www.ctfire-ems.com.

This is the only time www.ctfire-ems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	104.192.220.131 104.192.220.131	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
5	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
28	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
75	10

23 104.192.220.131 (Glendale, United States)

ASN3257 (GTT-BACKBONE GTT, DE)
PTR: h505.cpanellogin.net

www.ctfire-ems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ctfire-ems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	433 KB
23	ctfire-ems.com www.ctfire-ems.com ctfire-ems.com	458 KB
10	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	110 KB
4	doubleclick.net googleads.g.doubleclick.net
3	googlesyndication.com pagead2.googlesyndication.com	207 KB
1	ampproject.org cdn.ampproject.org	7 KB
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	656 B
1	google.de adservice.google.de	656 B
1	googleapis.com ajax.googleapis.com	29 KB
75	10

	Domain	Requested by
26	pbs.twimg.com	www.ctfire-ems.com
22	www.ctfire-ems.com	www.ctfire-ems.com ajax.googleapis.com
7	platform.twitter.com	www.ctfire-ems.com platform.twitter.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	syndication.twitter.com	1 redirects www.ctfire-ems.com
3	pagead2.googlesyndication.com	www.ctfire-ems.com pagead2.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	abs.twimg.com	www.ctfire-ems.com platform.twitter.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	cdn.ampproject.org	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.ctfire-ems.com
1	ctfire-ems.com	www.ctfire-ems.com
75	15

This site contains links to these domains. Also see Links.

Domain
www.vbulletin.org
www.vbulletin.com

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://www.ctfire-ems.com/forumV5/
Frame ID: 49CD4687EC46888FF9814A7D1AE46EC4
Requests: 32 HTTP requests in this frame

Frame: http://www.ctfire-ems.com/forumV5/auth/login-form
Frame ID: 8EFD0766EB2A0E1B5C4CB4A919E3D2A2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js
Frame ID: 2716F0F110C47AD137594655C6C09907
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190926/r20190131/zrt_lookup.html
Frame ID: B8602131A32A950E4585F65028EE44E3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fwww.ctfire-ems.com
Frame ID: B4E2DE90BF563EA177394C3F9EB2B70D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&h=90&slotname=8851798148&adk=2608598927&adf=160507289&w=728&lmt=1570062373&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&wgl=1&dt=1570062372027&bpp=10&bdt=843&fdt=1632&idt=1632&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&correlator=4533807165044&frm=20&pv=2&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=15011&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=213&ady=4226&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.hl1n8ul2lkku&fsb=1&xpc=h9jeXriOE1&p=http%3A//www.ctfire-ems.com&dtd=1644
Frame ID: A94BCBDCC8F61A4CAFE5E3E232BDBCD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&h=250&slotname=6458248445&adk=3572891021&adf=1821327031&w=300&lmt=1570062374&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&avail_w=275&wgl=1&adsid=NT&dt=1570062372037&bpp=6&bdt=854&fdt=2007&idt=2007&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=146083&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1098&ady=571&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.5oa5jgrbue9k&fsb=1&xpc=CnvxPU9iI2&p=http%3A//www.ctfire-ems.com&dtd=2010
Frame ID: 35CDC0E9BB00813946521A2DF454F629
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&adk=3969420673&adf=1607144832&lmt=1570062374&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570062372760&bpp=3&bdt=1577&fdt=1331&idt=1331&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=2334883&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.fv7okdjt5z2r&fsb=1&dtd=1336
Frame ID: 59A58B0FF239035ED091ABBFBF26917B
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1179477678027526144/sYIRzTIQ?format=jpg&name=280x280
Frame ID: E41C16FB0E45949AE8E9FF43D2417F08
Requests: 37 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 70C0A0C925BB19108088F9066FCAE504
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ctfire-ems.com/ Page URL
http://www.ctfire-ems.com/forumV5/ Page URL

Detected technologies

vBulletin (Message Boards) Expand

Overall confidence: 100%
Detected patterns

meta generator /vBulletin ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /vBulletin ?([\d.]+)?/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

75
Requests

67 %
HTTPS

78 %
IPv6

10
Domains

15
Subdomains

10
IPs

2
Countries

1273 kB
Transfer

3144 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vbulletin.org/forum/member.php?u=532049
Title: delicjous

Search URL Search Domain Scan URL

URL: https://www.vbulletin.com/
Title: vBulletin®

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ctfire-ems.com/ Page URL
http://www.ctfire-ems.com/forumV5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

75 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.ctfire-ems.com/ 85 B
297 B 621ms
298ms Document
text/html 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 4964f94c4649777ba1d2e291403c9c5f70ebfd3e426ca148a160371daaf190b9

Request headers

Host: www.ctfire-ems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Sun, 19 Aug 2018 21:12:45 GMT
Accept-Ranges: bytes
Content-Length: 85
Date: Thu, 03 Oct 2019 00:26:10 GMT
Server: LiteSpeed

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.ctfire-ems.com/forumV5/ 92 KB
15 KB 596ms
596ms Document
text/html 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfire-ems.com/forumV5/

Protocol

HTTP/1.1

Server

104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),

Reverse DNS

h505.cpanellogin.net

Software

LiteSpeed / PHP/7.1.32

Resource Hash

1cdab7aa63c33764259bbcdbacdd7073e3750bf1e4cb0e3375a55ac48636fc9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Request headers

Host: www.ctfire-ems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.ctfire-ems.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.ctfire-ems.com/

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/7.1.32
Set-Cookie: bbsessionhash=7aded5a21b0d63bd68d86df115a679e6; path=/; HttpOnly bblastvisit=1570062370; path=/; HttpOnly bblastactivity=1570062370; path=/; HttpOnly PHPSESSID=826ab4a2f1a2adf169bda2fe9904ecb7; path=/
X-Frame-Options: sameorigin
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=ISO-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 03 Oct 2019 00:26:10 GMT
Server: LiteSpeed

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ 25 KB
7 KB 441ms
377ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 0ea676811c8275c3f069421e97c81bb505550d5367da3708226ad50d09745c2f

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Expires: Fri, 02 Oct 2020 00:26:11 GMT

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ 244 KB
51 KB 471ms
407ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_11_4_custom.css,css_jquery_qtip_min.css,css_jquery_selectBox.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_b_topicpreview.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 5fc95a3868b8c94d7dde47f82dd843560e61df6659998aaa622b67dbf162ee7d

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Expires: Fri, 02 Oct 2020 00:26:11 GMT

GET
H/1.1 200
OK header-rollup-554.js Show response
www.ctfire-ems.com/forumV5/js/ 18 KB
8 KB 310ms
245ms Script
application/javascript 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/js/header-rollup-554.js
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: eea515cddabf71051491356439c1ad7a93366024932f56f16862a4e62fa3ba52

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 02:44:32 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7570
Expires: Thu, 17 Oct 2019 00:26:11 GMT

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ 222 B
514 B 440ms
376ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_additional.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 7d78aeaf6c14d332f13859d1b346e3bb7ef8c6a57a5ab8ec69b44ad9b17e63b8

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Connection: Keep-Alive
Content-Length: 145
Expires: Fri, 02 Oct 2020 00:26:11 GMT

GET
H/1.1 200
OK fetch
www.ctfire-ems.com/forumV5/filedata/ 44 KB
45 KB 541ms
477ms Image
image/jpeg 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ctfire-ems.com/forumV5/filedata/fetch?filedataid=4257
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 73ccec1bf6ae8ba0faea1a24c1d306c2646fb04823dfc02da94c5ac7387932f5

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:11 GMT
ETag: "4257"
Last-Modified: Tue, 03 Oct 2017 00:41:38 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: image/jpeg
Cache-control: max-age=31536000, private
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="image_4257.jpg"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 45416
Expires: Fri, 02 Oct 2020 00:26:11 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 103 KB
36 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

46515e04c4d744f5540c70e0040af8dda0b70b97c9d12fd3ab5852a77b392515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12955452745339956260
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36564
X-XSS-Protection: 0
Expires: Thu, 03 Oct 2019 00:26:11 GMT

GET
H/1.1 200
OK default_avatar_medium.png
www.ctfire-ems.com/forumV5/core/images/default/ 2 KB
2 KB 184ms
154ms Image
image/png 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ctfire-ems.com/forumV5/core/images/default/default_avatar_medium.png
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 20f72d711a9fa45790128ad75317ebaaf79c8c5d7031d85ae0d137416295faba

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:11 GMT
Last-Modified: Wed, 02 Oct 2019 02:44:30 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: max-age=1209600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2082
Expires: Thu, 17 Oct 2019 00:26:11 GMT

GET
H/1.1 200
OK avatar1_7.gif
www.ctfire-ems.com/forumV5/core/customavatars/ 6 KB
7 KB 154ms
154ms Image
image/gif 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ctfire-ems.com/forumV5/core/customavatars/avatar1_7.gif
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 2fa29cc43baaf2ac857c695f7a7f483e11c98718d1004fc0b30cdd0660986cd2

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:11 GMT
Last-Modified: Sun, 21 Aug 2016 10:34:51 GMT
Server: LiteSpeed
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6404
Expires: Sat, 02 Nov 2019 00:26:11 GMT

GET
H/1.1 200
OK can%20be%20yours.png
ctfire-ems.com/forumV5/images/ 27 KB
27 KB 308ms
293ms Image
image/png 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ctfire-ems.com/forumV5/images/can%20be%20yours.png
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 30921f6f966644c253fd01e595ebb46cad43c50f0b04ffe73bd3222c6aa0fc0a

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:11 GMT
Last-Modified: Sat, 07 Oct 2017 13:09:59 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: max-age=1209600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 27501
Expires: Thu, 17 Oct 2019 00:26:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 18:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2613482
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Sep 2020 18:28:09 GMT

GET
H/1.1 200
OK footer-rollup-554.js Show response
www.ctfire-ems.com/forumV5/js/ 626 KB
188 KB 153ms
153ms Script
application/javascript 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 13378e9f887cb07b40ebe4fd25e807ad4e76994220cb2666542a05d2ed98d39a

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 02:44:32 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 191804
Expires: Thu, 17 Oct 2019 00:26:11 GMT

GET
H/1.1 200
OK Cookie set login-form Show response
www.ctfire-ems.com/forumV5/auth/ Frame 8EFD 6 KB
2 KB 678ms
677ms Document
text/html 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfire-ems.com/forumV5/auth/login-form

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

HTTP/1.1

Server

104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),

Reverse DNS

h505.cpanellogin.net

Software

LiteSpeed / PHP/7.1.32

Resource Hash

079d29084d8f37f5bd1eae607c25768bfc6582c0c774fe06c1aa283b21b4ab33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Request headers

Host: www.ctfire-ems.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.ctfire-ems.com/forumV5/
Accept-Encoding: gzip, deflate
Cookie: bbsessionhash=7aded5a21b0d63bd68d86df115a679e6; bblastvisit=1570062370; bblastactivity=1570062370; PHPSESSID=826ab4a2f1a2adf169bda2fe9904ecb7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/7.1.32
Set-Cookie: bblastactivity=1570062371; path=/; HttpOnly
Content-Type: text/html; charset=ISO-8859-1
X-Frame-Options: sameorigin
Content-Security-Policy: frame-ancestors 'self'
X-Robots-Tag: noindex, nofollow
Content-Length: 1921
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 03 Oct 2019 00:26:12 GMT
Server: LiteSpeed

GET
H/1.1 200
OK sprite.php
www.ctfire-ems.com/forumV5/ 202 KB
40 KB 551ms
551ms Image
image/svg+xml 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.ctfire-ems.com/forumV5/sprite.php?styleid=30&td=ltr&sprite=sprite_icons_general.svg&ts=1569984311

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

HTTP/1.1

Server

104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),

Reverse DNS

h505.cpanellogin.net

Software

LiteSpeed / PHP/7.1.32

Resource Hash

b981e8763a22ca5332a4e5e9fae0c474b02b922d98bfd05fcfafb265bef9206a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	sameorigin

Request headers

Referer: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_11_4_custom.css,css_jquery_qtip_min.css,css_jquery_selectBox.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_b_topicpreview.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1569984311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Frame-Options: sameorigin
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-control: max-age=31536000, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Date: Thu, 03 Oct 2019 00:26:12 GMT
Expires: Fri, 02 Oct 2020 00:26:12 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4198) /
Resource Hash: 90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348

Request headers

Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:25:42 GMT
Server: ECS (fcn/4198)
Etag: "1d8d0709ed691e2bc0472dbfc17c8abd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28700

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
656 B 28ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ctfire-ems.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Oct 2019 00:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
656 B 29ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ctfire-ems.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Oct 2019 00:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/ 231 KB
85 KB 50ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c8615d41121675d739ad8a05627ccfd2c6b99c576521ff17a2313f79a37fa6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86819
x-xss-protection: 0
server: cafe
etag: 6415741152906011923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Oct 2019 00:26:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/ Frame 2716 231 KB
85 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c8615d41121675d739ad8a05627ccfd2c6b99c576521ff17a2313f79a37fa6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86819
x-xss-protection: 0
server: cafe
etag: 6415741152906011923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Oct 2019 00:26:12 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190926/r20190131/ Frame B860 0
0 25ms
5ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190926/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190926/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ctfire-ems.com/forumV5/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 26 Sep 2019 16:33:54 GMT
expires: Thu, 10 Oct 2019 16:33:54 GMT
content-type: text/html; charset=UTF-8
etag: 2385566188703980536
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7388
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 546738
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 200
OK fetchValues Show response
www.ctfire-ems.com/forumV5/ajax/api/options/ 347 B
769 B 356ms
356ms XHR
application/json 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: dbe385e5bdb1d080e10711e4919f8102a1162ea87227a22a2b84e2b600690343

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.ctfire-ems.com/forumV5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 00:26:12 GMT
Last-Modified: Thu, 03 Oct 2019 00:26:12 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
Connection: Keep-Alive
Content-Length: 347
Expires: Sat, 1 Jan 2000 01:00:00 GMT

POST
H/1.1 200
OK fetchValues Show response
www.ctfire-ems.com/forumV5/ajax/api/options/ 19 B
440 B 231ms
231ms XHR
application/json 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 412cb2b48dcfcad82aae0471eeeb892e00fe21d4a3061b80fe97c50908a7e2e9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.ctfire-ems.com/forumV5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 00:26:12 GMT
Last-Modified: Thu, 03 Oct 2019 00:26:12 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
Connection: Keep-Alive
Content-Length: 19
Expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H/1.1 200
OK widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame B4E2 0
0 24ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fwww.ctfire-ems.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://www.ctfire-ems.com/forumV5/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Oct 2019 00:26:46 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 02 Oct 2019 20:21:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

POST
H/1.1 200
OK fetchValues Show response
www.ctfire-ems.com/forumV5/ajax/api/options/ 19 B
440 B 774ms
774ms XHR
application/json 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 412cb2b48dcfcad82aae0471eeeb892e00fe21d4a3061b80fe97c50908a7e2e9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.ctfire-ems.com/forumV5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 00:26:13 GMT
Last-Modified: Thu, 03 Oct 2019 00:26:12 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
Connection: Keep-Alive
Content-Length: 19
Expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A94B 0
0 172ms
171ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&h=90&slotname=8851798148&adk=2608598927&adf=160507289&w=728&lmt=1570062373&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&wgl=1&dt=1570062372027&bpp=10&bdt=843&fdt=1632&idt=1632&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&correlator=4533807165044&frm=20&pv=2&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=15011&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=213&ady=4226&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.hl1n8ul2lkku&fsb=1&xpc=h9jeXriOE1&p=http%3A//www.ctfire-ems.com&dtd=1644

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3729052153165878&output=html&h=90&slotname=8851798148&adk=2608598927&adf=160507289&w=728&lmt=1570062373&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&wgl=1&dt=1570062372027&bpp=10&bdt=843&fdt=1632&idt=1632&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&correlator=4533807165044&frm=20&pv=2&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=15011&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=213&ady=4226&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.hl1n8ul2lkku&fsb=1&xpc=h9jeXriOE1&p=http%3A//www.ctfire-ems.com&dtd=1644
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ctfire-ems.com/forumV5/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Oct 2019 00:26:13 GMT
server: cafe
content-length: 16711
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 03-Oct-2019 00:41:13 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 03 Oct 2019 00:26:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
expires: Thu, 03 Oct 2019 00:26:13 GMT

POST
H/1.1 200
OK fetchValues Show response
www.ctfire-ems.com/forumV5/ajax/api/options/ 13 B
434 B 331ms
330ms XHR
application/json 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/ajax/api/options/fetchValues
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 57b34d094c8609cb7d241ec02e482a4327101964ac2d043201ba209ec19b4445

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.ctfire-ems.com/forumV5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 00:26:13 GMT
Last-Modified: Thu, 03 Oct 2019 00:26:13 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
Connection: Keep-Alive
Content-Length: 13
Expires: Sat, 1 Jan 2000 01:00:00 GMT

POST
H/1.1 200
OK run Show response
www.ctfire-ems.com/forumV5/ajax/apidetach/cron/ 37 B
458 B 381ms
381ms XHR
application/json 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/ajax/apidetach/cron/run
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 8df3f5ec20125ffc5b858962084b3103efd917b41d0cf3c88eff85e34a355647

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.ctfire-ems.com/forumV5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 00:26:14 GMT
Last-Modified: Thu, 03 Oct 2019 00:26:14 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=0,no-cache,no-store,post-check=0,pre-check=0
Connection: Keep-Alive
Content-Length: 37
Expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 35CD 0
0 242ms
242ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&h=250&slotname=6458248445&adk=3572891021&adf=1821327031&w=300&lmt=1570062374&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&avail_w=275&wgl=1&adsid=NT&dt=1570062372037&bpp=6&bdt=854&fdt=2007&idt=2007&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=146083&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1098&ady=571&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.5oa5jgrbue9k&fsb=1&xpc=CnvxPU9iI2&p=http%3A//www.ctfire-ems.com&dtd=2010

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3729052153165878&output=html&h=250&slotname=6458248445&adk=3572891021&adf=1821327031&w=300&lmt=1570062374&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&flash=0&avail_w=275&wgl=1&adsid=NT&dt=1570062372037&bpp=6&bdt=854&fdt=2007&idt=2007&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=146083&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1098&ady=571&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.5oa5jgrbue9k&fsb=1&xpc=CnvxPU9iI2&p=http%3A//www.ctfire-ems.com&dtd=2010
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ctfire-ems.com/forumV5/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlO03sdetx4M1H8AesJ6B1Ck64jD33QLCvMw63_-74VEo1KLOAPTz26bizB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Oct 2019 00:26:14 GMT
server: cafe
content-length: 4265
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js Show response
platform.twitter.com/js/ 24 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:39 GMT
Server: ECS (fcn/41AF)
Etag: "193d41dde5636e7f143422dcf5051b6d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7914

GET
H/1.1 200
OK timeline.0a7b4db67eacd23e35c5ce02e6ea3470.js Show response
platform.twitter.com/js/ 23 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.0a7b4db67eacd23e35c5ce02e6ea3470.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash: f452b1e5c1cae40dc81a9da7605dd6b98d0a06253d9b363e11c99ec4081ace4c

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:39 GMT
Server: ECS (fcn/40AE)
Etag: "37399cf03250c85f4a77916c06810b4c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7038

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ Frame 8EFD 25 KB
7 KB 535ms
534ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/auth/login-form
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 0ea676811c8275c3f069421e97c81bb505550d5367da3708226ad50d09745c2f

Request headers

Referer: http://www.ctfire-ems.com/forumV5/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Expires: Fri, 02 Oct 2020 00:26:13 GMT

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ Frame 8EFD 244 KB
51 KB 641ms
640ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_11_4_custom.css,css_jquery_qtip_min.css,css_jquery_selectBox.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_b_topicpreview.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/auth/login-form
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 5fc95a3868b8c94d7dde47f82dd843560e61df6659998aaa622b67dbf162ee7d

Request headers

Referer: http://www.ctfire-ems.com/forumV5/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Expires: Fri, 02 Oct 2020 00:26:13 GMT

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ Frame 8EFD 1 KB
991 B 548ms
547ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_login.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/auth/login-form
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: c2f7d0ca976c119249f875f32bcb9de199f34fa2c648e5f997a9d45e49e3a3df

Request headers

Referer: http://www.ctfire-ems.com/forumV5/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Connection: Keep-Alive
Content-Length: 622
Expires: Fri, 02 Oct 2020 00:26:14 GMT

GET
H/1.1 200
OK css.php
www.ctfire-ems.com/forumV5/ Frame 8EFD 222 B
514 B 540ms
539ms Stylesheet
text/css 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/css.php?styleid=30&td=ltr&sheet=css_additional.css&ts=1569984311
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/auth/login-form
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed / PHP/7.1.32
Resource Hash: 7d78aeaf6c14d332f13859d1b346e3bb7ef8c6a57a5ab8ec69b44ad9b17e63b8

Request headers

Referer: http://www.ctfire-ems.com/forumV5/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Mar 1973 09:46:39 GMT
Server: LiteSpeed
X-Powered-By: PHP/7.1.32
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-control: max-age=31536000, private
Connection: Keep-Alive
Content-Length: 145
Expires: Fri, 02 Oct 2020 00:26:13 GMT

GET
H/1.1 200
OK login_md5.js Show response
www.ctfire-ems.com/forumV5/js/ Frame 8EFD 5 KB
2 KB 157ms
156ms Script
application/javascript 104.192.220.131
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ctfire-ems.com/forumV5/js/login_md5.js?v=554
Requested by: Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/auth/login-form
Protocol: HTTP/1.1
Server: 104.192.220.131 Glendale, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: h505.cpanellogin.net
Software: LiteSpeed /
Resource Hash: 548819da190b08c330048cbe2b18c05d966247290a236d4f52199c40cf38a856

Request headers

Referer: http://www.ctfire-ems.com/forumV5/auth/login-form
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 02:44:32 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2155
Expires: Thu, 17 Oct 2019 00:26:13 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "beb093e69c81d951"
age: 614576
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7119
x-xss-protection: 0
server: sffe
date: Wed, 25 Sep 2019 21:43:18 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 24 Sep 2020 21:43:18 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 59A5 0
0 16ms
15ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3729052153165878&output=html&adk=3969420673&adf=1607144832&lmt=1570062374&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570062372760&bpp=3&bdt=1577&fdt=1331&idt=1331&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=2334883&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.fv7okdjt5z2r&fsb=1&dtd=1336

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3729052153165878&output=html&adk=3969420673&adf=1607144832&lmt=1570062374&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570062372760&bpp=3&bdt=1577&fdt=1331&idt=1331&shv=r20190926&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=4533807165044&frm=20&pv=1&ga_vid=122206562.1570062374&ga_sid=1570062374&ga_hid=373028111&ga_fc=0&iag=0&icsg=2334883&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3316688382894699&ref=http%3A%2F%2Fwww.ctfire-ems.com%2F&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.fv7okdjt5z2r&fsb=1&dtd=1336
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ctfire-ems.com/forumV5/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlO03sdetx4M1H8AesJ6B1Ck64jD33QLCvMw63_-74VEo1KLOAPTz26bizB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ctfire-ems.com/forumV5/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 03 Oct 2019 00:26:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 list Show response
cdn.syndication.twimg.com/timeline/ 127 KB
13 KB 239ms
220ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/list?callback=__twttr.callbacks.tl_i3_list_CTFireEMS_ctfire_old&dnt=false&domain=www.ctfire-ems.com&lang=en&list_slug=ctfire&screen_name=CTFireEMS&suppress_response_codes=true&t=1744513&tz=GMT%2B0200

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

1ac6c12d10b2ded23b6b99d7aae696ab1cfa17aeae61f5a0d7c9c0f5a9922b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 12841
x-xss-protection: 0
x-response-time: 196
last-modified: Thu, 03 Oct 2019 00:26:14 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 64aa41e0735c0e4aecb4f567a8f0b10f
timing-allow-origin: *
x-transaction: 00b94756008337d2
expires: Thu, 03 Oct 2019 00:31:14 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
383 B 134ms
134ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1570062374126%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 03 Oct 2019 00:26:14 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0843ff79d7ec5e446b532f6437bbc24
x-transaction: 008c6a3600af9145
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 sYIRzTIQ
pbs.twimg.com/card_img/1179477678027526144/ Frame E41C 11 KB
11 KB 26ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1179477678027526144/sYIRzTIQ?format=jpg&name=280x280

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

6c6683ce7f7ff4f8b908c5eab2561a54aeb4512c073c278c9c2ad14f8729abc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 11289
x-response-time: 139
surrogate-key: card_img card_img/bucket/0 card_img/1179477678027526144
last-modified: Wed, 02 Oct 2019 19:24:06 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0112cd5477968eed274a925e991e838
accept-ranges: bytes

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame E41C 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1051
x-cache: HIT
status: 200
content-length: 1051
x-response-time: 21
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECS (fcn/40DE)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b5dde806da5203bf58bf07b39becdd2d
accept-ranges: bytes
expires: Fri, 02 Oct 2020 00:26:14 GMT

GET
H2 200 YNN6QBpk
pbs.twimg.com/card_img/1179222739841945601/ Frame E41C 79 KB
79 KB 31ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1179222739841945601/YNN6QBpk?format=jpg&name=800x419

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

9004d8e799774955d4605af6c2fc6ee8e75df911b0c00809a2cbafda240fc111

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 80893
x-response-time: 200
surrogate-key: card_img card_img/bucket/9 card_img/1179222739841945601
last-modified: Wed, 02 Oct 2019 02:31:04 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f4c14725eb8b4c8a58a92117bb863882
accept-ranges: bytes

GET
H2 200 7CJY2qyo
pbs.twimg.com/card_img/1178824723184181251/ Frame E41C 10 KB
10 KB 31ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1178824723184181251/7CJY2qyo?format=jpg&name=144x144_2

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

45fdd4623cf42f0ec3677a33ea71d6747e2e3cbd541003960167d55713507408

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 10433
x-response-time: 149
surrogate-key: card_img card_img/bucket/2 card_img/1178824723184181251
last-modified: Tue, 01 Oct 2019 00:09:30 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c2eeb249e4216c616b7e53cb5e21b1cb
accept-ranges: bytes

GET
H2 200 LcXQuMI-
pbs.twimg.com/card_img/1179550709383139331/ Frame E41C 16 KB
16 KB 189ms
169ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1179550709383139331/LcXQuMI-?format=jpg&name=386x202

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

dfc59d02835d65262a604c79ce7e84cdb0366867858e3477496b6a4f9e184b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 15889
x-response-time: 140
surrogate-key: card_img card_img/bucket/0 card_img/1179550709383139331
last-modified: Thu, 03 Oct 2019 00:14:18 GMT
server: ECS (fcn/40F9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12e449041aebf9c80307b5042b0d5ff8
accept-ranges: bytes

GET
H/1.1 200
OK timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ Frame E41C 53 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: e3ceb417f143f3da5e489b62778609a256365a98f483bed272d97e4891fdb36b

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:36 GMT
Server: ECS (fcn/41A0)
Etag: "07ca66dad14d0d26b03a02f7f31a1d7b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12281

GET
H/1.1 200
OK timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 03 Oct 2019 00:26:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:36 GMT
Server: ECS (fcn/41A0)
Etag: "07ca66dad14d0d26b03a02f7f31a1d7b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12281

GET
H2 200 1f4f8.png
abs.twimg.com/emoji/v2/72x72/ Frame E41C 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1051
x-cache: HIT
status: 200
content-length: 1051
x-response-time: 21
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECS (fcn/40DE)
etag: "G69ZXka063MGIj18aOjBxg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b5dde806da5203bf58bf07b39becdd2d
accept-ranges: bytes
expires: Fri, 02 Oct 2020 00:26:14 GMT

GET
H2 200 AovoRUQc_normal.jpg
pbs.twimg.com/profile_images/980507669180989440/ Frame E41C 2 KB
2 KB 17ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/980507669180989440/AovoRUQc_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DA) /

Resource Hash

3050a0db63dc5964b63ac5f2882129ffbdc9a4771bc64a20a0c705f556b71f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 147
surrogate-key: profile_images profile_images/bucket/7 profile_images/980507669180989440
last-modified: Sun, 01 Apr 2018 18:08:19 GMT
server: ECS (fcn/40DA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0ec27bacfa5a931a4ca608c77fde042e
accept-ranges: bytes

GET
H2 200 nVDgbuDT_normal.jpg
pbs.twimg.com/profile_images/1179111287214632960/ Frame E41C 2 KB
2 KB 12ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1179111287214632960/nVDgbuDT_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

e9fb0a70f5d04d4a7f2c8c7251ec777dd26144bbaee14be9ea38dc4ad282b38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 130
surrogate-key: profile_images profile_images/bucket/7 profile_images/1179111287214632960
last-modified: Tue, 01 Oct 2019 19:08:12 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8c0e0c3236b0881407c4c83985ab0bd
accept-ranges: bytes

GET
H2 200 1QpS06D6_normal.png
pbs.twimg.com/profile_images/1148327441527689217/ Frame E41C 1 KB
1 KB 26ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1148327441527689217/1QpS06D6_normal.png

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DB) /

Resource Hash

d84aa7af6e519739b6dacc2ec9e18d53078974fb55ced5edf16b28526706956f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1123
x-response-time: 112
surrogate-key: profile_images profile_images/bucket/8 profile_images/1148327441527689217
last-modified: Mon, 08 Jul 2019 20:24:11 GMT
server: ECS (fcn/40DB)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b296d298343e7f94535f23d394ba2d16
accept-ranges: bytes

GET
H2 200 JFjy7gj9_normal.png
pbs.twimg.com/profile_images/1140036146514321410/ Frame E41C 5 KB
5 KB 25ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1140036146514321410/JFjy7gj9_normal.png

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

f52be45833eff1339e90211b9e491c22962ae5506f09d1f5155da8eb8834634b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 4847
x-response-time: 175
surrogate-key: profile_images profile_images/bucket/7 profile_images/1140036146514321410
last-modified: Sat, 15 Jun 2019 23:17:32 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b830ee775860725b4d145b10bff861e9
accept-ranges: bytes

GET
H2 200 KT85ey2V_normal.jpg
pbs.twimg.com/profile_images/784130320635457536/ Frame E41C 2 KB
2 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/784130320635457536/KT85ey2V_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A5) /

Resource Hash

c4eb3b89555c9c8767c041b094a30b625870936652d728dccfaeb6e9aea142f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 241
surrogate-key: profile_images profile_images/bucket/2 profile_images/784130320635457536
last-modified: Thu, 06 Oct 2016 20:34:51 GMT
server: ECS (fcn/41A5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8bc7c5d666dd58fe54f378b317198e69
accept-ranges: bytes

GET
H2 200 Le8rmFF6_normal.jpg
pbs.twimg.com/profile_images/1171077361766469637/ Frame E41C 2 KB
2 KB 26ms
24ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1171077361766469637/Le8rmFF6_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

175dcd7bd84581ed4ced4d2e4979ae214eeba5042f26db533d0873ac7f30e664

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/4 profile_images/1171077361766469637
last-modified: Mon, 09 Sep 2019 15:04:15 GMT
server: ECS (fcn/40F9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 36ddd735a12f09c84d489b1ba8b84834
accept-ranges: bytes

GET
H2 200 GKZ8-in__normal.jpeg
pbs.twimg.com/profile_images/525117331836379136/ Frame E41C 2 KB
2 KB 29ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/525117331836379136/GKZ8-in__normal.jpeg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

e50aa7931ab7c2fa75428ba355b831db51fe63643e9f97d59fa4ec5a411420be

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 2111
x-response-time: 288
surrogate-key: profile_images profile_images/bucket/8 profile_images/525117331836379136
last-modified: Thu, 23 Oct 2014 02:49:42 GMT
server: ECS (fcn/40D1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c033b0af3b5a2d16951df0494e27a60
accept-ranges: bytes

GET
H2 200 PKGRlPcp_normal.jpg
pbs.twimg.com/profile_images/803832372819009536/ Frame E41C 2 KB
2 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/803832372819009536/PKGRlPcp_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

e2a9eca54543c3726652a4742f79327ce8d507d007fffbae0ee82936a91954a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 231
surrogate-key: profile_images profile_images/bucket/7 profile_images/803832372819009536
last-modified: Wed, 30 Nov 2016 05:23:46 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 578e25155ad84ae9762e0fee25d5977b
accept-ranges: bytes

GET
H2 200 xRl-pFM0_normal.jpeg
pbs.twimg.com/profile_images/576930636004360193/ Frame E41C 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/576930636004360193/xRl-pFM0_normal.jpeg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

d8683e37dd37064fff47c00f665113458936438bb77b249c50221ec4463ef7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1655
x-response-time: 426
surrogate-key: profile_images profile_images/bucket/3 profile_images/576930636004360193
last-modified: Sun, 15 Mar 2015 02:17:17 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 693eb16a9b580fd05876b48b984bc06b
accept-ranges: bytes

GET
H2 200 NsSDS3ta_normal.jpg
pbs.twimg.com/profile_images/888365537100668928/ Frame E41C 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/888365537100668928/NsSDS3ta_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

5484e6d54a3c57de34acbe7545fbdbf35f9d008064fbb04cef40e56ac9a97b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/7 profile_images/888365537100668928
last-modified: Fri, 21 Jul 2017 11:48:23 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 003806ed0043e851
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 6
x-connection-hash: 16337104a0b2dd7405aa14d828b4d5a7
accept-ranges: bytes

GET
H2 200 oK3MPLEQ_normal.jpg
pbs.twimg.com/profile_images/727964250476400640/ Frame E41C 2 KB
2 KB 21ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/727964250476400640/oK3MPLEQ_normal.jpg

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

0cb2dc27971b006ffe58bf2e0d4eabfd4a21c7bbb93eace44d48a092a7a03dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 148
surrogate-key: profile_images profile_images/bucket/9 profile_images/727964250476400640
last-modified: Wed, 04 May 2016 20:50:56 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f165a9d60393b3ff6bc114e75906a22d
accept-ranges: bytes

GET
H2 200 QMxGkDsD_dQuuMgM
pbs.twimg.com/ext_tw_video_thumb/1179149300544262149/pu/img/ Frame E41C 15 KB
16 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1179149300544262149/pu/img/QMxGkDsD_dQuuMgM?format=jpg&name=360x360

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

fcb57ae0461112f744a21e01adacc29192cc0458e2ce471325ffc163549b5ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15710
x-response-time: 165
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1179149300544262149
last-modified: Tue, 01 Oct 2019 21:39:15 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 601d063a44616e7059eacd07b367eea8
accept-ranges: bytes

GET
H2 200 EF0S_ZUWkAIkP0e
pbs.twimg.com/media/ Frame E41C 20 KB
20 KB 21ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EF0S_ZUWkAIkP0e?format=jpg&name=360x360

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

efcc8769617a652ee23942d58c102086af17c7b6d063c4030af2766d093004d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 20275
x-response-time: 182
surrogate-key: media media/bucket/5 media/1179119557778247682
last-modified: Tue, 01 Oct 2019 19:41:04 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 402e830499241dbfa26eb80a83588a31
accept-ranges: bytes

GET
H2 200 EFzO57lWwAEiBki
pbs.twimg.com/tweet_video_thumb/ Frame E41C 17 KB
17 KB 22ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/EFzO57lWwAEiBki?format=jpg&name=360x360

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

749f10ca394ec57513b00933012dd0c21fe18229886ce8e2481f830d1458c291

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 17042
x-response-time: 143
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/5 tweet_video_thumb/1179044697106464769
last-modified: Tue, 01 Oct 2019 14:43:36 GMT
server: ECS (fcn/41AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93965658eed7dc239ed30707f26f4454
accept-ranges: bytes

GET
H2 200 EFzQXRrXYAA_ipl
pbs.twimg.com/media/ Frame E41C 29 KB
30 KB 21ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EFzQXRrXYAA_ipl?format=jpg&name=small

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

595c96c8b497303c93a3614b5d12d9ead9754a42d7a72bfc2a72fe4099a0232a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 30069
x-response-time: 122
surrogate-key: media media/bucket/5 media/1179046300765085696
last-modified: Tue, 01 Oct 2019 14:49:58 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b8ca101c4fa6e9095955af266d3e1611
accept-ranges: bytes

GET
H2 200 EF0O6qYWsAAL5QI
pbs.twimg.com/media/ Frame E41C 12 KB
12 KB 26ms
25ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EF0O6qYWsAAL5QI?format=jpg&name=240x240

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

9a27b0d9950fdf4077190e2b915db3eeb0d15c5655cebb5a49b5279c59994c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 12461
x-response-time: 182
surrogate-key: media media/bucket/8 media/1179115078412578816
last-modified: Tue, 01 Oct 2019 19:23:16 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4ad3257f335f9415c17d2a99eb00dbf1
accept-ranges: bytes

GET
H2 200 EF0O6qXXYAAnJNv
pbs.twimg.com/media/ Frame E41C 9 KB
9 KB 22ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EF0O6qXXYAAnJNv?format=jpg&name=240x240

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

20cc292c388e999e1139d47eca2b1866f43af7642fb89e98eefd91b17184cec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 9421
x-response-time: 158
surrogate-key: media media/bucket/4 media/1179115078408429568
last-modified: Tue, 01 Oct 2019 19:23:16 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 574028e3b1f3eb11e5031dc9f19d87ef
accept-ranges: bytes

GET
H2 200 EF0O6qaXUAA0oVn
pbs.twimg.com/media/ Frame E41C 10 KB
10 KB 2281ms
2280ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EF0O6qaXUAA0oVn?format=jpg&name=240x240

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

aec16b1a5995524a8508beea57eda4e68561316671aa4b91ae6f05341eded0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:16 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 9827
x-response-time: 159
surrogate-key: media media/bucket/4 media/1179115078421008384
last-modified: Tue, 01 Oct 2019 19:23:16 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4b9c1c34c7104fd0bbc19f4bdaba9944
accept-ranges: bytes

GET
H2 200 EFzDFoWXkAEreMm
pbs.twimg.com/media/ Frame E41C 12 KB
12 KB 26ms
25ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EFzDFoWXkAEreMm?format=jpg&name=240x240

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418A) /

Resource Hash

1c966b549f0b3f290f538535667406b5c5b310074166631007458bca7d12e11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 12192
x-response-time: 176
surrogate-key: media media/bucket/8 media/1179031703962226689
last-modified: Tue, 01 Oct 2019 13:51:58 GMT
server: ECS (fcn/418A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ee1b22d90c218c1ae91ffffb6bba1218
accept-ranges: bytes

GET
H2 200 EFzDFoXXUAANmh8
pbs.twimg.com/media/ Frame E41C 10 KB
10 KB 22ms
20ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EFzDFoXXUAANmh8?format=jpg&name=240x240

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4189) /

Resource Hash

bbcd1af7e41766d24156be2b77ae4e89cbd078e7411da3aaf5453e6fbcf4a783

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 9763
x-response-time: 155
surrogate-key: media media/bucket/1 media/1179031703966404608
last-modified: Tue, 01 Oct 2019 13:51:58 GMT
server: ECS (fcn/4189)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 127aed81218001cbd713450748a52fdb
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame E41C 44 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 14
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 81465c86f587b63b8067dc9436618229
accept-ranges: bytes
expires: Thu, 10 Oct 2019 00:26:14 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 19ms
18ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 14
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 81465c86f587b63b8067dc9436618229
accept-ranges: bytes
expires: Thu, 10 Oct 2019 00:26:14 GMT

GET
DATA 200
OK truncated
/ Frame E41C 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E41C 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 YNN6QBpk
pbs.twimg.com/card_img/1179222739841945601/ Frame E41C 79 KB
79 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1179222739841945601/YNN6QBpk?format=jpg&name=800x419

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

9004d8e799774955d4605af6c2fc6ee8e75df911b0c00809a2cbafda240fc111

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 80893
x-response-time: 200
surrogate-key: card_img card_img/bucket/9 card_img/1179222739841945601
last-modified: Wed, 02 Oct 2019 02:31:04 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f4c14725eb8b4c8a58a92117bb863882
accept-ranges: bytes

GET
H2 200 7CJY2qyo
pbs.twimg.com/card_img/1178824723184181251/ Frame E41C 10 KB
10 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1178824723184181251/7CJY2qyo?format=jpg&name=144x144_2

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

45fdd4623cf42f0ec3677a33ea71d6747e2e3cbd541003960167d55713507408

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 10433
x-response-time: 149
surrogate-key: card_img card_img/bucket/2 card_img/1178824723184181251
last-modified: Tue, 01 Oct 2019 00:09:30 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c2eeb249e4216c616b7e53cb5e21b1cb
accept-ranges: bytes

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 144ms
144ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.ctfire-ems.com%2FforumV5%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22tapatalk%22%2C%22widget_data_source%22%3A%22list%3ACTFireEMS%3Actfire%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1570062374804%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22708eecd%3A1570046592825%22%2C%22format_version%22%3A%22708eecd%3A1570046592825%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true

Requested by

Host: www.ctfire-ems.com
URL: http://www.ctfire-ems.com/forumV5/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.ctfire-ems.com/forumV5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 00:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Thu, 03 Oct 2019 00:26:14 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0843ff79d7ec5e446b532f6437bbc24
x-transaction: 009058e600027273
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 70C0
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: http://www.ctfire-ems.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Oct 2019 00:26:14 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 02 Oct 2019 20:25:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D7)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 03 Oct 2019 00:26:14 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 03 Oct 2019 00:26:14 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: e0843ff79d7ec5e446b532f6437bbc24
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 121
x-transaction: 00e89da100c6881c
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 06:17:18	Name: 8lcfmzhxc8d6_uid Value: 205c405eee1598db
.doubleclick.net/	1970-01-19 13:29:18	Name: IDE Value: AHWqTUlO03sdetx4M1H8AesJ6B1Ck64jD33QLCvMw63_-74VEo1KLOAPTz26bizB
www.ctfire-ems.com/	1969-12-31 23:59:59	Name: bblastactivity Value: 1570062373
www.ctfire-ems.com/	1969-12-31 23:59:59	Name: bbsessionhash Value: 7aded5a21b0d63bd68d86df115a679e6
www.ctfire-ems.com/	1969-12-31 23:59:59	Name: bblastvisit Value: 1570062370
www.ctfire-ems.com/	1969-12-31 23:59:59	Name: bbnp_notices_displayed Value:
www.ctfire-ems.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 826ab4a2f1a2adf169bda2fe9904ecb7

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 2544) Message: PM Dropdown not detected, skipping init.
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 2544) Message: PM Chat window not detected, skipping init.
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: Securitytoken updated
console-api	log	URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js(Line 15) Message: getPageCorrelator undefined
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.show Counter: 1 Source: ajaxStart
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.hide Counter: 0 Source: ajaxStop
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.show ajax indicator suppressed
console-api	log	URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js(Line 15) Message: getPageCorrelator 3316688382894699
console-api	info	URL: http://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]
console-api	log	URL: https://pagead2.googlesyndication.com/pagead/js/r20190926/r20190131/show_ads_impl.js(Line 15) Message: getPageCorrelator 3316688382894699
console-api	log	URL: http://www.ctfire-ems.com/forumV5/js/footer-rollup-554.js(Line 382) Message: vBulletin.loadingIndicator.hide ajax indicator suppressed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
cdn.syndication.twimg.com
ctfire-ems.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
ton.twimg.com
www.ctfire-ems.com
www.googletagservices.com
104.192.220.131
104.244.42.8
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2002
2a00:1450:4001:816::2002
2a00:1450:4001:820::200a
2a00:1450:4001:824::2001
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
079d29084d8f37f5bd1eae607c25768bfc6582c0c774fe06c1aa283b21b4ab33
0cb2dc27971b006ffe58bf2e0d4eabfd4a21c7bbb93eace44d48a092a7a03dbc
0ea676811c8275c3f069421e97c81bb505550d5367da3708226ad50d09745c2f
13378e9f887cb07b40ebe4fd25e807ad4e76994220cb2666542a05d2ed98d39a
175dcd7bd84581ed4ced4d2e4979ae214eeba5042f26db533d0873ac7f30e664
1ac6c12d10b2ded23b6b99d7aae696ab1cfa17aeae61f5a0d7c9c0f5a9922b3e
1c966b549f0b3f290f538535667406b5c5b310074166631007458bca7d12e11f
1cdab7aa63c33764259bbcdbacdd7073e3750bf1e4cb0e3375a55ac48636fc9d
20cc292c388e999e1139d47eca2b1866f43af7642fb89e98eefd91b17184cec8
20f72d711a9fa45790128ad75317ebaaf79c8c5d7031d85ae0d137416295faba
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2fa29cc43baaf2ac857c695f7a7f483e11c98718d1004fc0b30cdd0660986cd2
3050a0db63dc5964b63ac5f2882129ffbdc9a4771bc64a20a0c705f556b71f44
30921f6f966644c253fd01e595ebb46cad43c50f0b04ffe73bd3222c6aa0fc0a
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
412cb2b48dcfcad82aae0471eeeb892e00fe21d4a3061b80fe97c50908a7e2e9
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45fdd4623cf42f0ec3677a33ea71d6747e2e3cbd541003960167d55713507408
46515e04c4d744f5540c70e0040af8dda0b70b97c9d12fd3ab5852a77b392515
4964f94c4649777ba1d2e291403c9c5f70ebfd3e426ca148a160371daaf190b9
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5484e6d54a3c57de34acbe7545fbdbf35f9d008064fbb04cef40e56ac9a97b7a
548819da190b08c330048cbe2b18c05d966247290a236d4f52199c40cf38a856
57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425
57b34d094c8609cb7d241ec02e482a4327101964ac2d043201ba209ec19b4445
595c96c8b497303c93a3614b5d12d9ead9754a42d7a72bfc2a72fe4099a0232a
5fc95a3868b8c94d7dde47f82dd843560e61df6659998aaa622b67dbf162ee7d
6c6683ce7f7ff4f8b908c5eab2561a54aeb4512c073c278c9c2ad14f8729abc4
733cb6d23d17e898719635b1d35d6041a243aa41bfb2a266b9e7eddfa5a22e3f
73ccec1bf6ae8ba0faea1a24c1d306c2646fb04823dfc02da94c5ac7387932f5
749f10ca394ec57513b00933012dd0c21fe18229886ce8e2481f830d1458c291
7d78aeaf6c14d332f13859d1b346e3bb7ef8c6a57a5ab8ec69b44ad9b17e63b8
8df3f5ec20125ffc5b858962084b3103efd917b41d0cf3c88eff85e34a355647
9004d8e799774955d4605af6c2fc6ee8e75df911b0c00809a2cbafda240fc111
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
9a27b0d9950fdf4077190e2b915db3eeb0d15c5655cebb5a49b5279c59994c59
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec16b1a5995524a8508beea57eda4e68561316671aa4b91ae6f05341eded0dc
b981e8763a22ca5332a4e5e9fae0c474b02b922d98bfd05fcfafb265bef9206a
bbcd1af7e41766d24156be2b77ae4e89cbd078e7411da3aaf5453e6fbcf4a783
c2f7d0ca976c119249f875f32bcb9de199f34fa2c648e5f997a9d45e49e3a3df
c4eb3b89555c9c8767c041b094a30b625870936652d728dccfaeb6e9aea142f2
c8615d41121675d739ad8a05627ccfd2c6b99c576521ff17a2313f79a37fa6cc
d84aa7af6e519739b6dacc2ec9e18d53078974fb55ced5edf16b28526706956f
d8683e37dd37064fff47c00f665113458936438bb77b249c50221ec4463ef7ea
dbe385e5bdb1d080e10711e4919f8102a1162ea87227a22a2b84e2b600690343
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
dfc59d02835d65262a604c79ce7e84cdb0366867858e3477496b6a4f9e184b1c
e2a9eca54543c3726652a4742f79327ce8d507d007fffbae0ee82936a91954a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ceb417f143f3da5e489b62778609a256365a98f483bed272d97e4891fdb36b
e50aa7931ab7c2fa75428ba355b831db51fe63643e9f97d59fa4ec5a411420be
e9fb0a70f5d04d4a7f2c8c7251ec777dd26144bbaee14be9ea38dc4ad282b38c
eea515cddabf71051491356439c1ad7a93366024932f56f16862a4e62fa3ba52
efcc8769617a652ee23942d58c102086af17c7b6d063c4030af2766d093004d1
f452b1e5c1cae40dc81a9da7605dd6b98d0a06253d9b363e11c99ec4081ace4c
f52be45833eff1339e90211b9e491c22962ae5506f09d1f5155da8eb8834634b
fcb57ae0461112f744a21e01adacc29192cc0458e2ce471325ffc163549b5ea0

www.ctfire-ems.com Open in urlscan Pro 104.192.220.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

67 %HTTPS

78 %IPv6

10 Domains

15 Subdomains

10 IPs

2 Countries

1273 kBTransfer

3144 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ctfire-ems.com Open in urlscan Pro
104.192.220.131 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

67 %
HTTPS

78 %
IPv6

10
Domains

15
Subdomains

10
IPs

2
Countries

1273 kB
Transfer

3144 kB
Size

7
Cookies

75 HTTP transactions
7 data transactions