jtvfc27.com Open in urlscan Pro
169.62.4.205 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://jtvfc27.com/
Submission: On April 14 via api (April 14th 2023, 2:32:36 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 24 domains to perform 55 HTTP transactions. The main IP is 169.62.4.205, located in and belongs to SOFTLAYER, US. The main domain is jtvfc27.com.

This is the only time jtvfc27.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	169.62.4.205 169.62.4.205	36351 (SOFTLAYER) (SOFTLAYER)
9	169.62.4.204 169.62.4.204	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	95.101.54.128 95.101.54.128	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.59.86.67 108.59.86.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2606:4700:303... 2606:4700:3032::6815:2d63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.209.210.126 35.209.210.126	19527 (GOOGLE-2) (GOOGLE-2)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	174.143.85.70 174.143.85.70	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	50.22.8.54 50.22.8.54	36351 (SOFTLAYER) (SOFTLAYER)
1 2	66.113.234.235 66.113.234.235	15216 (HOSTWAY) (HOSTWAY)
1 2	2a02:4780:b:8... 2a02:4780:b:855:0:2245:ccee:1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2606:4700:303... 2606:4700:3035::6815:5156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.56.204.60 23.56.204.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2a02:26f0:64:... 2a02:26f0:64:1a7::1955	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	35.206.101.166 35.206.101.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
8	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	169.55.98.198 169.55.98.198	36351 (SOFTLAYER) (SOFTLAYER)
1 2	2.16.13.106 2.16.13.106	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a02:26f0:780... 2a02:26f0:780::5f65:36c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
55	26

1 169.62.4.205 (None, )

ASN36351 (SOFTLAYER, US)
PTR: sites.yourfirstdue.com

jtvfc27.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 169.62.4.204 (None, )

ASN36351 (SOFTLAYER, US)
PTR: yourfirstdue.com

yourfirstdue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.128 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-128.deploy.static.akamaitechnologies.com

i.etsystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.59.86.67 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.86.59.108.bc.googleusercontent.com

rv-rental-deals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:2d63 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

thumbs.gograph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gograph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.209.210.126 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 126.210.209.35.bc.googleusercontent.com

www.paconstructors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

th.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.143.85.70 (United States)

ASN33070 (RMH-14, US)

www.safetysign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.22.8.54 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 36.08.1632.ip4.static.sl-reverse.com

sfiofpa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.113.234.235 (United States) 1 redirects

ASN15216 (HOSTWAY, US)

www.crwflags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:b:855:0:2245:ccee:1 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

www.psdgraphics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5156 (United States)

ASN13335 (CLOUDFLARENET, US)

cyris.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.204.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-204-60.deploy.static.akamaitechnologies.com

i5.walmartimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64:1a7::1955 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.dhs.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.206.101.166 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 166.101.206.35.bc.googleusercontent.com

img.wikinut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.wikinut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.firehero.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.55.98.198 (Ashburn, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: c6.62.37a9.ip4.static.sl-reverse.com

wow.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.13.106 (Glattbrugg, Switzerland) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-13-106.deploy.static.akamaitechnologies.com

weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:780::5f65:36c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 450 p.typekit.net — Cisco Umbrella Rank: 564	158 KB
9	yourfirstdue.com yourfirstdue.com	3 MB
8	firehero.org www.firehero.org	325 KB
4	bing.com th.bing.com — Cisco Umbrella Rank: 282	96 KB
3	weather.com 2 redirects wow.weather.com — Cisco Umbrella Rank: 573634 weather.com — Cisco Umbrella Rank: 1408	2 KB
3	wikinut.com 2 redirects img.wikinut.com www.wikinut.com	641 B
3	dhs.gov 2 redirects www.dhs.gov — Cisco Umbrella Rank: 27459	5 KB
3	gograph.com 2 redirects thumbs.gograph.com www.gograph.com — Cisco Umbrella Rank: 698251	1 KB
3	gstatic.com encrypted-tbn0.gstatic.com t0.gstatic.com t2.gstatic.com	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	88 KB
2	psdgraphics.com 1 redirects www.psdgraphics.com	195 KB
2	crwflags.com 1 redirects www.crwflags.com — Cisco Umbrella Rank: 458517	12 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2253	4 KB
2	paconstructors.org 1 redirects www.paconstructors.org	4 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11765	7 KB
1	walmartimages.com i5.walmartimages.com — Cisco Umbrella Rank: 4333	75 KB
1	cyris.in cyris.in	47 KB
1	sfiofpa.org sfiofpa.org	22 KB
1	safetysign.com www.safetysign.com — Cisco Umbrella Rank: 293000	31 KB
1	rv-rental-deals.com rv-rental-deals.com	26 KB
1	etsystatic.com i.etsystatic.com — Cisco Umbrella Rank: 7522	5 KB
1	jtvfc27.com jtvfc27.com	132 KB
0	monroe.pa.us Failed www.co.monroe.pa.us Failed
0	federaljack.com Failed www.federaljack.com Failed
55	24

	Domain	Requested by
9	use.typekit.net	www.firehero.org
9	yourfirstdue.com	jtvfc27.com
8	www.firehero.org	jtvfc27.com www.firehero.org
4	th.bing.com	jtvfc27.com
3	www.dhs.gov	2 redirects jtvfc27.com
2	connect.facebook.net	jtvfc27.com connect.facebook.net
2	weather.com	1 redirects jtvfc27.com
2	www.wikinut.com	1 redirects jtvfc27.com
2	www.psdgraphics.com	1 redirects jtvfc27.com
2	www.crwflags.com	1 redirects jtvfc27.com
2	www.paypalobjects.com	jtvfc27.com
2	www.paconstructors.org	1 redirects jtvfc27.com
2	thumbs.gograph.com	2 redirects
1	p.typekit.net	jtvfc27.com
1	wow.weather.com	1 redirects
1	1.bp.blogspot.com	jtvfc27.com
1	img.wikinut.com	1 redirects
1	i5.walmartimages.com	jtvfc27.com
1	cyris.in	jtvfc27.com
1	sfiofpa.org	jtvfc27.com
1	t2.gstatic.com	jtvfc27.com
1	www.safetysign.com	jtvfc27.com
1	www.gograph.com	jtvfc27.com
1	rv-rental-deals.com	jtvfc27.com
1	i.etsystatic.com	jtvfc27.com
1	t0.gstatic.com	jtvfc27.com
1	encrypted-tbn0.gstatic.com	jtvfc27.com
1	jtvfc27.com
0	www.co.monroe.pa.us Failed	jtvfc27.com
0	www.federaljack.com Failed	jtvfc27.com
55	30

This site contains links to these domains. Also see Links.

Domain
www.dot.state.pa.us
www.lvhn.org
www.fema.gov
www.dcnr.state.pa.us
www.firefihtersclosecalls.com
www.firehero.org
www.madd.org
monroe.alertpa.org
www.dhs.gov
www.cancer.org
www.redcrosslv.org
www.use.salvationarmy.org
www.weather.com
yourfirstdue.com

Subject Issuer	Validity	Valid
yourfirstdue.com Go Daddy Secure Certificate Authority - G2	`2023-01-11` - `2024-02-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
im.i.etsystatic.com R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
rv-rental-deals.com R3	`2023-03-30` - `2023-06-28`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
safetysign.com GlobalSign Extended Validation CA - SHA256 - G3	`2022-11-13` - `2023-12-15`	a year	crt.sh
*.cyris.in GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
prod.walmartimages.com GlobalSign RSA OV SSL CA 2018	`2023-01-26` - `2024-02-27`	a year	crt.sh
www.firehero.org R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-21` - `2023-04-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://jtvfc27.com/
Frame ID: 33EECB02223703A8E693EA8D2CB37298
Requests: 38 HTTP requests in this frame

Frame: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Frame ID: F84F5A3AF34103EE615E34831C75CF4A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jackson Township Volunteer Fire Company

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

55
Requests

75 %
HTTPS

48 %
IPv6

24
Domains

30
Subdomains

26
IPs

4
Countries

4467 kB
Transfer

4716 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.dot.state.pa.us/
Title: http://www.dot.state.pa.us

Search URL Search Domain Scan URL

URL: http://www.lvhn.org/burncenter
Title: http://www.lvhn.org/burncenter

Search URL Search Domain Scan URL

URL: http://www.fema.gov/
Title: http://www.fema.gov/

Search URL Search Domain Scan URL

URL: http://www.dcnr.state.pa.us/forestry/
Title: http://www.dcnr.state.pa.us/forestry/

Search URL Search Domain Scan URL

URL: http://www.firefihtersclosecalls.com/
Title: www.firefighterclosecalls.com

Search URL Search Domain Scan URL

URL: http://www.firehero.org/
Title: www.firehero.org

Search URL Search Domain Scan URL

URL: http://www.madd.org/
Title: www.madd.org

Search URL Search Domain Scan URL

URL: https://monroe.alertpa.org/

Search URL Search Domain Scan URL

URL: http://www.dhs.gov/alerts

Search URL Search Domain Scan URL

URL: http://www.cancer.org/
Title: http://www.cancer.org

Search URL Search Domain Scan URL

URL: http://www.redcrosslv.org/
Title: American Red Cross of the Poconos

Search URL Search Domain Scan URL

URL: http://www.use.salvationarmy.org/use/www_use_EastStroudsburgPA.nsf
Title: www.use.salvationarmy.org/use/

Search URL Search Domain Scan URL

URL: http://www.weather.com/weather/local/18352
Title: Reeders Weather Forecast, PA (18352)

Search URL Search Domain Scan URL

URL: https://yourfirstdue.com/
Title: YourFirstDue Inc.

Search URL Search Domain Scan URL

URL: https://yourfirstdue.com/manager/
Title: Management login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://thumbs.gograph.com/gg54590124.jpg HTTP 301
https://thumbs.gograph.com/gg54590124.jpg HTTP 301
https://www.gograph.com/gg54590124.jpg

Request Chain 9

http://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg HTTP 301
https://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg

Request Chain 17

http://www.crwflags.com/art/miscflags/firemourning.gif HTTP 301
https://www.crwflags.com/art/miscflags/firemourning.gif

Request Chain 21

http://www.psdgraphics.com/file/green-recycling-icon.jpg HTTP 301
https://www.psdgraphics.com/file/green-recycling-icon.jpg

Request Chain 24

http://www.dhs.gov/xlibrary/graphics/ntas/dhs-ntas-badge-small.jpg HTTP 301
https://www.dhs.gov/xlibrary/graphics/ntas/dhs-ntas-badge-small.jpg HTTP 302
https://www.dhs.gov/sites/default/files/ntas/dhs-ntas-badge-small.jpg

Request Chain 25

http://img.wikinut.com/img/2qjdc52f32y3xqdp/jpeg/0/American-Cancer-Society-Logo.jpeg HTTP 301
https://www.wikinut.com/img/2qjdc52f32y3xqdp/jpeg/0/American-Cancer-Society-Logo.jpeg HTTP 301
https://www.wikinut.com/

Request Chain 34

http://wow.weather.com/weather/wow/module/18352?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341 HTTP 301
https://weather.com/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341 HTTP 302
https://weather.com/de-DE/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341&Goto=Redirected

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jtvfc27.com/ 131 KB
132 KB 761ms
156ms Document
text/html 169.62.4.205
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Server: 169.62.4.205 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: sites.yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 1c8f2b881ac4c9106b46bbf0a0e56db8d27cb778ab769aa87c477586e8cd0c58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html
Date: Fri, 14 Apr 2023 14:32:24 GMT
Keep-Alive: timeout=3, max=200
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PleskLin

GET
H/1.1 200
OK chart.min.js Show response
yourfirstdue.com/manager/data/shared/ 184 KB
184 KB 3826ms
100ms Script
application/javascript 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://yourfirstdue.com/manager/data/shared/chart.min.js
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 6c2dcb0990b029e7a163a4f87c58bd55f394d20ced51af92e1c9e422154f6791

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
MS-Author-Via: DAV
Last-Modified: Sat, 04 Sep 2021 03:47:51 GMT
Server: Apache
ETag: "2dfd1-5cb2347bc01fc"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=200
Content-Length: 188369

GET
H/1.1 200
OK june_2019.jpg
yourfirstdue.com/manager/data/1287083401/logo/ 3 MB
3 MB 3917ms
103ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/logo/june_2019.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 73909da6f2669774bb25dfa790bb6df190c4772de52a4f5e74c09b1a2edf64ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
MS-Author-Via: DAV
Last-Modified: Mon, 02 Jan 2023 21:33:23 GMT
Server: Apache
ETag: "2b346a-5f14eb373691a"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=200
Content-Length: 2831466

GET
H/1.1 200
OK sm_20200802170126-85428-1.jpg
yourfirstdue.com/manager/data/1287083401/news/ 68 KB
68 KB 103ms
103ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/news/sm_20200802170126-85428-1.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: bfecc3d2eba5274ba07d5dda0315757766228f9832de13882133d3046ed50561

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
MS-Author-Via: DAV
Last-Modified: Sun, 02 Aug 2020 21:01:26 GMT
Server: Apache
ETag: "10edc-5abeb534f25c4"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=199
Content-Length: 69340

GET
H/1.1 200
OK sm_73323jacksontwp.jpg
yourfirstdue.com/manager/data/1287083401/Image/ 34 KB
34 KB 105ms
104ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/Image/sm_73323jacksontwp.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 9d30b6d00bb62d69e187d0cfb4c017949397967782094f0311b1fe005c6227af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
MS-Author-Via: DAV
Last-Modified: Thu, 24 Feb 2011 04:02:35 GMT
Server: Apache
ETag: "8612-49cff48928cc0"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=200
Content-Length: 34322

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 12 KB
13 KB 54ms
16ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTTLJMFqLS_YDMznuJjrCiIZwMrLj-Vef8pRA&usqp=CAU

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563055973bb858a22df666ddfcf0eedf476af4d2d1c519d82654d4d9c638abb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12368
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 08:53:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 Apr 2024 14:32:28 GMT

GET
H/1.1 200
OK images
t0.gstatic.com/ 13 KB
13 KB 50ms
27ms Image
image/jpeg 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://t0.gstatic.com/images?q=tbn:tCHIFC6P4iaxnM:http://www.we-will-never-forget.com/flag0914.jpg&t=1

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37658090a7c1a0c46d137e21e6c1c16dbf75f3b89746df590c769e6e558811f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Dec 2016 13:53:45 GMT
Server: sffe
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
Report-To: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 12969
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="images-tbn"
Expires: Sat, 13 Apr 2024 14:32:28 GMT

GET
H2 200 il_570xN.1391344819_4vj7.jpg
i.etsystatic.com/11367626/r/il/bb0445/1391344819/ 5 KB
5 KB 1146ms
644ms Image
image/avif 95.101.54.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.etsystatic.com/11367626/r/il/bb0445/1391344819/il_570xN.1391344819_4vj7.jpg

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-128.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

59e0d52db692ce133caee55e8625e1245c89d1b39ed02b7a4b672d5dae42e177

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
strict-transport-security: max-age=86400
last-modified: Sun, 06 Nov 2022 13:57:50 GMT
server: Akamai Image Manager
akamai-grn: , , , , , 0.7c36655f.1681482749.ffa3609
etag: "dffa4b4375a9751910549e58c40d8343"
content-type: image/avif
cache-control: private, no-transform, max-age=567676
server-timing: cdn; desc=Akamai
timing-allow-origin: *
content-length: 4613
expires: Fri, 21 Apr 2023 04:13:45 GMT

GET
H2 200 Pennsylvania.jpg
rv-rental-deals.com/wp-content/uploads/2019/02/ 26 KB
26 KB 603ms
206ms Image
image/jpeg 108.59.86.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rv-rental-deals.com/wp-content/uploads/2019/02/Pennsylvania.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.59.86.67 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.86.59.108.bc.googleusercontent.com
Software: nginx /
Resource Hash: 082e9d9d4278c9f310f2d20f6cfd4745f1e995f113ba313780835a8850dd2a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
last-modified: Sat, 23 Feb 2019 11:47:39 GMT
server: nginx
etag: "5c7132db-6650"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26192

GET
H2

404

gg54590124.jpg
www.gograph.com/
Redirect Chain

http://thumbs.gograph.com/gg54590124.jpg
https://thumbs.gograph.com/gg54590124.jpg
https://www.gograph.com/gg54590124.jpg

0
0

491ms
458ms

Image
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gograph.com/gg54590124.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Fri, 14 Apr 2023 14:32:29 GMT
strict-transport-security: max-age=600; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkwDKLEtVwLuz1wCktIyUZjbgaGS9%2Fc8Ih5DEPK4siWVlqqzTEJR292F5kVZsxik4T%2B%2FBK3PQtFLrMJ7Kz1YqDG%2FqZUPY5m%2BK5arNxQe52WHBp8MGp%2FOXypFRhjxqOLWMGiAC2RLpSC6igPNKO7cEBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://www.gograph.com/gg54590124.jpg
x-server: morpheus
server-name: morpheus
cf-ray: 7b7ca88c9b50910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

PENNDOTGENERAL.jpg
www.paconstructors.org/wp-content/uploads/2012/02/
Redirect Chain

http://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg
https://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg

3 KB
3 KB

521ms
135ms

Image
image/jpeg

35.209.210.126
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Server: 35.209.210.126 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 126.210.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5cb5da91cf93461119b56fe445f2d86c5ab9bcccd4cc96144d082ac3007aa99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
last-modified: Thu, 16 Feb 2012 18:25:29 GMT
server: nginx
etag: "4f3d4a19-cff"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 3327
expires: Sat, 13 Apr 2024 14:32:29 GMT

Redirect headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
Server: nginx
X-Proxy-Cache-Info: DT:1
Content-Type: text/html
Location: https://www.paconstructors.org/wp-content/uploads/2012/02/PENNDOTGENERAL.jpg
X-HTTPS-Enforce: 1
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Content-Length: 162

GET
H2 200 Rb56177cd0b00d76269bd49a33cec100e
th.bing.com/th/id/ 17 KB
18 KB 303ms
211ms Image
image/png 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/Rb56177cd0b00d76269bd49a33cec100e?rik=VUoHhxaMrIZuNQ&riu=http%3a%2f%2fkobfire.com%2fwp-content%2fuploads%2f2020%2f06%2fBurn-Prevention-Network.png&ehk=I%2fptEshWpeldkycESHzRwVvkxb%2buZ1APWvxv6JBwWHE%3d&risl=&pid=ImgRaw
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4455b2c8e4126f539e0af479e214eb734e3c3c63622c529d586ea0ca4e240f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-check-cacheable: YES
akamai-grn: 0.8eba1002.1681482748.a5dea7d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/png
access-control-allow-origin: *
x-cache: TCP_MISS from a2-16-186-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
cache-control: public, max-age=5184000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17435
alt-svc: h3=":443"; ma=93600

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 67ms
13ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48AC) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (ama/48AC)
etag: "60afaa97-c1b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: 2b4c172ba8a6d
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
expires: Fri, 14 Apr 2023 15:32:28 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
198 B 67ms
14ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4894) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (ama/4894)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Fri, 14 Apr 2023 15:32:28 GMT

GET
H/1.1 200
OK Y1229-STOP-texting-1-300x300.jpg
www.safetysign.com/blog/wp-content/uploads/2017/01/ 31 KB
31 KB 731ms
197ms Image
image/jpeg 174.143.85.70
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safetysign.com/blog/wp-content/uploads/2017/01/Y1229-STOP-texting-1-300x300.jpg

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.143.85.70 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

88e19fd21ebc13732b98405ce4970834884e3f39d1d8d956b46d31deb025c0de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
Last-Modified: Mon, 30 Jan 2017 18:52:55 GMT
Server: Apache
ETag: "7a07-5475452c4afc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 31239

GET FEMA-LOGO.jpg
www.federaljack.com/wp-content/uploads/2012/11/ 0
0

GET
H/1.1 200
OK images
t2.gstatic.com/ 5 KB
6 KB 57ms
18ms Image
image/png 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://t2.gstatic.com/images?q=tbn:ANd9GcToKx0wt2yc2ozWEfw3KuMAQ-mKOvHyqo3Eg2h_7ViuKJhOnK0

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f5f593a6b907ca591979ff0fa7b6a27c44a7b9f895bde17090a4897742dd4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jun 2019 15:19:48 GMT
Server: sffe
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
Report-To: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5278
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="images-tbn"
Expires: Sat, 13 Apr 2024 14:32:28 GMT

GET
H/1.1 200
OK BOF.png
sfiofpa.org/img/Link_Logos/ 22 KB
22 KB 630ms
229ms Image
image/png 50.22.8.54
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sfiofpa.org/img/Link_Logos/BOF.png
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Server: 50.22.8.54 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 36.08.1632.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 51a5a9b8f850f40cbc82f5e5eef6f85dd4d2e06dd7617ba338e7201303f5ca91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
Last-Modified: Mon, 12 Aug 2013 18:49:03 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22562

GET
H2

200

firemourning.gif
www.crwflags.com/art/miscflags/
Redirect Chain

http://www.crwflags.com/art/miscflags/firemourning.gif
https://www.crwflags.com/art/miscflags/firemourning.gif

12 KB
12 KB

412ms
138ms

Image
image/gif

66.113.234.235
HOSTWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crwflags.com/art/miscflags/firemourning.gif
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Server: 66.113.234.235 , United States, ASN15216 (HOSTWAY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9babe09ca2208219177d7c8b9202fac82d7911044e673d0f771c0953d3c8f978

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 14 Apr 2023 14:32:28 GMT
last-modified: Thu, 19 Feb 2009 17:06:22 GMT
server: Microsoft-IIS/10.0
etag: "07ba063b492c91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 12159

Redirect headers

Location: https://www.crwflags.com/art/miscflags/firemourning.gif
X-Powered-By-Plesk: PleskWin
Date: Fri, 14 Apr 2023 14:32:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 178
Content-Type: text/html; charset=UTF-8

GET
H2 200 Racf18d64623971b72eb3b62ebdb7f22c
th.bing.com/th/id/ 4 KB
5 KB 209ms
208ms Image
image/png 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/Racf18d64623971b72eb3b62ebdb7f22c?rik=dzynNbevmOyF2A&riu=http%3a%2f%2fbeerpulse.com%2fwp-content%2fuploads%2f2010%2f07%2fmadd-logo-ave.png&ehk=Qv4KU7NZ8okKDMDiw5pWN6qIglF0vKT97MgU6xwdNbs%3d&risl=&pid=ImgRaw
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f1d93b4a8725bbe408ccb59c18f99639b81f7228ff269fd12b8905f574d2799f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-check-cacheable: YES
akamai-grn: 0.8eba1002.1681482748.a5deabf
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/png
access-control-allow-origin: *
x-cache: TCP_MISS from a2-16-186-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
cache-control: public, max-age=5184000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4176
alt-svc: h3=":443"; ma=93600

GET
H2 200 R4149da236047881d8085e655760f19de
th.bing.com/th/id/ 72 KB
72 KB 238ms
238ms Image
image/png 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/R4149da236047881d8085e655760f19de?rik=aiyqTq5S9uep3A&riu=http%3a%2f%2fwww.valdosta.edu%2facademics%2famp%2fimages%2fmilitary-logos-2.png&ehk=hpKxaRfl9jN6ahuMj3yBE6VI5o4RWLvqJOOLETxOWxw%3d&risl=&pid=ImgRaw
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95bf5df7a553eb440c5722073f9dbd3ed25aa2d5e51dbb0fa8bb33a5180fed8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:28 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-check-cacheable: YES
akamai-grn: 0.8eba1002.1681482748.a5deac1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/png
access-control-allow-origin: *
x-cache: TCP_MISS from a2-16-186-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
cache-control: public, max-age=5184000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 73527
alt-svc: h3=":443"; ma=93600

GET url-link.png
www.co.monroe.pa.us/agencies/lib/agencies/ems/ 0
0

GET
H2

200

green-recycling-icon.jpg
www.psdgraphics.com/file/
Redirect Chain

http://www.psdgraphics.com/file/green-recycling-icon.jpg
https://www.psdgraphics.com/file/green-recycling-icon.jpg

194 KB
194 KB

1036ms
142ms

Image
image/jpeg

2a02:4780:b:855:0:2245:ccee:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psdgraphics.com/file/green-recycling-icon.jpg

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Server

2a02:4780:b:855:0:2245:ccee:1 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3c012f5a8866465239ea3c5639f531f588b8db006374b7d3a0c88a0b196faa38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 30 Oct 2021 10:15:50 GMT
server: LiteSpeed
etag: "307d5-617d1b56-560301bd806c75ef;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 198613
expires: Fri, 21 Apr 2023 14:32:30 GMT

Redirect headers

date: Fri, 14 Apr 2023 14:32:29 GMT
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
content-type: text/html
location: https://www.psdgraphics.com/file/green-recycling-icon.jpg
Connection: Keep-Alive
platform: hostinger
Keep-Alive: timeout=5, max=100
content-length: 707

GET
H2 200 fire-alam-system-3.jpg
cyris.in/wp-content/uploads/2019/06/ 46 KB
47 KB 396ms
343ms Image
image/jpeg 2606:4700:3035::6815:5156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyris.in/wp-content/uploads/2019/06/fire-alam-system-3.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32b7668fb1e2082e0a941d7e9742c8867046fae73a9a41741b814a3f827850c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2019 07:34:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "208139d-b983-58c20f4a4f383"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg9N13Wuz9kXtk1LZpNaH4BW0t5reqpMEbxpU2EAhPK07ajvQYSd%2F4l3X1vZDoIeUvb0tx6tktHu4qFDYOMcpTFR123CdEWU1siI0YwyieEPL1kC%2Bu0oSeR8tRLvyDqA3E5XDv9SiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b7ca88c2a119180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47491

GET
H2 200 8a2a7804-f371-4d2d-81c6-f510df3349d5_1.9265da67559a51b86c0679ce4d2fc2a7.jpeg
i5.walmartimages.com/asr/ 74 KB
75 KB 460ms
363ms Image
image/webp 23.56.204.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i5.walmartimages.com/asr/8a2a7804-f371-4d2d-81c6-f510df3349d5_1.9265da67559a51b86c0679ce4d2fc2a7.jpeg?odnWidth=612&odnHeight=612&odnBg=ffffff
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.56.204.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-204-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0aeb21edfcfddac221796546712e63030687286df451692156e9346a5ce76a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
x-cdn: AK
content-md5: R+9FXlbglyDsaC9gddln8Q==
x-tb-oa-expiresat: 1682949038
cache-tag: v1.3.66
x-tb-oa-originalcontenttype: image/jpeg
x-tb-oa-originalcontentsize: 738352
content-disposition
server-timing: cdn-cache; desc=MISS, edge; dur=128, origin; dur=173, product;desc="edge",host;desc="3bc44908f072",fetch-ms;dur=5,req-proc-ms;dur=8,resp-proc-ms;dur=0, ak_p; desc="467078_390277155_25401647_30152_1729_14_0";dur=1
content-length: 75734
x-tb: 1
x-tb-optimization-original-content-type: image/jpeg
x-tb-optimization-total-bytes-saved: 662618
x-tb-optimization-original-content-size: 738352
last-modified: Sat, 01 Apr 2023 13:51:22 GMT
x-tb-optimization-original-expires-at: Mon, 01 May 2023 13:50:38 UTC
x-tb-optimization-version: v1.3.66
content-type: image/webp
x-tb-optimization-resized-content-size: 94119
access-control-allow-methods: GET, PUT, POST, OPTIONS
access-control-expose-headers: *
cache-control: public, max-age=30758400
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
x-tb-oa-version: v1.3.66
expires: Thu, 04 Apr 2024 14:32:29 GMT

GET
H2

200

dhs-ntas-badge-small.jpg
www.dhs.gov/sites/default/files/ntas/
Redirect Chain

http://www.dhs.gov/xlibrary/graphics/ntas/dhs-ntas-badge-small.jpg
https://www.dhs.gov/xlibrary/graphics/ntas/dhs-ntas-badge-small.jpg
https://www.dhs.gov/sites/default/files/ntas/dhs-ntas-badge-small.jpg

4 KB
5 KB

509ms
509ms

Image
image/jpeg

2a02:26f0:64:1a7::1955
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhs.gov/sites/default/files/ntas/dhs-ntas-badge-small.jpg

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Server

2a02:26f0:64:1a7::1955 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

4071ce9d60f5e8a2cbde1c4a347fad145ddb1e59bf64665baa6d76a1f2daa1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-im-skip-dlr: 1
x-image-server-response: request-664736-85120808-59164a
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=177, origin; dur=306, ak_p; desc="467078_34649350_29486231_48584_9335_9_0";dur=1
content-length: 4240
x-image-server-product: AIC
last-modified: Wed, 16 Dec 2015 03:08:45 GMT
server: Akamai Image Server
x-im-policy-version: 1
x-image-server-cpu-real: 32
etag: "2c4b-526fb39632940"
x-image-server-store-time: 1676124808
x-im-result-width: 155
x-im-original-width: 155
content-type: image/jpeg
cache-control: no-transform, max-age=554
x-image-server-original-size: 11339

Redirect headers

date: Fri, 14 Apr 2023 14:32:29 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server: AkamaiGHost
location: https://www.dhs.gov/sites/default/files/ntas/dhs-ntas-badge-small.jpg
cache-control: max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467078_34649350_29486188_19_8980_10_0";dur=1
content-length: 0
expires: Fri, 14 Apr 2023 14:32:29 GMT

GET
H2

200

/
www.wikinut.com/
Redirect Chain

http://img.wikinut.com/img/2qjdc52f32y3xqdp/jpeg/0/American-Cancer-Society-Logo.jpeg
https://www.wikinut.com/img/2qjdc52f32y3xqdp/jpeg/0/American-Cancer-Society-Logo.jpeg
https://www.wikinut.com/

0
0

243ms
243ms

Image
text/html

35.206.101.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wikinut.com/
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Server: 35.206.101.166 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.101.206.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
x-proxy-cache-info: 0301 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type: text/html; charset=UTF-8
location: https://www.wikinut.com/
x-httpd: 1
cache-control: no-cache, must-revalidate, max-age=0
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS

GET
H/1.1 200
OK American+Red+Cross+Icon2.jpg
1.bp.blogspot.com/_t2cUsxv1bmI/S45zmP6wLcI/AAAAAAAAAAk/p7emLm3dBe8/S240/ 7 KB
7 KB 417ms
411ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_t2cUsxv1bmI/S45zmP6wLcI/AAAAAAAAAAk/p7emLm3dBe8/S240/American+Red+Cross+Icon2.jpg

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79c84e251dfab1055079307bb4fb55f7caa19f5a5ac9de7fc7a12a1ecd4d7415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v9"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="American Red Cross Icon2.jpg"
Timing-Allow-Origin: *
Content-Length: 7017
X-XSS-Protection: 0
Expires: Sat, 15 Apr 2023 14:32:29 GMT

GET
H2 404 OIP.AnyI3pX78ojiOmuz-DpUSAC1DI
th.bing.com/th/id/ 1 KB
2 KB 135ms
135ms Image
image/jpeg 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.AnyI3pX78ojiOmuz-DpUSAC1DI?pid=ImgDet&rs=1
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 14:32:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-check-cacheable: NO
akamai-grn: 0.8eba1002.1681482749.a5dec66
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS from a2-16-186-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
access-control-allow-headers: *
content-length: 1192
alt-svc: h3=":443"; ma=93600
expires: Fri, 14 Apr 2023 14:32:29 GMT

GET
H/1.1 200
OK sm_img_0218.jpg
yourfirstdue.com/manager/data/1287083401/Image/ 29 KB
29 KB 102ms
102ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/Image/sm_img_0218.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 38b3b83137d5c11d83f649503e1ba11a4465c2f4534027e7c10fc2c3c746238e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
MS-Author-Via: DAV
Last-Modified: Wed, 28 Dec 2011 03:32:34 GMT
Server: Apache
ETag: "7370-4b51ea6819880"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=199
Content-Length: 29552

GET
H/1.1 200
OK sm_1001233.jpg
yourfirstdue.com/manager/data/1287083401/apparatus/ 21 KB
21 KB 103ms
102ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/apparatus/sm_1001233.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 95a097d1914b6a640f4df8ecff2d99e919e2e824969696ddd99f18f39f6583ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
MS-Author-Via: DAV
Last-Modified: Thu, 06 Jan 2011 17:50:01 GMT
Server: Apache
ETag: "52cc-49931217b0440"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=198
Content-Length: 21196

GET
H/1.1 200
OK th_june_2019.jpg
yourfirstdue.com/manager/data/1287083401/logo/ 51 KB
52 KB 104ms
104ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/1287083401/logo/th_june_2019.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 70b118151a98bdc8963edf80787a8bac0ba5b12becad6ae9afcfce3b304a0fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
MS-Author-Via: DAV
Last-Modified: Mon, 02 Jan 2023 21:33:24 GMT
Server: Apache
ETag: "cd86-5f14eb376ef70"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=197
Content-Length: 52614

GET
H/1.1 200
OK logo.svg
yourfirstdue.com/manager/data/img/ 8 KB
9 KB 100ms
100ms Image
image/svg+xml 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/img/logo.svg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 36ff066bcd30f5e73eb2d5e3e8a123448f638528ba90fee1aab967b22f6ad7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:29 GMT
MS-Author-Via: DAV
Last-Modified: Fri, 01 Jan 2021 05:00:00 GMT
Server: Apache
ETag: "21b9-5b7cf9cc7b400"
X-Powered-By: PleskLin
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=199
Content-Length: 8633

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0c5039814704e6759293b9ac857f6b6a2f0b4c7db6253a16598e39d3d9546ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 / Show response
www.firehero.org/fallen-widget/ Frame F84F 6 KB
2 KB 535ms
489ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: f5f9c4a96d45d120f6a719fba0866a91fcd7eebd7d3b8e402a16aaa9158d5158

Request headers

Referer: http://jtvfc27.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b7ca88a2ec9900a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 14:32:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.firehero.org/wp-json/>; rel="https://api.w.org/" <https://www.firehero.org/wp-json/wp/v2/pages/77387>; rel="alternate"; type="application/json" <https://www.firehero.org/?p=77387>; rel=shortlink
p3p: CP="NOI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2

200

/ Show response
weather.com/de-DE/
Redirect Chain

http://wow.weather.com/weather/wow/module/18352?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&ta...
https://weather.com/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341
https://weather.com/de-DE/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341&G...

0
0

310ms
307ms

Script
text/html

2.16.13.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://weather.com/de-DE/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341&Goto=Redirected
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Server: 2.16.13.106 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-13-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

twc-privacy: gdpr
twc-geoip-latlong: 50.12,8.68
x-detected-latlong: GMXX0007:1:GM
x-fastly-latlong: 52.130,8.690
x-original-accept-language: de-DE,de;q=0.9
x-detected-country: DE
x-ci-latlong
twc-connection-speed: 4G
x-var-locale-page: de-DE-home
twc-geoip-dma
server-timing: edge; dur=2, origin; dur=13, cdn-cache; desc=MISS, ak_p; desc="467078_2917035407_46199197_1445_11563_22_0";dur=1
x-ci-country
x-detected-locale: de-DE
x-served-by: cache-mxp6963-MXP
x-original-referer: http://jtvfc27.com/
pragma: no-cache
twc-path-locale: /
twc-ak-req-id: 2c0f19d
x-timer: S1681482749.858942,VS0,VE0
access-control-allow-methods: GET,POST,OPTIONS
location: https://weather.com/de-DE/?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341&Goto=Redirected
access-control-allow-origin: *
twc-unit: u
referer: https://goto.weather.com
x-redirector-version: 1.1.20
cache-control: max-age=0, no-cache, no-store
twc-geoip-country: DE
access-control-allow-headers: *
expires: Fri, 14 Apr 2023 14:32:28 GMT
x-cache-hits: 0
date: Fri, 14 Apr 2023 14:32:28 GMT
strict-transport-security: max-age=15552000; preload
x-akamai-latlong: 50.12,8.68
x-qp: ?config=SZ=160x600*WX=FHW*LNK=SSNL*UNT=F*BGI=winter*MAP=null|null*DN=jtvfc27*TIER=0*PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341&Goto=Redirected
x-origin-hint: Goto-Prod
twc-subs: none
x-locales2canonical: de-DE
x-detected-locid: GMXX0007:1:GM
content-length: 0
twc-geoip-city: FRANKFURT
x-var-page: home
twc-geoip-region: HE
twc-device-class: desktop
server: Varnish
access-control-max-age: 86400
twc-locale-group: US
x-true-client-ip: 146.70.117.102
property-id: TWC-WX-Prod
access-control-allow-credentials: false
accept-ranges: bytes
retry-after: 0

GET
H/1.1 200
OK swirlgreen.jpg
yourfirstdue.com/manager/data/img/scheme/ 43 KB
43 KB 140ms
99ms Image
image/jpeg 169.62.4.204
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfirstdue.com/manager/data/img/scheme/swirlgreen.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.62.4.204 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: yourfirstdue.com
Software: Apache / PleskLin
Resource Hash: 1093330171ce23b180e2febc9023bf02948f633a3def01212e82cdfaafdcc63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 14:32:28 GMT
MS-Author-Via: DAV
Last-Modified: Tue, 01 Jan 2019 05:00:00 GMT
Server: Apache
ETag: "ab2f-57e5e66c89400"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=198
Content-Length: 43823

GET
H2 200 dar2yfe.js Show response
use.typekit.net/ Frame F84F 18 KB
7 KB 791ms
297ms Script
text/javascript 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dar2yfe.js

Requested by

Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b12afb98125b882f6740bbd5abf664707d1665c5bfde58ed9e03a6fddcfe8254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 14 Apr 2023 14:32:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6818

GET
H2 200 widget-logo.png
www.firehero.org/wp-content/uploads/2014/12/ Frame F84F 14 KB
15 KB 29ms
24ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firehero.org/wp-content/uploads/2014/12/widget-logo.png
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20f47ce542aae68af99d6ba758bb2809dd7d18a37a642a1898c94eb626251c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
cf-cache-status: HIT
age: 672696
cf-polished: origFmt=png, origSize=20207
content-disposition: inline; filename="widget-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14706
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Oct 2022 03:00:49 GMT
server: cloudflare
etag: "633f9661-4eef"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b7ca88d9b4a900a-FRA

GET
H3 200 profile_placeholder.gif
www.firehero.org/wp-content/uploads/2014/12/ Frame F84F 3 KB
3 KB 29ms
29ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firehero.org/wp-content/uploads/2014/12/profile_placeholder.gif
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644392f317fa44466a66c8c2e24a48a22c454673d4d302bdec038a85b6ce8ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
cf-cache-status: HIT
age: 1752895
cf-polished: origFmt=gif, origSize=4981
content-disposition: inline; filename="profile_placeholder.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3256
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Oct 2022 03:00:49 GMT
server: cloudflare
etag: "633f9661-1375"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b7ca88dca4f8fd0-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 491ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: jtvfc27.com
URL: http://jtvfc27.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1b9b67b3e75c816187c7ba73e7f914a594fa2bdfc75d02f6e5bb066016d2b616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 14:32:30 GMT
content-md5: VXBHUt2oh88Ln4YJsmorsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: Ruk/Ttv2uO1WIbGSxLH/G4e+n7CjpYDk0TRD7y7deCqW5MxufiC7EWCGWi/56r6uLzGChRyPIC7ar4Jv4OfYOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 55768d948a8536a371f7742d6afeb3ce
cross-origin-opener-policy: same-origin-allow-popups
etag: "3bbde73432ac9f20b4efdaf57a774ad0"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 14 Apr 2023 14:51:06 GMT

GET
H3 200 year-honored Show response
www.firehero.org/wp-json/firehero/v1/ Frame F84F 43 B
523 B 223ms
223ms XHR
application/json 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firehero.org/wp-json/firehero/v1/year-honored

Requested by

Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

6f58a28fe9cbe56e233a2a850a82dc054a5844b2e9a43bfec7c17bcbe98904e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 23
p3p: CP="NOI"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
pragma: no-cache
server: cloudflare
allow: GET
vary: Accept-Encoding,Cookie
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
link: <https://www.firehero.org/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7b7ca8928f788fd0-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ Frame F84F 19 KB
19 KB 646ms
166ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "518c5f781d51642b3cf2290d365b9b8257de6e1f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19056

GET
H2 200 l
use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/ Frame F84F 19 KB
19 KB 833ms
353ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19524

GET
H2 200 l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ Frame F84F 18 KB
18 KB 1018ms
538ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "80987524f2c82c2a36d727971941de8401d3f316"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18692

GET
H2 200 l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ Frame F84F 18 KB
18 KB 646ms
166ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18504

GET
H2 200 l
use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/ Frame F84F 19 KB
19 KB 832ms
352ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "8887aa07a5e31ddeba60d1317cef52532c1e4862"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19188

GET
H2 200 l
use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/ Frame F84F 19 KB
19 KB 833ms
354ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/l?subset_id=2&fvd=i3&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f8a1dad9de1aa9c74be45cf44683df66a86700243ea46e2173674f887ac1fc52

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "310ad429a0939667a546dec619105e3becb5f16a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19052

GET
H2 200 l
use.typekit.net/af/eb5cb0/00000000000000003b9ad2d3/27/ Frame F84F 19 KB
19 KB 1000ms
520ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb5cb0/00000000000000003b9ad2d3/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6cb7f9fb3ede3ba5f460ff35e40f7fb0ce9e351a6bc477cc4197578c51a78433

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "030f80c19861390e4f66a88910b14510751acff6"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19556

GET
H2 200 l
use.typekit.net/af/efcdb3/00000000000000003b9ad2d0/27/ Frame F84F 19 KB
19 KB 1035ms
555ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efcdb3/00000000000000003b9ad2d0/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e7f4899cff7242b3c608a58cf1538ece62663b3d317e2b5173af0aa19f7dfe6b

Request headers

Referer: https://www.firehero.org/
Origin: https://www.firehero.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:30 GMT
server: nginx
etag: "bbd7b368c2e5e3034752a8f253f6653b432c48d6"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19200

GET
H3 200 widget-bg.jpg
www.firehero.org/wp-content/uploads/2014/12/ Frame F84F 4 KB
4 KB 27ms
27ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firehero.org/wp-content/uploads/2014/12/widget-bg.jpg
Requested by: Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 235bf7eaf320318c018b71f9e0f71bc5cafeb044d48ce53d36140e7d6ac689d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:29 GMT
cf-cache-status: HIT
age: 672696
cf-polished: origFmt=jpeg, origSize=12256
content-disposition: inline; filename="widget-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3994
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Oct 2022 03:00:49 GMT
server: cloudflare
etag: "633f9661-2fe0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b7ca8929f7c8fd0-FRA

GET
H3 200 firefighters Show response
www.firehero.org/wp-json/wp/v2/ Frame F84F 23 KB
5 KB 2395ms
2394ms XHR
application/json 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firehero.org/wp-json/wp/v2/firefighters?_embed=true&filter[orderby]=rand&filter[posts_per_page]=1&filter[tax_query][0][field]=slug&filter[tax_query][0][taxonomy]=honored&filter[tax_query][0][terms][0]=2022&cb=1681482750146

Requested by

Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

7bb5317ba482d2278ea6974c1591595af68ec3e42d18294c97229f51f7324e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:32 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
content-encoding: br
x-powered-by: WP Engine
x-cache: MISS
p3p: CP="NOI"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
x-wp-totalpages: 148
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-wp-total: 148
x-robots-tag: noindex
link: <https://www.firehero.org/wp-json/wp/v2/firefighters?_embed=true&filter%5Borderby%5D=rand&filter%5Bposts_per_page%5D=1&filter%5Btax_query%5D%5B0%5D%5Bfield%5D=slug&filter%5Btax_query%5D%5B0%5D%5Btaxonomy%5D=honored&filter%5Btax_query%5D%5B0%5D%5Bterms%5D%5B0%5D=2022&cb=1681482750146&page=2>; rel="next"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7b7ca894696a8fd0-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=21c9eae8246409deff01e814acb30fe6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88f946fa14871a83740f64df9d1bb5f0044547e2c940660d83bfe94f7bac4783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://jtvfc27.com/
Origin: http://jtvfc27.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 14:32:30 GMT
content-md5: WcpGH57V/BHt0T2W1uxOew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87099
x-fb-rlafr: 0
x-fb-debug: rQ2XicPXANl2mFT1QRXoEP3JM01zYe53g4i9zFG72AV5C2xBQR08hLN9Hn71kc40rXcAvlAwfvlZDpIFFrzoGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 48c09c8e00fc07862f73ed3a047a961b
cross-origin-opener-policy: same-origin-allow-popups
etag: "72e01359fe19c98d85fb0ff444e6c65f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Apr 2024 13:14:06 GMT

GET
H2 200 p.gif
p.typekit.net/ Frame F84F 35 B
228 B 58ms
14ms Image
image/gif 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=dar2yfe&ht=tk&h=www.firehero.org&f=139.140.173.175.176.5475.9805.9812&a=763927&js=1.21.0&app=typekit&e=js&_=1681482751000
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 14 Apr 2023 14:32:31 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 141717 Show response
www.firehero.org/wp-json/wp/v2/media/ Frame F84F 7 KB
2 KB 466ms
465ms XHR
application/json 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firehero.org/wp-json/wp/v2/media/141717

Requested by

Host: www.firehero.org
URL: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

4281ed21647376b11cf6778f217a3c0b99f37af2a863ed7c81ee1c5eef6f3c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:33 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 1
p3p: CP="NOI"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
link: <https://www.firehero.org/fallen-firefighter/robert-l-orkies/orkies-robert-2/>; rel="alternate"; type=text/html
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7b7ca8a369b88fd0-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 orkies-robert-1.jpg
www.firehero.org/wp-content/uploads/2022/07/ Frame F84F 293 KB
293 KB 201ms
201ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firehero.org/wp-content/uploads/2022/07/orkies-robert-1.jpg
Requested by: Host: jtvfc27.com
URL: http://jtvfc27.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8b5dee6c1b9b3402f37036dbe3931703a2cca0311f1029a38fcb923dcd48c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firehero.org/fallen-widget/?ref=http://jtvfc27.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:32:33 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Oct 2022 02:58:48 GMT
server: cloudflare
etag: "633f95e8-4934b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b7ca8a65d6e8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299851

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.federaljack.com
URL: http://www.federaljack.com/wp-content/uploads/2012/11/FEMA-LOGO.jpg

Domain: www.co.monroe.pa.us
URL: http://www.co.monroe.pa.us/agencies/lib/agencies/ems/url-link.png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://jtvfc27.com/(Line 280) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wow.weather.com/weather/wow/module/18352?config=SZ=160x600WX=FHWLNK=SSNLUNT=FBGI=winterMAP=null\|nullDN=jtvfc27TIER=0PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://jtvfc27.com/(Line 280) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wow.weather.com/weather/wow/module/18352?config=SZ=160x600WX=FHWLNK=SSNLUNT=FBGI=winterMAP=null\|nullDN=jtvfc27TIER=0PID=1230334158*MD5=b7ea56fbf43da38fbbd81de15b4c896e&proto=http:&target=wx_module_4341, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.co.monroe.pa.us/agencies/lib/agencies/ems/url-link.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://th.bing.com/th/id/OIP.AnyI3pX78ojiOmuz-DpUSAC1DI?pid=ImgDet&rs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gograph.com/gg54590124.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
connect.facebook.net
cyris.in
encrypted-tbn0.gstatic.com
i.etsystatic.com
i5.walmartimages.com
img.wikinut.com
jtvfc27.com
p.typekit.net
rv-rental-deals.com
sfiofpa.org
t0.gstatic.com
t2.gstatic.com
th.bing.com
thumbs.gograph.com
use.typekit.net
weather.com
wow.weather.com
www.co.monroe.pa.us
www.crwflags.com
www.dhs.gov
www.federaljack.com
www.firehero.org
www.gograph.com
www.paconstructors.org
www.paypalobjects.com
www.psdgraphics.com
www.safetysign.com
www.wikinut.com
yourfirstdue.com
www.co.monroe.pa.us
www.federaljack.com
108.59.86.67
141.193.213.21
169.55.98.198
169.62.4.204
169.62.4.205
174.143.85.70
192.229.221.25
2.16.13.106
23.56.204.60
2606:4700:3032::6815:2d63
2606:4700:3035::6815:5156
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2004
2a02:26f0:3500:16::215:1495
2a02:26f0:64:1a7::1955
2a02:26f0:6c00::210:ba92
2a02:26f0:780::5f65:36c8
2a02:4780:b:855:0:2245:ccee:1
2a03:2880:f084:d:face:b00c:0:3
2a06:98c1:3120::3
35.206.101.166
35.209.210.126
50.22.8.54
66.113.234.235
95.101.54.128
082e9d9d4278c9f310f2d20f6cfd4745f1e995f113ba313780835a8850dd2a62
0aeb21edfcfddac221796546712e63030687286df451692156e9346a5ce76a18
1093330171ce23b180e2febc9023bf02948f633a3def01212e82cdfaafdcc63e
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af
1b9b67b3e75c816187c7ba73e7f914a594fa2bdfc75d02f6e5bb066016d2b616
1c8f2b881ac4c9106b46bbf0a0e56db8d27cb778ab769aa87c477586e8cd0c58
235bf7eaf320318c018b71f9e0f71bc5cafeb044d48ce53d36140e7d6ac689d0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
36ff066bcd30f5e73eb2d5e3e8a123448f638528ba90fee1aab967b22f6ad7ed
37658090a7c1a0c46d137e21e6c1c16dbf75f3b89746df590c769e6e558811f7
38b3b83137d5c11d83f649503e1ba11a4465c2f4534027e7c10fc2c3c746238e
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d
3c012f5a8866465239ea3c5639f531f588b8db006374b7d3a0c88a0b196faa38
4071ce9d60f5e8a2cbde1c4a347fad145ddb1e59bf64665baa6d76a1f2daa1e3
4281ed21647376b11cf6778f217a3c0b99f37af2a863ed7c81ee1c5eef6f3c2f
4455b2c8e4126f539e0af479e214eb734e3c3c63622c529d586ea0ca4e240f4e
51a5a9b8f850f40cbc82f5e5eef6f85dd4d2e06dd7617ba338e7201303f5ca91
563055973bb858a22df666ddfcf0eedf476af4d2d1c519d82654d4d9c638abb4
59e0d52db692ce133caee55e8625e1245c89d1b39ed02b7a4b672d5dae42e177
5cb5da91cf93461119b56fe445f2d86c5ab9bcccd4cc96144d082ac3007aa99a
644392f317fa44466a66c8c2e24a48a22c454673d4d302bdec038a85b6ce8ba2
6c2dcb0990b029e7a163a4f87c58bd55f394d20ced51af92e1c9e422154f6791
6cb7f9fb3ede3ba5f460ff35e40f7fb0ce9e351a6bc477cc4197578c51a78433
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d
6f58a28fe9cbe56e233a2a850a82dc054a5844b2e9a43bfec7c17bcbe98904e3
70b118151a98bdc8963edf80787a8bac0ba5b12becad6ae9afcfce3b304a0fea
73909da6f2669774bb25dfa790bb6df190c4772de52a4f5e74c09b1a2edf64ff
79c84e251dfab1055079307bb4fb55f7caa19f5a5ac9de7fc7a12a1ecd4d7415
7bb5317ba482d2278ea6974c1591595af68ec3e42d18294c97229f51f7324e22
88e19fd21ebc13732b98405ce4970834884e3f39d1d8d956b46d31deb025c0de
88f946fa14871a83740f64df9d1bb5f0044547e2c940660d83bfe94f7bac4783
95a097d1914b6a640f4df8ecff2d99e919e2e824969696ddd99f18f39f6583ae
95bf5df7a553eb440c5722073f9dbd3ed25aa2d5e51dbb0fa8bb33a5180fed8e
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9babe09ca2208219177d7c8b9202fac82d7911044e673d0f771c0953d3c8f978
9d30b6d00bb62d69e187d0cfb4c017949397967782094f0311b1fe005c6227af
a0c5039814704e6759293b9ac857f6b6a2f0b4c7db6253a16598e39d3d9546ab
a20f47ce542aae68af99d6ba758bb2809dd7d18a37a642a1898c94eb626251c5
b12afb98125b882f6740bbd5abf664707d1665c5bfde58ed9e03a6fddcfe8254
bfecc3d2eba5274ba07d5dda0315757766228f9832de13882133d3046ed50561
c32b7668fb1e2082e0a941d7e9742c8867046fae73a9a41741b814a3f827850c
c4f5f593a6b907ca591979ff0fa7b6a27c44a7b9f895bde17090a4897742dd4c
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f4899cff7242b3c608a58cf1538ece62663b3d317e2b5173af0aa19f7dfe6b
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d
f1d93b4a8725bbe408ccb59c18f99639b81f7228ff269fd12b8905f574d2799f
f5f9c4a96d45d120f6a719fba0866a91fcd7eebd7d3b8e402a16aaa9158d5158
f8a1dad9de1aa9c74be45cf44683df66a86700243ea46e2173674f887ac1fc52
fc8b5dee6c1b9b3402f37036dbe3931703a2cca0311f1029a38fcb923dcd48c1

jtvfc27.com Open in urlscan Pro 169.62.4.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

75 %HTTPS

48 %IPv6

24 Domains

30 Subdomains

26 IPs

4 Countries

4467 kBTransfer

4716 kBSize

0 Cookies

15 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

jtvfc27.com Open in urlscan Pro
169.62.4.205 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

75 %
HTTPS

48 %
IPv6

24
Domains

30
Subdomains

26
IPs

4
Countries

4467 kB
Transfer

4716 kB
Size

0
Cookies

55 HTTP transactions
1 data transactions