Report - www.gallypublicaffairs.com/

Report Overview

Submitted URL
www.gallypublicaffairs.com/
IP
66.96.146.102
ASN
#29873 BIZLAND-SD
Submitted
2022-09-26 15:15:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	43 kB	142.250.74.72
scontent-ord5-1.xx.fbcdn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	205 kB	157.240.249.8
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	95 kB	142.250.74.163
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	79 kB	104.18.11.207
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.5 kB	93.184.220.29
gallypublicaffairs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	1.4 MB	66.96.146.102
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	92 kB	157.240.200.14
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	11 kB	104.17.24.14
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.20.226
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	49 kB	151.101.85.229
widgets.sociablekit.com	164974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	163 kB	137.220.35.134
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	575 B	373 B	157.240.200.35
data.accentapi.com	172324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	846 B	76 kB	66.42.78.246
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	452 B	746 B	142.250.74.10
views.accentapi.com	230774	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	848 B	472 B	66.42.79.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.13.69.101
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	1.2 kB	142.250.74.164
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	25 kB	104.16.124.175
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	646 B	142.250.74.174
www.gallypublicaffairs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	519 B	66.96.146.102
external-ord5-1.xx.fbcdn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	641 B	890 kB	157.240.249.8
www.youtube.com	90	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	1.4 kB	142.250.74.46
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	569 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	www.gallypublicaffairs.com/	Phishing
2022-09-26	medium	gallypublicaffairs.com/	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-content/themes/gally-custom/js/main.js?ver=6.0.2	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-09-26	medium	gallypublicaffairs.com/wp-json/contact-form-7/v1/contact-forms/54/feedback/schema	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 15:40:50 Times Seen37094693 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 15:04:45 Times Seen62771 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	unpkg.com/masonry-layout@4.2.0/dist/masonry.pkgd.min.js	24 kB	2023-03-07	2024-04-25
Pretty URL unpkg.com/masonry-layout@4.2.0/dist/masonry.pkgd.min.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:59 Last Seen2024-04-25 12:11:36 Times Seen582 Hash d94313c3ca257213d724ac82584b97e5 f3af023348d872519df905d720a9b951663e5cd2 605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e Loading...

	gallypublicaffairs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL gallypublicaffairs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 15:38:53 Times Seen31856 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	gallypublicaffairs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3	999 B	2023-03-07	2024-04-26
Pretty URL gallypublicaffairs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-26 15:12:43 Times Seen11042 Hash 6a0e8318d42803736d2fafcc12238026 c955314a7e0a9a9871329b0f042c8f0b5df49a78 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c Loading...

	unpkg.com/aos@2.3.1/dist/aos.js	14 kB	2023-03-07	2024-04-26
Pretty URL unpkg.com/aos@2.3.1/dist/aos.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-04-26 10:17:35 Times Seen4297 Hash 70b4897108480dbe11c443c2ab7679c9 70dbfd38a0f1fc3b1a7d9fadab58786484c34f17 f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js?ver=6.0.2	62 kB	2023-03-07	2024-04-25
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js?ver=6.0.2 IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-25 08:53:53 Times Seen1288 Hash 99e3544139e4735274587a831002ebae 24a900bdfcefd52cbcff3bc36440af9b87cd5067 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72 Loading...

	gallypublicaffairs.com/	167 B	2023-03-08	2023-03-08
Pretty URL gallypublicaffairs.com/ IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 6766859df42e8cad891b6ea3b60b7325 bd991cd099b78a186a6d9b5d0f7b703a683559a0 f0978431445a246c81be4b950eda77b08a7dcd0d8be110d7058f1df6857361be Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&co=aHR0cHM6Ly9nYWxseXB1YmxpY2FmZmFpcnMuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=hbxol75ddssb	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&co=aHR0cHM6Ly9nYWxseXB1YmxpY2FmZmFpcnMuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=hbxol75ddssb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 15:40:15 Times Seen99587 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	gallypublicaffairs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL gallypublicaffairs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 21:53:57 Times Seen15501 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	gallypublicaffairs.com/wp-content/themes/gally-custom/js/main.js?ver=6.0.2	3.7 kB	2023-03-08	2023-03-08
Pretty URL gallypublicaffairs.com/wp-content/themes/gally-custom/js/main.js?ver=6.0.2 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 70b37a9fa06f6d2d2fd46a326a618658 bbc1283128e9bc819987b0c49f64b3be11fcd1d2 c0492f18de9ddb7006d613470fff3e7466d9f3489629bfd9f5c6a0708c2fcd8c Loading...

	gallypublicaffairs.com/	136 B	2023-03-08	2023-03-08
Pretty URL gallypublicaffairs.com/ IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 4ca2248bfa2fdb99f37e6e2ae28717e8 617fefb746322644f16cea7ae3a7766bfe668dc5 13b0b747611f83851cc76ce4ddfcc3425bc10792d11e33f970a06f335f80b5bf Loading...

	widgets.sociablekit.com/libs/swiper/swiper.min.js	128 kB	2023-03-07	2024-04-26
Pretty URL widgets.sociablekit.com/libs/swiper/swiper.min.js IP 137.220.35.134 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:04 Last Seen2024-04-26 09:28:59 Times Seen871 Hash d69491e8f15952a9c3230563ace8f89c a22dee484ba887cc74c977b9e0b2fdc8a53411e8 60ea65c5df7567e92d3045440207c416bbf29a32a4274bcc38003f74ee18ba4e Loading...

	cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=6.0.2	44 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=6.0.2 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-26 12:34:24 Times Seen20016 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?ver=6.0.2	21 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?ver=6.0.2 IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 04:19:35 Times Seen5971 Hash 1022eaf388cc780bcfeb6456157adb7d 313789ca0e31b654784dbba8b0f83f364f8683b4 fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Loading...

	widgets.sociablekit.com/libs/magnific-popup/jquery.magnific-popup.js	52 kB	2023-03-07	2024-04-26
Pretty URL widgets.sociablekit.com/libs/magnific-popup/jquery.magnific-popup.js IP 137.220.35.134 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:54:57 Last Seen2024-04-26 09:28:58 Times Seen480 Hash ae1e43b914b1d8e4e791d34502e52551 939835911f7d5f170672316901dbb732ab84da63 216b23e267946588bddf9129b4fca8e1db055a85dae782074d9540a52081a12c Loading...

	www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js	165 kB	2023-03-07	2023-03-29
Pretty URL www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:53:24 Last Seen2023-03-29 23:36:34 Times Seen2 Hash 742a4284c5f90cb895f3f1b56edc43ed 0b56295e75838048c3a140016fde912c64aba180 be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f Loading...

	gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-26
Pretty URL gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-26 15:37:46 Times Seen2057 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	gallypublicaffairs.com/	307 B	2023-03-08	2023-03-08
Pretty URL gallypublicaffairs.com/ IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 0b1842f08b96d83783e172a9b2b69470 abd08eacecf3488c752e8516156265bcc474777e 1e9ce2008dfc074394208dbc494e34eeb6ef7c787cf284269307de90f0370c7d Loading...

	www.google.com/recaptcha/api.js?render=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&ver=3.0	884 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?render=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 7455756116deb4d51f6568f64274f677 82c63facb6b088e773382cab41d829769c71a203 1ecfe6e4f14ec3b0c7bc444c7635e268a252125490c321c56d3f6434aad27e14 Loading...

	gallypublicaffairs.com/	76 B	2023-03-08	2023-03-08
Pretty URL gallypublicaffairs.com/ IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 7fe3e79c7b5a3f1364a7218b7d6e2727 8133500f6a6ead6e33287474b55d91c2569a3287 45c412c60b125db41df2fd79d0ccbd36ddf80deb2bf50e233c85d18884ff1e6d Loading...

	www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js	398 kB	2023-03-07	2023-03-10
Pretty URL www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:10 Last Seen2023-03-10 14:27:44 Times Seen1 Hash dff1edaf9fa8e0138b7342527bb2fdaf 9c1d9e6f3a8785ffdd088f57e3e8803dd2c459b0 23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9 Loading...

	widgets.sociablekit.com/libs/js/moment-timezone.js?v=1664205335143	208 kB	2023-03-07	2024-04-26
Pretty URL widgets.sociablekit.com/libs/js/moment-timezone.js?v=1664205335143 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:54:57 Last Seen2024-04-26 09:28:55 Times Seen52 Hash 0569305d7c6e4ad18c23d114d99259a0 b088a4d94a8b4dcfbee06586ac72da638e60a748 97da1e515bb27bd9d9698f067909ee65561726d4cc0cddf3502f49d1e34bad8c Loading...

	gallypublicaffairs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL gallypublicaffairs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 15:38:52 Times Seen68674 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v7.0&appId=679844159512553&autoLogAppEvents=1	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v7.0&appId=679844159512553&autoLogAppEvents=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 7017e2e670113ee0fe4a5e1980666b41 1c0b0a926c4b1c594f59315157f60747df04ef9e 23cfc8803a28e4446e236a54ed9df891a0577ec8829895d342dab36cbd5a74ef Loading...

	connect.facebook.net/en_US/sdk.js?hash=16348a3e1f855d2cb634e3e80298d05f	326 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js?hash=16348a3e1f855d2cb634e3e80298d05f IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:40:55 Last Seen2023-03-08 01:49:02 Times Seen1 Hash 2ffb482c39d399e3c8c3d3d5e5bc4047 2a4eaaad55ef827e0c1f6abd0a83616aba3c6f33 3f3f369725cd98b91b0de18bcad36ab7441f8f2eeb963596f59a81956ea173e8 Loading...

	widgets.sociablekit.com/libs/js/moment.js	151 kB	2023-03-07	2023-03-08
Pretty URL widgets.sociablekit.com/libs/js/moment.js IP 137.220.35.134 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:54:58 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 4da4522373080b39f203de731d2b16a9 ddfb9edd28df9c24e74d11d3f4ce474435b18d9d e6d52749ea094398b1d113ea2ee732081b3bdce0a13b5198c72badde3ef05cd2 Loading...

	gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-26
Pretty URL gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 66.96.146.102 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-26 15:37:45 Times Seen1724 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-241383660-1	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-241383660-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 4ef65768ddde0942790546a0a38b8726 be6eb4b7b96e7b366cb9da11eb75247d5cc5a8a8 69563fa0af14a692eab660ade6adf27bf4f248e5b15a94ac16168d9227e55f5e Loading...

	widgets.sociablekit.com/facebook-page-posts/widget.js	99 kB	2023-03-08	2023-03-08
Pretty URL widgets.sociablekit.com/facebook-page-posts/widget.js IP 137.220.35.134 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash b06ff68c0be68415c9bda7daa41a2794 8d660da6065dca74dc29f866fb336f8bda54ac60 c9183142e204f4d26a829409b1e10b60732aab0af48fbb57610cbf753321b592 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&co=aHR0cHM6Ly9nYWxseXB1YmxpY2FmZmFpcnMuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=hbxol75ddssb	35 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&co=aHR0cHM6Ly9nYWxseXB1YmxpY2FmZmFpcnMuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=hbxol75ddssb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 5d496f9d9ba1d8af871b054d97db7eb0 b5db3e5b5f43cb5f5c895a2c346fb64ced76a851 a02921bed7c315d82462c1990a9192ce9c7009b31a3ea8e407ee7a9ef45cc0ee Loading...

	www.youtube.com/player_api	992 B	2023-03-07	2023-03-08
Pretty URL www.youtube.com/player_api IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:28:20 Last Seen2023-03-08 13:07:26 Times Seen1 Hash 4c420ff70a2255c578e3da09fbb4d6be 472a1e4b0a555a99f6b2bb7d93d67966a00991dc 3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1845a1a5613a3cc719cdfd0f4354c64d	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 1845a1a5613a3cc719cdfd0f4354c64d d98cc33e5143dec9bb98528b47284c10072c60ce 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa Loading...

	#2 Eval - 8255e47c8659ff37c9b3a0934673908e	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 8255e47c8659ff37c9b3a0934673908e e851f0d2bd2c672883af76176e787f6530feabcf d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea Loading...

	#3 Eval - 2851c27fe4d7dcfce30aeaa53cfb59ed	16 kB	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 2851c27fe4d7dcfce30aeaa53cfb59ed e6d6747077359e2996fcb8ce60c94647e548a120 b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa Loading...

	#4 Eval - 656263e81a78c5a8f0174c30ffa2229d	15 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 01:46:45 Last Seen2023-03-08 01:46:45 Times Seen1 Hash 656263e81a78c5a8f0174c30ffa2229d 30be3873a47418f6e0b8e3cd9f6fb94cfc2c3f94 0324eb79b447cf44b81fbc899576dc546ed3a09fa8e837f45bd1740293ecc65b Loading...

	#5 Eval - c4bcc9c08455c63b6941587911bb5e33	62 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash c4bcc9c08455c63b6941587911bb5e33 a63bdfb594e7769cde32b002448f0fec82476ce7 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce Loading...

HTTP Transactions (102)

URL IP Response Size

www.gallypublicaffairs.com/

66.96.146.102

301 Moved Permanently

239 B

URL HTTP/1.1
www.gallypublicaffairs.com/
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
239 B (239 bytes)
Hash
0511ca7a37d12acea5bcc4de82b11ffe
8513e8bc03e252b7b46e6739c8f91db84c7ff1e3
1118fd2fb05fabc98c8059eaa89ba9aafe4b7b07a0f1809e58f4769dec9c702d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 15:15:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 239
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.15
X-Redirect-By: WordPress
Location: https://gallypublicaffairs.com/
Age: 7

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 15:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pcOuNAlH9UWhBM7xMiBt1C2Sn0se1XaBaJyrpl7Lpi9JALoJ081J4A==
Age: 13

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12986
Expires: Mon, 26 Sep 2022 18:51:57 GMT
Date: Mon, 26 Sep 2022 15:15:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XPDUtiIXG0-5yoSsP0Cw3_ZTNqwVGU3-FPyh3J9-uPnFsPW59kXgeA==
age: 38416
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 15:10:46 GMT
Expires: Mon, 26 Sep 2022 15:23:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KhGWL8FPI1N2lSagoz7g4Rr8ePNtK3A1zoQftvgYJje80XU5IeBa8A==
Age: 286

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3405
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:32 GMT
Last-Modified: Mon, 26 Sep 2022 14:18:47 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.13.69.101

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.69.101:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5kABvsToJcpuLMW2IDwleQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5f4wNVlCoqaDAzPgJF/+slPheaw=

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
32887b75eac20eaba243cf1d432a5eab
6e5cd8b7947c5b4c6d52bc5070a1b8057ee7f49d
e2418f862e455cb77a0f95eb1683035193829f60defbc813667f84e73efb711f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 05:48:14 GMT
Expires: Sat, 01 Oct 2022 05:48:13 GMT
Etag: "6e5cd8b7947c5b4c6d52bc5070a1b8057ee7f49d"
Cache-Control: max-age=397360,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750cf49cfc4fb52d-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:15:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:15:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:15:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:15:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10449
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:15:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10927 bytes)
Hash
3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: a4c6c1b1-3777-4410-bef1-5dd2518af86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCjSEqfIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e14-4cdfc5ea1c42120d4a085752;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b3Zf70hsIlHF67m0hhfBtDxu7FeNv0Z7JY7-Iei61XiGbDOqfKoUGQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 04:00:42 GMT
age: 40491
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9070 bytes)
Hash
988b0c94c41a21c736b330c3256d0a3c
c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9070
x-amzn-requestid: 2aceb075-d4bc-45b8-8330-5e719c565f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKEEdPoAMFsNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca40-3f120e0774b1d58a08898c39;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: feNiTFDhUx-BfoiybnKj83hCq6CCoiMeOSEHyFs8b7cLIgKvnO1Cdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:04:42 GMT
age: 61851
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 60893
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 62262
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5980 bytes)
Hash
ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 62801
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 59137
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gallypublicaffairs.com/

66.96.146.102

200 OK

42 kB

URL HTTP/1.1
gallypublicaffairs.com/
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5965), with CRLF, LF line terminators
Size
42 kB (41805 bytes)
Hash
49134235331dbeda8e59a18fc26e9335
7bbaff5d5584e3afa38cbdb62b8a22ff86fff38e
5369bc63fe842bc83828db52f08c569e34417beefe230c9a940e96ec9db9eba3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 41805
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.10
Link: <https://gallypublicaffairs.com/wp-json/>; rel="https://api.w.org/", <https://gallypublicaffairs.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://gallypublicaffairs.com/>; rel=shortlink
Age: 3

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bddecffbabfee51d9960094502eac272
d686a32447a5cab561a0d3272f313e7a9cf01eb7
a57a4fe0e0ce9c4cbd59312ec9b7aa9264ae2cc187beae1a265f031a71f5a52f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Last-Modified: Mon, 26 Sep 2022 13:34:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67d12c7b475051b45baaac4937d735d9
81e1e98ce4f7104de776f883e3568376cef46657
1418522296a29444519b504b470ad3bddbdd3adcc64ed0e7546befdb5f2fe1f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: max-age=86882
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Etag: "63305db3-117"
Expires: Tue, 27 Sep 2022 15:23:37 GMT
Last-Modified: Sun, 25 Sep 2022 13:54:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=6.0.2

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=6.0.2
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31997)
Size
10 kB (10158 bytes)
Hash
da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=6.0.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7249450
expires: Sat, 16 Sep 2023 15:15:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAP4XLN%2Fv9iisGyZAWjeMSLtH4W17Zc%2BMlzv7IBqFm4RbCDetz3kW%2BTjLqfq2jhwaqW0fLvsU%2FOcFjT3H9EvrdEnjRblZXqvgEKhH8TSppvZk2hj3R5OzhGzVshnNo13HW1WR70V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750cf4b3dfb7fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

151.101.85.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65326)
Size
24 kB (24140 bytes)
Hash
320f69c23c5b9474aaf4a098d7b2574c
24f09546a24de9ca77d083cb70a154c8fd4d23f3
a7d09367978329f2104fc5f386e162ac195d3f8ecf2323ffc99ad546842d3473

HTTP Headers

GET /npm/bootstrap@4.6.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.1
x-jsd-version-type: version
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:15:35 GMT
age: 5960278
x-served-by: cache-fra19179-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24140
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?ver=6.0.2

151.101.85.229

200 OK

7.5 kB

URL HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?ver=6.0.2
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21060)
Size
7.5 kB (7503 bytes)
Hash
1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js?ver=6.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:15:35 GMT
age: 10495541
x-served-by: cache-fra19126-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/themes/gally-custom/js/owlcarousel2/dist/assets/owl.carousel.css

66.96.146.102

200 OK

4.5 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/js/owlcarousel2/dist/assets/owl.carousel.css
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
4.5 kB (4450 bytes)
Hash
6fe011f2135bcb8370ac6cea80309a30
993dee60e7fabc9ffaff6c566404a67683a183b7
f693b622f336b97bd96e76aeeefd165e608db250beca9413479de9a4800f8eef

HTTP Headers

GET /wp-content/themes/gally-custom/js/owlcarousel2/dist/assets/owl.carousel.css HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: text/css
Content-Length: 4450
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 01 Sep 2022 20:28:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1162-5e7a3766b9200"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js?ver=6.0.2

151.101.85.229

200 OK

15 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js?ver=6.0.2
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62161)
Size
15 kB (15272 bytes)
Hash
930a6d98f59035434e158d2f72843644
d8bfd9bab6d208d1ca92abdb89615c7d02f53102
ae9adfa269090d412025b0a0e113c6cd5845bbb3074331ba48d66d3998678ba3

HTTP Headers

GET /npm/bootstrap@4.6.1/dist/js/bootstrap.min.js?ver=6.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.1
x-jsd-version-type: version
etag: W/"f3e8-JKkAvfzv1Sy8/zvDZECvm4fNUGc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:15:35 GMT
age: 9640133
x-served-by: cache-fra19144-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15272
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67d12c7b475051b45baaac4937d735d9
81e1e98ce4f7104de776f883e3568376cef46657
1418522296a29444519b504b470ad3bddbdd3adcc64ed0e7546befdb5f2fe1f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: max-age=86882
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Etag: "63305db3-117"
Expires: Tue, 27 Sep 2022 15:23:37 GMT
Last-Modified: Sun, 25 Sep 2022 13:54:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
5b95c9cc585195e50abaa88e71725703
f857f500591e2c7197218a673677e62efc6677b6
76c7ed18c611204f28f6a257a8899b481bcddcf145bb4de089bf7bf1cc37616a

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66CB0FBA03B65EA24D907D9A14E16A73FE7A5D38"
Expires: Tue, 27 Sep 2022 02:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1165
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cf4b4dacf0b65-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bddecffbabfee51d9960094502eac272
d686a32447a5cab561a0d3272f313e7a9cf01eb7
a57a4fe0e0ce9c4cbd59312ec9b7aa9264ae2cc187beae1a265f031a71f5a52f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Last-Modified: Mon, 26 Sep 2022 13:34:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

www.google.com/recaptcha/api.js?render=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&ver=3.0

142.250.74.164

200 OK

586 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&ver=3.0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
586 B (586 bytes)
Hash
7961d68817077baea40ebd406284a950
177e3d9c6096525740071492d8b6932ababd65a5
480331e674378e727707348826312e06ca95d8b0684209534e1b2dd969a00287

HTTP Headers

GET /recaptcha/api.js?render=6LcU1QAiAAAAAIn97R_OtTh0XYkT6F4m4EkhP25g&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 26 Sep 2022 15:15:35 GMT
date: Mon, 26 Sep 2022 15:15:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-241383660-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-241383660-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42257 bytes)
Hash
e8079e616d6b7156c94e21763ec27d32
7192bf25fe78fbb337c1a48c386ed0412d922fe8
8bfcc39e332c7065b970c887c8ac0aeb003978e20c32b56922297a0e5308bb74

HTTP Headers

GET /gtag/js?id=UA-241383660-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 15:15:35 GMT
expires: Mon, 26 Sep 2022 15:15:35 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gallypublicaffairs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

66.96.146.102

200 OK

90 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 89521
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "15db1-5bd3006388300"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4436

gallypublicaffairs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

66.96.146.102

200 OK

11 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 11224
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2bd8-5b45debe27b80"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4436

gallypublicaffairs.com/wp-content/themes/gally-custom/js/main.js?ver=6.0.2

66.96.146.102

200 OK

3.7 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/js/main.js?ver=6.0.2
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
3.7 kB (3748 bytes)
Hash
70b37a9fa06f6d2d2fd46a326a618658
bbc1283128e9bc819987b0c49f64b3be11fcd1d2
c0492f18de9ddb7006d613470fff3e7466d9f3489629bfd9f5c6a0708c2fcd8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/gally-custom/js/main.js?ver=6.0.2 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 3748
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 01 Sep 2022 20:29:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "ea4-5e7a378bea9c0"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

66.96.146.102

200 OK

2.7 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
2.7 kB (2731 bytes)
Hash
e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: text/css
Content-Length: 2731
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 26 Sep 2022 13:50:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "aab-5e994cdf76a8a"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

66.96.146.102

200 OK

9.7 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (9680), with no line terminators
Size
9.7 kB (9680 bytes)
Hash
490c29d6776fc430c23403fd845b34b0
817129906b7fef1011895a76f047c7693a852e21
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 9680
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 26 Sep 2022 13:50:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "25d0-5e994cdf5cc47"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

gallypublicaffairs.com/wp-content/themes/gally-custom/style.css

66.96.146.102

200 OK

36 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/style.css
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
36 kB (36415 bytes)
Hash
0c2d0ba964c05322269c35a63d73b4b6
3c468ecc73c187a87a5ae822859668d5a9680882
25a1d4f2b42d100d219025b3fa0f9fe39714265e0858381e47ed062fd1fe7f04

HTTP Headers

GET /wp-content/themes/gally-custom/style.css HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: text/css
Content-Length: 36415
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 07 Sep 2022 17:18:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "8e3f-5e8198208e240"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

66.96.146.102

200 OK

12 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
12 kB (12211 bytes)
Hash
3f3fc23f477a3849aa5677c585b2a2b4
ccf0865ebd37f76c450c7a377a86ff2448288db3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 12211
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 26 Sep 2022 13:50:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2fb3-5e994cdf55b29"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

gallypublicaffairs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

66.96.146.102

200 OK

6.5 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (6475), with no line terminators
Size
6.5 kB (6475 bytes)
Hash
61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: application/x-javascript
Content-Length: 6475
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "194b-5dc5fbf1e6f80"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4436

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 511515
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3

66.96.146.102

200 OK

999 B

URL HTTP/1.1
gallypublicaffairs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (999), with no line terminators
Size
999 B (999 bytes)
Hash
6a0e8318d42803736d2fafcc12238026
c955314a7e0a9a9871329b0f042c8f0b5df49a78
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: application/x-javascript
Content-Length: 999
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 26 Sep 2022 13:50:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "3e7-5e994cdf2f5e7"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4469

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 511515
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

142.250.74.163

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size
20 kB (19860 bytes)
Hash
a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47

HTTP Headers

GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 22:46:40 GMT
expires: Tue, 19 Sep 2023 22:46:40 GMT
cache-control: public, max-age=31536000
age: 577736
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 887990f11655c273044f2240858ad109
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750cf4b66a601c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

66.96.146.102

200 OK

89 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:35 GMT
Content-Type: text/css
Content-Length: 88932
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 04 Jul 2022 12:10:37 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "15b64-5e2f99fa9e940"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4468

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gallypublicaffairs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

66.96.146.102

200 OK

19 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
19 kB (19142 bytes)
Hash
57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: application/x-javascript
Content-Length: 19142
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "4ac6-5dc5fbf1e6f80"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4437

widgets.sociablekit.com/facebook-page-posts/widget.js

137.220.35.134

200 OK

21 kB

URL HTTP/2
widgets.sociablekit.com/facebook-page-posts/widget.js
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
C source, Unicode text, UTF-8 text, with very long lines (2100)
Size
21 kB (21276 bytes)
Hash
7414e078019191518ca91c05e4f7b149
d67a7e3d45540b18d915fbe1a39a29e90fc93ae8
73c6f3573f87f2908bcf515f1ba98be9f6e5ad6c37d6a97758ca81ea1d247b77

HTTP Headers

GET /facebook-page-posts/widget.js HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: application/javascript
content-length: 21276
access-control-allow-origin: *
access-control-allow-headers: access
access-control-allow-methods: GET
access-control-allow-credentials: true
vary: Accept-Encoding
content-encoding: gzip
expires: 0, Thu, 19 Nov 1981 08:52:00 GM
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache, no-cache
X-Firefox-Spdy: h2

widgets.sociablekit.com/facebook-page-posts/iframe/91873

137.220.35.134

200 OK

315 B

URL HTTP/2
widgets.sociablekit.com/facebook-page-posts/iframe/91873
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
86668ab5447a9d562307880ce7860e4d
357da019f5680a3898ee67b19712914c17bfc2aa
7e03e9d6855ccb13dd0e4cc445d36fff0819155392f4ebdb0e87d6b795f8ef2f

HTTP Headers

GET /facebook-page-posts/iframe/91873 HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: text/html; charset=UTF-8
content-length: 315
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GM
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/themes/gally-custom/images/search-icon.png

66.96.146.102

200 OK

634 B

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/search-icon.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
634 B (634 bytes)
Hash
7f508ee76d37206fe856e416cea27f50
565556bf0d1aa3ff38aea15ff0d318e7887ce619
55ca9823d43a3b6abeac632db77ff308917e4713dfd384cea6fd25a15a620e59

HTTP Headers

GET /wp-content/themes/gally-custom/images/search-icon.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 634
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "27a-5e7a37d92a000"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4469

gallypublicaffairs.com/wp-content/themes/gally-custom/images/home-feature-placeholder.png

66.96.146.102

200 OK

1.9 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/home-feature-placeholder.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 470 x 562, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1858 bytes)
Hash
4a935c1a9d3747dc467c50e8c40dc767
bf9535cfdfa6607bd53df21eb8f107b5a94181bd
3a14e973421f48a50102fd283d5fa932714846147b2c2a3cdf21d3799a62870e

HTTP Headers

GET /wp-content/themes/gally-custom/images/home-feature-placeholder.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 1858
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "742-5e7a37d835dc0"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

gallypublicaffairs.com/wp-content/uploads/2022/08/gpa-logo.png

66.96.146.102

200 OK

12 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/08/gpa-logo.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 278 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12246 bytes)
Hash
0e6bf509bfb28a86bcf7ae5ebad79530
4e14243fa05ac0e767570defd3daa247613e78aa
d066cde3f81af036f95002cb24b05a92c12a262417cba45ea6c2c722966bab69

HTTP Headers

GET /wp-content/uploads/2022/08/gpa-logo.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 12246
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Wed, 24 Aug 2022 00:47:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "2fd6-5e6f206cb1580"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4469

fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Size
24 kB (24448 bytes)
Hash
865e46af816320c9f32234e8968558d0
6791e9f732fcbde0f375f84ccbc14c4ac72795a3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

HTTP Headers

GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:27:46 GMT
expires: Wed, 20 Sep 2023 17:27:46 GMT
cache-control: public, max-age=31536000
age: 510470
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/uploads/2022/08/beach-and-seagull.jpg

66.96.146.102

200 OK

107 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/08/beach-and-seagull.jpg
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 470x562, components 3\012- data
Size
107 kB (107019 bytes)
Hash
2b17359b1ccf89255d44e832adddc71f
6b380af6ca378e5f28c752a33b3608043007f319
ed707700c2893777d6188c78614d123c3bc9ebd484d46abec931ede04116648d

HTTP Headers

GET /wp-content/uploads/2022/08/beach-and-seagull.jpg HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/jpeg
Content-Length: 107019
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Fri, 26 Aug 2022 16:47:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "1a20b-5e727ab0c3cc0"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

gallypublicaffairs.com/wp-content/themes/gally-custom/images/close-icon.png

66.96.146.102

200 OK

274 B

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/close-icon.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
274 B (274 bytes)
Hash
e89ea364fdf12b793fb18e6e280567a0
06794161576264dc6c04802a267a851131180258
a713cd8b5649965aaa06104a82e6edc6b5574550950d5f127b9a35cdfa48398e

HTTP Headers

GET /wp-content/themes/gally-custom/images/close-icon.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 274
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "112-5e7a37d741b80"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4469

gallypublicaffairs.com/wp-content/themes/gally-custom/images/pagebanner-tall.png

66.96.146.102

200 OK

3.4 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/pagebanner-tall.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 1440 x 416, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3400 bytes)
Hash
bfaa868bf43ffabea24784c868e331c1
05dbe38f27e6a5a79ee36049cff23e69ef5138e2
43ca4804348786b8e336eceb033c313759044786b7e448957e49b96da1d5d5a6

HTTP Headers

GET /wp-content/themes/gally-custom/images/pagebanner-tall.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 3400
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "d48-5e7a37d92a000"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

widgets.sociablekit.com/facebook-page-posts/widget.js

137.220.35.134

200 OK

21 kB

URL HTTP/2
widgets.sociablekit.com/facebook-page-posts/widget.js
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
C source, Unicode text, UTF-8 text, with very long lines (2100)
Size
21 kB (21276 bytes)
Hash
7414e078019191518ca91c05e4f7b149
d67a7e3d45540b18d915fbe1a39a29e90fc93ae8
73c6f3573f87f2908bcf515f1ba98be9f6e5ad6c37d6a97758ca81ea1d247b77

HTTP Headers

GET /facebook-page-posts/widget.js HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/facebook-page-posts/iframe/91873
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: application/javascript
content-length: 21276
access-control-allow-origin: *
access-control-allow-headers: access
access-control-allow-methods: GET
access-control-allow-credentials: true
vary: Accept-Encoding
content-encoding: gzip
expires: 0, Thu, 19 Nov 1981 08:52:00 GM
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache, no-cache
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/uploads/2022/08/signing-with-gov.jpg

66.96.146.102

200 OK

113 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/08/signing-with-gov.jpg
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 470x562, components 3\012- data
Size
113 kB (112653 bytes)
Hash
21402d0f907ab07b9add7bf9b2c78bed
5129a65173da66e4f8f5268c95a378f628720d83
88e89b7c57b2507ffa4391e4366532aea0f1118c4bed1cd7cc687f159cb4ecfa

HTTP Headers

GET /wp-content/uploads/2022/08/signing-with-gov.jpg HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/jpeg
Content-Length: 112653
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Fri, 26 Aug 2022 16:48:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "1b80d-5e727ade8a8c0"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

gallypublicaffairs.com/wp-content/themes/gally-custom/images/gpa-footer-logo.png

66.96.146.102

200 OK

2.9 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/gpa-footer-logo.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 156 x 62, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2865 bytes)
Hash
9bfbb4700206e5fb1e62d23c00e1064d
0a96a1a1a4dc5484f7710559750ff4ca9784dda4
ec56ffcb5875db4d53f4eee3099c102184a4b05561577780f86b97d12f868deb

HTTP Headers

GET /wp-content/themes/gally-custom/images/gpa-footer-logo.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 2865
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "b31-5e7a37d835dc0"
Expires: Mon, 26 Sep 2022 18:01:07 GMT
Age: 4469

gallypublicaffairs.com/wp-content/uploads/2022/09/statehouse.jpg

66.96.146.102

200 OK

337 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/09/statehouse.jpg
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x416, components 3\012- data
Size
337 kB (337030 bytes)
Hash
ed0c3fcdc4eb0be44f025ba21cea106a
bfd984dfc1dd8a0977b0169eeeaf05c5c2cdcc22
d217d28b809d700c371c77cc43a4c93baaf249aba6f1bd01d9fa4f33a791bdc9

HTTP Headers

GET /wp-content/uploads/2022/09/statehouse.jpg HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/jpeg
Content-Length: 337030
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:39:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "52486-5e7a39cbef8c0"
Expires: Mon, 26 Sep 2022 17:58:30 GMT
Age: 4627

gallypublicaffairs.com/wp-content/themes/gally-custom/images/pagebanner-tall-mobile.png

66.96.146.102

200 OK

2.1 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/themes/gally-custom/images/pagebanner-tall-mobile.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 768 x 459, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2123 bytes)
Hash
e7c83969067b76028ec4107ed4d8f89e
4f91bd87049fc0000e10c0034510ebd3a4ba678e
06f54b8d6ba32fb425eb6073930c81a297a4c8ce8954451da20645b5109113bf

HTTP Headers

GET /wp-content/themes/gally-custom/images/pagebanner-tall-mobile.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 2123
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 01 Sep 2022 20:30:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "84b-5e7a37d92a000"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
295378998d8c9b8331ba999d05005e60
1e1836a0226bfca04b94c8cdf9bedb9b2837c220
eff125c19507fbe1b89654ec55a9f67bac7740257fbcf91cf5b0a601db51d950

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Last-Modified: Mon, 26 Sep 2022 13:27:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1687 bytes)
Hash
243130fb34ae88698db37a76836d9dcc
189b883a4671fd6765f342ee74fb52cb2773a9e5
ad9f3624859c9ed72f30003e007377348eb9d0c58c6477cf70c579d91983bde9

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7017e2e670113ee0fe4a5e1980666b41
etag: "bb42ca34a8d33d42d6c62308ce64b278"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Sep 2022 15:30:18 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JDEw+zSuiGmNs3p2g22dzA==
x-fb-debug: ykI/VX00i13qHQUniu7ycftsoYqCevgUO9wFilZVFp3Ppn5NEAWRLM194lBbg3qXomemRqoC620P/L9vzlQfHw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:15:36 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
295378998d8c9b8331ba999d05005e60
1e1836a0226bfca04b94c8cdf9bedb9b2837c220
eff125c19507fbe1b89654ec55a9f67bac7740257fbcf91cf5b0a601db51d950

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 15:15:36 GMT
Last-Modified: Mon, 26 Sep 2022 13:27:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

gallypublicaffairs.com/wp-content/uploads/2022/08/EricGally-8-web.jpg

66.96.146.102

200 OK

464 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/08/EricGally-8-web.jpg
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, copyright=881430933779683], progressive, precision 8, 600x900, components 3\012- data
Size
464 kB (463837 bytes)
Hash
8138d2a7cb163c03b29192768ee8f117
528b4e3010782aefd9ee4d69235761e11245ba62
f8ae62abbf7bfe2274ce2ff2fc0ef1f488c8de1d62c699f2dbdbd6af89f7b417

HTTP Headers

GET /wp-content/uploads/2022/08/EricGally-8-web.jpg HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/jpeg
Content-Length: 463837
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Fri, 26 Aug 2022 18:05:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "713dd-5e728c0ce31c0"
Expires: Mon, 26 Sep 2022 17:58:29 GMT
Age: 4627

connect.facebook.net/en_US/sdk.js?hash=16348a3e1f855d2cb634e3e80298d05f

157.240.200.14

200 OK

89 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=16348a3e1f855d2cb634e3e80298d05f
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18598)
Size
89 kB (88800 bytes)
Hash
d2cc6bbc25b5c1f84f8f3a55456639fb
856938ea47466ebbef440564d08778e07277ce45
489e8f9523718a353ee68bfca23f74329bf8642c53c372ff6c1eb0fd2f36f569

HTTP Headers

GET /en_US/sdk.js?hash=16348a3e1f855d2cb634e3e80298d05f HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widgets.sociablekit.com
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2ffb482c39d399e3c8c3d3d5e5bc4047
etag: "816d4496b3c9edb3e178805c95ad25f6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 26 Sep 2023 12:01:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 0sxrvCW1wfhPjzpVRWY5+w==
x-fb-debug: P5xHIsi/SGG1cU79c2a6TjNAbCfGWWp7lhsXkPWDSQnTuIwYd4P9BP6bU6oZjCLc89LXklCo+Ebi4kuEJsgwJg==
content-length: 88800
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:15:36 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-content/uploads/2022/09/gally-favicon.png

66.96.146.102

200 OK

7.2 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/09/gally-favicon.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 290 x 290, 8-bit/color RGB, non-interlaced\012- data
Size
7.2 kB (7214 bytes)
Hash
f3c8d8d4e20f8a37952ccecb4820b625
acbb28e7140153f5639c8d77c19d1ff5b554f40e
50f7e158e86314a7c2c463431b2bcbf0f45444741d7183362ece08421886c52c

HTTP Headers

GET /wp-content/uploads/2022/09/gally-favicon.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Cookie: _ga_GJMRD5WC7B=GS1.1.1664205334.1.0.1664205334.0.0.0; _ga=GA1.1.952913006.1664205335
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 7214
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 15 Sep 2022 18:07:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "1c2e-5e8bb1fda8925"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4437

gallypublicaffairs.com/wp-content/uploads/2022/09/gally-favicon-150x150.png

66.96.146.102

200 OK

1.3 kB

URL HTTP/1.1
gallypublicaffairs.com/wp-content/uploads/2022/09/gally-favicon-150x150.png
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1338 bytes)
Hash
c8bcde816a04194c107274a9a04db1e5
984a8d91de53fb902eb0844269fc0b3c59f4eec8
dcad205119d51f938e4a561c74792823dbca3bdb7eb61a4407c7e745a0569318

HTTP Headers

GET /wp-content/uploads/2022/09/gally-favicon-150x150.png HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Cookie: _ga_GJMRD5WC7B=GS1.1.1664205334.1.0.1664205334.0.0.0; _ga=GA1.1.952913006.1664205335
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:36 GMT
Content-Type: image/png
Content-Length: 1338
Connection: keep-alive
Server: Apache/2
Vary: Accept-Encoding
Last-Modified: Thu, 15 Sep 2022 18:07:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Referrer-Policy: no-referrer-when-downgrade
Pragma: public
Etag: "53a-5e8bb1ff262c0"
Expires: Mon, 26 Sep 2022 18:01:39 GMT
Age: 4437

region1.google-analytics.com/g/collect?v=2&tid=G-GJMRD5WC7B&gtm=2oe9l0&_p=679314154&gdid=dZTNiMT&cid=952913006.1664205335&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664205334&sct=1&seg=0&dl=https%3A%2F%2Fgallypublicaffairs.com%2F&dt=Gally%20Public%20Affairs%20-%20one%20of%20Maryland%27s%20top%20government%20relations%20firms&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GJMRD5WC7B&gtm=2oe9l0&_p=679314154&gdid=dZTNiMT&cid=952913006.1664205335&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664205334&sct=1&seg=0&dl=https%3A%2F%2Fgallypublicaffairs.com%2F&dt=Gally%20Public%20Affairs%20-%20one%20of%20Maryland%27s%20top%20government%20relations%20firms&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GJMRD5WC7B&gtm=2oe9l0&_p=679314154&gdid=dZTNiMT&cid=952913006.1664205335&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664205334&sct=1&seg=0&dl=https%3A%2F%2Fgallypublicaffairs.com%2F&dt=Gally%20Public%20Affairs%20-%20one%20of%20Maryland%27s%20top%20government%20relations%20firms&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://gallypublicaffairs.com
date: Mon, 26 Sep 2022 15:15:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=679844159512553&ev=fb_page_view&dl=https%3A%2F%2Fwidgets.sociablekit.com%2Ffacebook-page-posts%2Fiframe%2F91873&rl=https%3A%2F%2Fgallypublicaffairs.com%2F&if=true&ts=1664205335242&sw=1280&sh=1024&at=

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=679844159512553&ev=fb_page_view&dl=https%3A%2F%2Fwidgets.sociablekit.com%2Ffacebook-page-posts%2Fiframe%2F91873&rl=https%3A%2F%2Fgallypublicaffairs.com%2F&if=true&ts=1664205335242&sw=1280&sh=1024&at=
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=679844159512553&ev=fb_page_view&dl=https%3A%2F%2Fwidgets.sociablekit.com%2Ffacebook-page-posts%2Fiframe%2F91873&rl=https%3A%2F%2Fgallypublicaffairs.com%2F&if=true&ts=1664205335242&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Mon, 26 Sep 2022 15:15:37 GMT
X-Firefox-Spdy: h2

widgets.sociablekit.com/libs/js/moment.js

137.220.35.134

200 OK

80 kB

URL HTTP/2
widgets.sociablekit.com/libs/js/moment.js
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
data
Size
80 kB (80436 bytes)
Hash
4e683d50b76b44721b6a56d0874c6c1a
197214dcca4222c7cd1890e2f60964d76373e039
1c66951cd064da3006f547cc58b71d8952edb9a1ff9cc96c3a8feab38359a6fa

HTTP Headers

GET /libs/js/moment.js HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/facebook-page-posts/iframe/91873
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 08:19:43 GMT
vary: Accept-Encoding
etag: W/"6171229f-24cf6"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/masonry-layout@4.2.0/dist/masonry.pkgd.min.js

104.16.124.175

200 OK

23 kB

URL HTTP/2
unpkg.com/masonry-layout@4.2.0/dist/masonry.pkgd.min.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (23946)
Size
23 kB (23149 bytes)
Hash
bdc9d859bb171592294731f8249519f4
b5cee5cbd47cdd12f2f1d7e58129a9ecdea3ce8d
7c6c15e0a30377ac54a991258f36f70b22178b1ac6b7de22ac5a4782216dd205

HTTP Headers

GET /masonry-layout@4.2.0/dist/masonry.pkgd.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 20 Apr 2017 18:10:06 GMT
etag: W/"5e12-868CM0jYclGd+QXXIKm5UWY+XNI"
via: 1.1 fly.io
fly-request-id: 01G4XHKVZ6ZDPHNJJGQCA3JW2Q-fra
cf-cache-status: HIT
age: 9651476
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 750cf4bdddeeb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

widgets.sociablekit.com/libs/swiper/swiper.min.css

137.220.35.134

200 OK

3.5 kB

URL HTTP/2
widgets.sociablekit.com/libs/swiper/swiper.min.css
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
data
Size
3.5 kB (3532 bytes)
Hash
d80ef1092aa024b79403c5b10318ac83
55ffde008fbb9f6041d7af48f517c5cc0e01d11d
888931f5c8be9cc408a233ef9f01828e715dd60f9aa9f359e73a0537a8c202b9

HTTP Headers

GET /libs/swiper/swiper.min.css HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: text/css
last-modified: Thu, 11 Nov 2021 07:31:29 GMT
vary: Accept-Encoding
etag: W/"618cc6d1-4d42"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gallypublicaffairs.com/wp-json/contact-form-7/v1/contact-forms/54/feedback/schema

66.96.146.102

200 OK

472 B

URL HTTP/1.1
gallypublicaffairs.com/wp-json/contact-form-7/v1/contact-forms/54/feedback/schema
IP
66.96.146.102:0
ASN
#29873 BIZLAND-SD

File type
JSON data\012- , ASCII text, with very long lines (472), with no line terminators
Size
472 B (472 bytes)
Hash
f2437200cef2491b5080fa6ccffdb844
0ecf2e6fed78fc67a01c60453636de8ab960140c
ff5682854680e9da245448334b9ba3a79f52648c39468af9060d81bff0dd3fbf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-json/contact-form-7/v1/contact-forms/54/feedback/schema HTTP/1.1
Host: gallypublicaffairs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gallypublicaffairs.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 15:15:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 472
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.15
X-Robots-Tag: noindex
Link: <https://gallypublicaffairs.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
Age: 1

widgets.sociablekit.com/libs/swiper/swiper.min.js

137.220.35.134

200 OK

33 kB

URL HTTP/2
widgets.sociablekit.com/libs/swiper/swiper.min.js
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type
ASCII text, with very long lines (65270)
Size
33 kB (33270 bytes)
Hash
ea7e4787c50ff1bd66ee991f66205b8f
b9b05c5ee8f9008e188bc97db893379967a39878
5e513af73d9610168c70ee3786cbde180d507937ee46d640e3a3699181894f3a

HTTP Headers

GET /libs/swiper/swiper.min.js HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/facebook-page-posts/iframe/91873
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:37 GMT
content-type: application/javascript
last-modified: Thu, 11 Nov 2021 07:31:29 GMT
vary: Accept-Encoding
etag: W/"618cc6d1-1f397"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

data.accentapi.com/feed/91873.json?nocache=1664205335930

66.42.78.246

200 OK

75 kB

URL HTTP/2
data.accentapi.com/feed/91873.json?nocache=1664205335930
IP
66.42.78.246:0
ASN
#20473 AS-CHOOPA

File type
data
Size
75 kB (75247 bytes)
Hash
54f2fd108b20f0c44e3e4f9b66181b9b
06cd0fd53a0603f81ef9e2de552c16591504a646
7f55f66c40a9a291c40462982579af0efc9bb01063134d5356c176072b6fc6bf

HTTP Headers

GET /feed/91873.json?nocache=1664205335930 HTTP/1.1
Host: data.accentapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gallypublicaffairs.com/
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:38 GMT
content-type: application/json
vary: Accept-Encoding
access-control-max-age: 1728000
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: Authorization
last-modified: Mon, 26 Sep 2022 12:33:06 GMT
etag: W/"1d975-5e993bac4b364"
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/277568202_347899970718105_2699589766116574189_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wyQho2x20J4AX_Jd8Va&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT9pitKfSWSGA0qw1_Mp_Ax43UU--GXWdzSYeIwX1GgBZQ&oe=6335F571

157.240.249.8

200 OK

12 kB

URL HTTP/2
scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/277568202_347899970718105_2699589766116574189_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wyQho2x20J4AX_Jd8Va&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT9pitKfSWSGA0qw1_Mp_Ax43UU--GXWdzSYeIwX1GgBZQ&oe=6335F571
IP
157.240.249.8:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 311x445, components 3\012- data
Size
12 kB (12116 bytes)
Hash
72825ba195d008d2354bd0f12cb6fcab
8b32b86e1ebef8f8b418408ce90ccf8e11c50f45
a9ff5b712de16d9400ee8b93c451308809910b2b338c386b1f8c130425b54f58

HTTP Headers

GET /v/t39.30808-6/277568202_347899970718105_2699589766116574189_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wyQho2x20J4AX_Jd8Va&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT9pitKfSWSGA0qw1_Mp_Ax43UU--GXWdzSYeIwX1GgBZQ&oe=6335F571 HTTP/1.1
Host: scontent-ord5-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 04 Apr 2022 15:28:05 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3911766669
x-needle-checksum: 453097965
content-digest: adler32=453097965
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 12116
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:15:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/283779905_10158801871891818_2721093675444735019_n.png?stp=dst-png_s720x720&_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=6n9DjdK9-ZsAX8kXJuz&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT8gFxUVq2tHG5PxEs61lQUceTkvwGx7WRF4U9HFGUmBlg&oe=633671E2

157.240.249.8

200 OK

192 kB

URL HTTP/2
scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/283779905_10158801871891818_2721093675444735019_n.png?stp=dst-png_s720x720&_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=6n9DjdK9-ZsAX8kXJuz&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT8gFxUVq2tHG5PxEs61lQUceTkvwGx7WRF4U9HFGUmBlg&oe=633671E2
IP
157.240.249.8:0
ASN
#32934 FACEBOOK

File type
PNG image data, 720 x 378, 8-bit/color RGB, non-interlaced\012- data
Size
192 kB (192165 bytes)
Hash
89d2f34e56cc2bf1ecc1da089cc6f5f4
1b49b2db2358f3b90eeb066732d9d74be24f9d97
58be162cbfeb28bb2d30e5a9c84ee8ccdd7c767c8641a0177bfaee2c50c10226

HTTP Headers

GET /v/t39.30808-6/283779905_10158801871891818_2721093675444735019_n.png?stp=dst-png_s720x720&_nc_cat=110&ccb=1-7&_nc_sid=8024bb&_nc_ohc=6n9DjdK9-ZsAX8kXJuz&_nc_ht=scontent-ord5-1.xx&edm=AKK4YLsEAAAA&oh=00_AT8gFxUVq2tHG5PxEs61lQUceTkvwGx7WRF4U9HFGUmBlg&oe=633671E2 HTTP/1.1
Host: scontent-ord5-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 23 May 2022 16:44:08 GMT
x-haystack-needlechecksum: 3503089523
x-needle-checksum: 1703320831
content-type: image/png
content-digest: adler32=1334408392
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 192165
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:15:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

external-ord5-1.xx.fbcdn.net/emg1/v/t13/9517284782956630844?url=https%3a%2f%2fwww.marylandmatters.org%2fwp-content%2fuploads%2f2022%2f02%2fIMG_0609-scaled-1.jpg&fb_obo=1&utld=fbcdn.net&stp=dst-emg0_q75&ccb=13-1&oh=06_AaoCxGEp_WyWo8vydreqPJFEU8ZF2D87HjcUtTttltys0w&oe=63336044&_nc_sid=5f3a21

157.240.249.8

200 OK

889 kB

URL HTTP/2
external-ord5-1.xx.fbcdn.net/emg1/v/t13/9517284782956630844?url=https%3a%2f%2fwww.marylandmatters.org%2fwp-content%2fuploads%2f2022%2f02%2fIMG_0609-scaled-1.jpg&fb_obo=1&utld=fbcdn.net&stp=dst-emg0_q75&ccb=13-1&oh=06_AaoCxGEp_WyWo8vydreqPJFEU8ZF2D87HjcUtTttltys0w&oe=63336044&_nc_sid=5f3a21
IP
157.240.249.8:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1920, components 3\012- data
Size
889 kB (889306 bytes)
Hash
803574df24d70b20f5900c1216cadc75
98077404bb5431955ca616754e2c780fe26b16a4
34460e3973d93ad7e79ae86d8defa64d39944780663639f08156b8f316e837cd

HTTP Headers

GET /emg1/v/t13/9517284782956630844?url=https%3a%2f%2fwww.marylandmatters.org%2fwp-content%2fuploads%2f2022%2f02%2fIMG_0609-scaled-1.jpg&fb_obo=1&utld=fbcdn.net&stp=dst-emg0_q75&ccb=13-1&oh=06_AaoCxGEp_WyWo8vydreqPJFEU8ZF2D87HjcUtTttltys0w&oe=63336044&_nc_sid=5f3a21 HTTP/1.1
Host: external-ord5-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 13:19:02 GMT
content-type: image/jpeg
content-digest: adler32=4248163773
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 889306
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:15:38 GMT
cache-control: max-age=1209600, no-transform
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Playfair+Display&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Playfair+Display&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Playfair+Display&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 15:15:35 GMT
date: Mon, 26 Sep 2022 15:15:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

0 B

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 14:41:09 GMT
expires: Mon, 26 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 2067
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

widgets.sociablekit.com/images/ripple.svg

137.220.35.134

200 OK

0 B

URL HTTP/2
widgets.sociablekit.com/images/ripple.svg
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/ripple.svg HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Oct 2021 08:19:43 GMT
vary: Accept-Encoding
etag: W/"6171229f-3cd"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

widgets.sociablekit.com/libs/magnific-popup/jquery.magnific-popup.js

137.220.35.134

200 OK

0 B

URL HTTP/2
widgets.sociablekit.com/libs/magnific-popup/jquery.magnific-popup.js
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /libs/magnific-popup/jquery.magnific-popup.js HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: application/javascript
last-modified: Thu, 11 Nov 2021 07:31:29 GMT
vary: Accept-Encoding
etag: W/"618cc6d1-cba6"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

views.accentapi.com/add_view.php?user_id=0&embed_id=91873

66.42.79.29

200 OK

0 B

URL HTTP/2
views.accentapi.com/add_view.php?user_id=0&embed_id=91873
IP
66.42.79.29:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /add_view.php?user_id=0&embed_id=91873 HTTP/1.1
Host: views.accentapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:39 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: access
content-encoding: gzip
X-Firefox-Spdy: h2

www.youtube.com/player_api

142.250.74.46

200 OK

0 B

URL HTTP/2
www.youtube.com/player_api
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /player_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 26 Sep 2022 15:15:37 GMT
date: Mon, 26 Sep 2022 15:15:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Qi8MuSh9YPM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5r_xMqBH3Bk; Domain=.youtube.com; Expires=Sat, 25-Mar-2023 15:15:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+001; expires=Wed, 25-Sep-2024 15:15:37 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gallypublicaffairs.com
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:35 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d0a0facbdcd2bdb9798eb02ad557cece
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750cf4b3cfd11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/aos@2.3.1/dist/aos.css

104.16.124.175

200 OK

0 B

URL HTTP/2
unpkg.com/aos@2.3.1/dist/aos.css
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aos@2.3.1/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
via: 1.1 fly.io
fly-request-id: 01G754J040XBCARD93ACQA76A4-fra
cf-cache-status: HIT
age: 7249008
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 750cf4b48d6fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

widgets.sociablekit.com/libs/magnific-popup/magnific-popup.css

137.220.35.134

200 OK

0 B

URL HTTP/2
widgets.sociablekit.com/libs/magnific-popup/magnific-popup.css
IP
137.220.35.134:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /libs/magnific-popup/magnific-popup.css HTTP/1.1
Host: widgets.sociablekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:36 GMT
content-type: text/css
last-modified: Thu, 11 Nov 2021 07:31:29 GMT
vary: Accept-Encoding
etag: W/"618cc6d1-1db2"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

data.accentapi.com/feed/91873.json?nocache=1664205335945

66.42.78.246

200 OK

0 B

URL HTTP/2
data.accentapi.com/feed/91873.json?nocache=1664205335945
IP
66.42.78.246:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /feed/91873.json?nocache=1664205335945 HTTP/1.1
Host: data.accentapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widgets.sociablekit.com/
Origin: https://widgets.sociablekit.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:38 GMT
content-type: application/json
vary: Accept-Encoding
access-control-max-age: 1728000
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: Authorization
last-modified: Mon, 26 Sep 2022 12:33:06 GMT
etag: W/"1d975-5e993bac4b364"
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

views.accentapi.com/add_view.php?user_id=0&embed_id=91873

66.42.79.29

200 OK

0 B

URL HTTP/2
views.accentapi.com/add_view.php?user_id=0&embed_id=91873
IP
66.42.79.29:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /add_view.php?user_id=0&embed_id=91873 HTTP/1.1
Host: views.accentapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widgets.sociablekit.com
Connection: keep-alive
Referer: https://widgets.sociablekit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 15:15:39 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: access
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/aos@2.3.1/dist/aos.js

104.16.124.175

200 OK

0 B

URL HTTP/2
unpkg.com/aos@2.3.1/dist/aos.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aos@2.3.1/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gallypublicaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 15:15:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
via: 1.1 fly.io
fly-request-id: 01F3YGTK14BN7YR0KMC99B0BKK
cf-cache-status: HIT
age: 13516111
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 750cf4b3ec91b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP