Report - www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php

Report Overview

Submitted URL
www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
IP
151.101.194.159
ASN
#54113 FASTLY
Submitted
2023-03-21 08:37:05
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	2.1 kB	4.2 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.3 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-26T05:09:32Z	368 B	2.0 kB	151.101.2.133
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	367 B	21 kB	142.250.74.142
www.youtube.com	90	2013-04-13T09:43:20Z	2023-03-26T05:12:52Z	771 B	65 kB	142.250.74.142
www.gaf.eu	unknown	2018-10-26T15:18:21Z	2023-03-20T17:59:38Z	8.9 kB	1.5 MB	151.101.194.159
polyfill.io	102644	2016-02-12T01:04:58Z	2023-03-25T05:12:59Z	415 B	1.0 kB	151.101.65.26
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-26T06:17:09Z	386 B	31 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.88.60.132
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	379 B	8.6 kB	142.250.74.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-21	medium	www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php	Phishing
2023-03-21	medium	www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js	188 kB	2023-03-26	2023-03-26
Pretty URL www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:32:05 Last Seen2023-03-26 13:24:53 Times Seen161 Hash f591866c7d20e38c7d6eaa7c5dd3579c b12c3c04c456c0e542bca9d2cb1f49985c03246d 8afc8c47e931fe3cb0fd970ce36dbeb54f82c8dd1e5df1f8dfd820fd3c78662b Loading...

	www.gaf.eu/wp-content/themes/gaf/build/js/gsap/Flip.min.js	17 kB	2023-03-08	2023-03-26
Pretty URL www.gaf.eu/wp-content/themes/gaf/build/js/gsap/Flip.min.js IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:02 Last Seen2023-03-26 12:51:00 Times Seen2 Hash 76c56650de17059a19178a84babd98b1 ec65ecd7beb8ca62e6826de40c88c0035d6848d2 7b96660107818f391aa0ba80a10fc1ac1187da108cb6e5d8940d5581637af6d0 Loading...

	www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php	182 B	2023-03-08	2023-03-26
Pretty URL www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:02 Last Seen2023-03-26 12:51:00 Times Seen2 Hash bd2bfad1a8aaafe809db872db93e16e8 afd4a1fcbd89ce1946a5cf27153881c50df5eacd acc5ad58c873cb2ad507f0b8adcd2ec738fccc64a4e8425a982c09b5ab7ecbce Loading...

	www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php	1.0 kB	2023-03-08	2023-03-26
Pretty URL www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:02 Last Seen2023-03-26 12:51:00 Times Seen2 Hash 4ca3ac0bec6b6924253fed02a750f082 3ed51159a8586eddb21ddd17efcb547f1b249df1 d6d9e1cb6891b88e13870c651d1705a98b3d2a2577ffa6a3d7c427a23174d372 Loading...

	www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php	57 B	2023-03-08	2023-03-26
Pretty URL www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:02 Last Seen2023-03-26 12:51:00 Times Seen2 Hash 0670fc711db4aa80cbcf7f41cae9e144 fcdc285d6fec92fbc1afe5e11bcf6943abc4f31d 0e94f5ce6076ddb10178261ea58fac27cd9a197b6a73da78695a42bb47cf4541 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.gaf.eu/wp-content/themes/gaf/build/js/gsap/SplitText.min.js	15 kB	2023-03-08	2023-03-26
Pretty URL www.gaf.eu/wp-content/themes/gaf/build/js/gsap/SplitText.min.js IP 151.101.194.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:02 Last Seen2023-03-26 12:51:01 Times Seen2 Hash 1c66c4855910d363301d731a8cde2d69 caa226f254280eb847f912c831b01b69b950349d a125594c16b151abc595af267f0657e729f57832a9700f70c4a3c57a338c229d Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:40:46 Times Seen37532059 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	polyfill.io/v3/polyfill.min.js?features=IntersectionObserver	101 B	2023-03-07	2024-05-10
Pretty URL polyfill.io/v3/polyfill.min.js?features=IntersectionObserver IP 151.101.65.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2024-05-10 16:32:36 Times Seen15754 Hash 66a7d2a5dd73e9fca370d85360c85447 2e4ca9cb2ed0fcd0436ee10516b2bb441fc16a63 d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Loading...

	www.googletagmanager.com/gtag/js?id=UA-42168110-1	115 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-42168110-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:51:01 Last Seen2023-03-26 12:51:01 Times Seen1 Hash 9153ae86afbef2606010215119f70fb9 bed2aa1645d6113fec3711a0ca23c95ce782ed49 1f0674368e1b03549c02a436052e13f744f17bd539e9d1ec457230ba4f49ccac Loading...

	www.youtube.com/iframe_api	992 B	2023-03-26	2023-03-26
Pretty URL www.youtube.com/iframe_api IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:32:05 Last Seen2023-03-26 13:24:53 Times Seen180 Hash e882b462546a656f9820adff1fb15a81 8554065b121f3a0f663cc009ce7f82e07370abd5 7ac1e3e9a56d93d8f406ef31b9b234b0e44f1f5bb75200b08daab11cdf893c53 Loading...

HTTP Transactions (49)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3820
Expires: Tue, 21 Mar 2023 09:40:33 GMT
Date: Tue, 21 Mar 2023 08:36:53 GMT
Connection: keep-alive

www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php

151.101.194.159

301 Moved Permanently

162 B

URL HTTP/1.1
www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: t11hv6z0n3
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 08:36:53 GMT
X-Served-By: cache-bma1631-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1679387814.734788,VS0,VE186
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10341
Expires: Tue, 21 Mar 2023 11:29:14 GMT
Date: Tue, 21 Mar 2023 08:36:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 08:14:57 GMT
content-type: application/json
age: 1316
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5128
Expires: Tue, 21 Mar 2023 10:02:21 GMT
Date: Tue, 21 Mar 2023 08:36:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uU3rvRjsNryFKS1bzKEv81faCOwb3BZvYxug8TpURjvE1XcCJHK3/IkPQBzjOWnmPyLC62dk8EogwaAq/27zgg==
x-amz-request-id: RVFTGW27V41EW965
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 07:59:02 GMT
age: 2271
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 08:36:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 08:14:33 GMT
age: 1341
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3809
Expires: Tue, 21 Mar 2023 09:40:23 GMT
Date: Tue, 21 Mar 2023 08:36:54 GMT
Connection: keep-alive

push.services.mozilla.com/

52.88.60.132

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.60.132:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tyN0jK1Hw9i6AkVf4e6kUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ammygpT5GGDk8iU66bp0Fxw4Gy0=

www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php

151.101.194.159

404 Not Found

5.6 kB

URL HTTP/2
www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
5.6 kB (5617 bytes)
Hash
3e72675bbfad72d25c4ce1fcc8b43394
a98726c98d5385e09411b4fc7dfcd4dd15413a27
9ef9d7040ea591506a783a8781968e8305a6f5ff2dd424162f458a268e0b6b8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.gaf.eu/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: t11hv6z0n3
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387814.000797,VS0,VE1117
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 5617
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/js/gsap/SplitText.min.js

151.101.194.159

200 OK

5.5 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/js/gsap/SplitText.min.js
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (14846)
Size
5.5 kB (5536 bytes)
Hash
aebe4fd358913075e36b17c8af587192
15bea878ff6226a7a38234863fa0925e944e8be3
fc7b5f8147ccad2101ac9d5804907f80cb9ca93c717cc7b7ac451df662433cfa

HTTP Headers

GET /wp-content/themes/gaf/build/js/gsap/SplitText.min.js HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 17 Aug 2021 08:44:17 GMT
etag: W/"611b76e1-3b2c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1679387815.242436,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5536
X-Firefox-Spdy: h2

www.gaf.eu/wp-includes/css/classic-themes.min.css?ver=1

151.101.194.159

200 OK

189 B

URL HTTP/2
www.gaf.eu/wp-includes/css/classic-themes.min.css?ver=1
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-d9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: t11hv6z0n3
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.225128,VS0,VE32
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 189
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/js/app.min.js?purge=2023428792784329

151.101.194.159

200 OK

195 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/js/app.min.js?purge=2023428792784329
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
195 kB (194987 bytes)
Hash
b91b351f0d4307c8e0de0a4a4101d0e6
edfb643cf4d21fe6977fe923961c286bb18bd818
c820f3be97eaef4688b043e46af9897e88067d17abb20f147d8633b9df1b3bfb

HTTP Headers

GET /wp-content/themes/gaf/build/js/app.min.js?purge=2023428792784329 HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 13:18:23 GMT
etag: W/"6413171f-8b80f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1679387815.246354,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 194987
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701

151.101.194.159

200 OK

34 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (50310)
Size
34 kB (33903 bytes)
Hash
c0c8a13b6365544afd9d4b64d4cf7032
ed2ec1e5a1a3388f83b776325043e1428798f94d
891839efa74070484a9c0273b2e0c2459952b9c8d0fb329a86fdd5f5d8f53de9

HTTP Headers

GET /wp-content/themes/gaf/build/styles/app.css?ver=1678972701 HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 16 Mar 2023 13:18:21 GMT
etag: W/"6413171d-2f4ec"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.227831,VS0,VE38
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 33903
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/images/gaf-logo.svg

151.101.194.159

200 OK

5.5 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/gaf-logo.svg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4681)
Size
5.5 kB (5537 bytes)
Hash
d274054eaefb4e13ce7e916af762257c
c2894523e4d169edbe2d638609c783d7b0e9b32b
b4a603f28d20275c888d7f9bb935e3ef40045165a87d785a62e419b8606d2cb3

HTTP Headers

GET /wp-content/themes/gaf/build/images/gaf-logo.svg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 17 Aug 2021 08:43:13 GMT
etag: W/"611b76a1-3192"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.233993,VS0,VE32
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 5537
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/uploads/2021/02/5B.3815.010-Cals-College-foto-exterieur-0x615-c-default.jpg

151.101.194.159

200 OK

76 kB

URL HTTP/2
www.gaf.eu/wp-content/uploads/2021/02/5B.3815.010-Cals-College-foto-exterieur-0x615-c-default.jpg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 1390x615, components 3\012- data
Size
76 kB (75504 bytes)
Hash
e6f9aeda56f6c0e50774adad931c9447
a1e23910766db53e01670d64b95cd988c3c5f0dd
c140cd1dccf4cb57143d1c9f9e05e38a42e739883bac7e4e23dde666937712be

HTTP Headers

GET /wp-content/uploads/2021/02/5B.3815.010-Cals-College-foto-exterieur-0x615-c-default.jpg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 25 Feb 2021 12:23:57 GMT
etag: W/"603796dd-136a3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.235967,VS0,VE37
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 75504
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/uploads/2021/02/NKOC-01-0x615-c-default.jpg

151.101.194.159

200 OK

112 kB

URL HTTP/2
www.gaf.eu/wp-content/uploads/2021/02/NKOC-01-0x615-c-default.jpg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 983x615, components 3\012- data
Size
112 kB (112504 bytes)
Hash
01aef2e4ffd8acee2e1d45523f83d2e8
95df482aaf151cdd510539de7145c41d511cec39
3c8ce788d09ade36add831e3c2607df12f351bc6de7bb24f2f921a8257bef073

HTTP Headers

GET /wp-content/uploads/2021/02/NKOC-01-0x615-c-default.jpg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 24 Mar 2021 15:47:04 GMT
etag: W/"605b5ef8-1b8eb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.234896,VS0,VE39
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 112504
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/js/gsap/Flip.min.js

151.101.194.159

200 OK

7.2 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/js/gsap/Flip.min.js
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (16333)
Size
7.2 kB (7182 bytes)
Hash
32995d4ed10eeba639bdee7023e20dfd
827d7083d96a66616f839ce514ba450416b21b62
337409c3d7168e866ba87a26d6e652cd1387f18a3b20dfe761531f9eeda8bbf4

HTTP Headers

GET /wp-content/themes/gaf/build/js/gsap/Flip.min.js HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 17 Aug 2021 08:44:18 GMT
etag: W/"611b76e2-40f6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.242625,VS0,VE38
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7182
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/images/graphics/graphic-full-dark.svg

151.101.194.159

200 OK

3.2 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/graphics/graphic-full-dark.svg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4921)
Size
3.2 kB (3165 bytes)
Hash
7691e4d2ad0feebd0cf49dad2bad7c47
90d095dbb53c0b0d27d3fe994fd923beb01a10f8
e3c0a1a3c2393bebbbe55b1cdc029e6772ee8cbbc0ea332997c38bbe333e0a50

HTTP Headers

GET /wp-content/themes/gaf/build/images/graphics/graphic-full-dark.svg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 17 Aug 2021 08:43:34 GMT
etag: W/"611b76b6-9105"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.238654,VS0,VE110
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 3165
X-Firefox-Spdy: h2

polyfill.io/v3/polyfill.min.js?features=IntersectionObserver

151.101.65.26

200 OK

113 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?features=IntersectionObserver
IP
151.101.65.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
113 B (113 bytes)
Hash
c59423b3478467facd9d3e4a8cf43475
f75ded911e8a72268ba1f05938bdd0271346f2d7
c4396f8b6a88f0e3b7f7e981871dee111c0362f19c1bc2643f5759ad39e83281

HTTP Headers

GET /v3/polyfill.min.js?features=IntersectionObserver HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gaf.eu
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 05 Mar 2023 16:54:09 GMT
useragent_normaliser: firefox/105.0.0
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: origin-when-cross-origin
timing-allow-origin: *
normalized-user-agent: firefox/105.0.0
detected-user-agent: Firefox/105.0.
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
age: 10502
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gaf.eu/wp-content/uploads/2021/02/SMC-06-0x615-c-default.png

151.101.194.159

200 OK

950 kB

URL HTTP/2
www.gaf.eu/wp-content/uploads/2021/02/SMC-06-0x615-c-default.png
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
PNG image data, 871 x 615, 8-bit/color RGBA, non-interlaced\012- data
Size
950 kB (950431 bytes)
Hash
d0fdc0f83effa83bc45b77774f6cd575
32139f4c276caa891ea376218bf713609d947ca9
a310a38cdbbf5f58e00cf16c3e2b65234df012923323828d98cf6557f8ac93ef

HTTP Headers

GET /wp-content/uploads/2021/02/SMC-06-0x615-c-default.png HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 24 Mar 2021 15:46:17 GMT
etag: W/"605b5ec9-e81c6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387815.237216,VS0,VE133
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 950431
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

142.250.74.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:05:07 GMT
expires: Tue, 19 Mar 2024 14:05:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 66708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

151.101.2.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
151.101.2.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
e63082cbd51944d5286ab7419e1d0fd9
952c5ce995c25b6f5cae3a274f3be52135d3a261
cc1c45f715ea66becb3873198af4511a09bc37ca028562346c35adfbd15e8c7b

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "727BC335422123375A5FF8E5455BC7B7D5F6F41A"
Expires: Tue, 21 Mar 2023 20:00:00 UTC
Last-Modified: Tue, 21 Mar 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 08:36:55 GMT
Via: 1.1 varnish
Age: 1734
X-Served-By: cache-bma1679-BMA
X-Cache: HIT
X-Cache-Hits: 5
X-Timer: S1679387815.456075,VS0,VE0

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gaf.eu/wp-content/themes/gaf/build/images/icons/icon-search-dark.svg

151.101.194.159

200 OK

292 B

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/icons/icon-search-dark.svg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
292 B (292 bytes)
Hash
204d0b91da5996bbdfa1dcfe9856cb39
06428d3d61f0dbf3bb5febf001be368d96e943c3
7f72fd64227ac6e981fabb1692b7aba1a2bdf9cd9bd67b87bea6b2181470c26b

HTTP Headers

GET /wp-content/themes/gaf/build/images/icons/icon-search-dark.svg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 17 Aug 2021 08:43:35 GMT
etag: W/"611b76b7-1df"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.528202,VS0,VE32
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 292
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/images/icons/icon-close.svg

151.101.194.159

200 OK

346 B

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/icons/icon-close.svg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
346 B (346 bytes)
Hash
e13eb97de3dd985cafb406c31d519216
7fa7dbf088daf0d70a1e3fff991590f1e8c91479
944dd646eaa13b5bbcb76cc3cf89b825e964e1f9d1205f787b097743133d05b8

HTTP Headers

GET /wp-content/themes/gaf/build/images/icons/icon-close.svg HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 17 Aug 2021 08:43:37 GMT
etag: W/"611b76b9-207"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.529774,VS0,VE31
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 346
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/styles/GAF-Bold.woff2

151.101.194.159

200 OK

31 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/styles/GAF-Bold.woff2
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 30696, version 1.0\012- data
Size
31 kB (30696 bytes)
Hash
7797d6a00d2b208aa2e29424dd13d1b1
465903ce763e1bef429c771dc6c561d4600141e5
333396d6fc6ff624c9a9c9025cdbc6d79054ec12a0c595b1437ade1278f6bd47

HTTP Headers

GET /wp-content/themes/gaf/build/styles/GAF-Bold.woff2 HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 17 Aug 2021 08:43:49 GMT
etag: "611b76c5-77e8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.536832,VS0,VE31
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 30696
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/styles/GAF-Regular.woff2

151.101.194.159

200 OK

31 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/styles/GAF-Regular.woff2
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 31376, version 1.0\012- data
Size
31 kB (31376 bytes)
Hash
6e93c13835eeff8741c12148476a6865
61491f4250785fc55207ac0ee6245e790968ed5b
7c4ff11b52b9fccdf851d054997ee06ac05fc3ae7f71ba236a841495cad847c3

HTTP Headers

GET /wp-content/themes/gaf/build/styles/GAF-Regular.woff2 HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.gaf.eu/wp-content/themes/gaf/build/styles/app.css?ver=1678972701
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 17 Aug 2021 08:43:51 GMT
etag: "611b76c7-7a90"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.539434,VS0,VE139
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 31376
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3944
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 08:36:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3944
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 08:36:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3944
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 08:36:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9062 bytes)
Hash
25023a307b323b4565ee2560c9f16ed1
e8becaaf74fcda8fe5187f589b3cf2f3fa870d93
9f976686d5a33122af889ede6456ed86c0dac867448cc3d81aaac45dfe5e946d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9062
x-amzn-requestid: d24fccfa-439a-4bcf-a984-456cb90b0bb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ByllJFJlIAMFZ1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6410e953-05321b2649fdc7a838e1b49a;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 21:38:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: gmwwRuo8tWCaSg6b9cLYFCbSH_E_HqAFLfgLPqh6OpQL9Mhw_l-p5A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 04:03:12 GMT
age: 16423
etag: "e8becaaf74fcda8fe5187f589b3cf2f3fa870d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13522 bytes)
Hash
97a37cecfd90072794d657e2074620cb
34c456db4f8b0bd7e3affe31a7cf02e4596a8188
889d4f26715418088c8747251ee068dfdb5c8d5024b1d43862012cb31acf9650

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13522
x-amzn-requestid: d39593de-64b8-44f6-9160-7aa61c26ed88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E-YoAMFm4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-7ad0b7e7747de71b5f751226;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: n5pAxSJ1BcrVBZmoxXkR4iYCHzev2j58oxPB75xwGbHI3Uyu-svmsw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:43 GMT
age: 39072
etag: "34c456db4f8b0bd7e3affe31a7cf02e4596a8188"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8195 bytes)
Hash
2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 36814
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-42168110-1

142.250.74.40

200 OK

7.9 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-42168110-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
data
Size
7.9 kB (7949 bytes)
Hash
01dce111a114c023773678c1ec6cba61
666d47c4e5415edbc489a3117b2f054129784ade
0a3d5ef914a64a3356ef8c08b9ab7be43ab335213966878c867ff1317de8bb36

HTTP Headers

GET /gtag/js?id=UA-42168110-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 08:36:55 GMT
expires: Tue, 21 Mar 2023 08:36:55 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6511 bytes)
Hash
4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yQgmYjA3RIk8IVzzOoHdYl60H1BO_IeCF_7d7AmTqjuIOxQIS2dyDw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:08:29 GMT
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
age: 37706
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4712 bytes)
Hash
d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: a-jsgTjZQKzBK_IFEYlrxbjpk6zou_7vbQe4ptwA1IOtUdlqDG2uWA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:24:07 GMT
age: 36768
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/images/favicon/apple-touch-icon.png

151.101.194.159

200 OK

1.3 kB

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/favicon/apple-touch-icon.png
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced\012- data
Size
1.3 kB (1279 bytes)
Hash
2a5a99c1df20cbea11798aefa5f9fe4b
76f41f62890e9c7f79b940f064920cf00b16aeaa
6f394d1af9b8932c50d611cf9ceae7be426e29b8987020c0ad718585ed070712

HTTP Headers

GET /wp-content/themes/gaf/build/images/favicon/apple-touch-icon.png HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 17 Aug 2021 08:43:20 GMT
etag: W/"611b76a8-51a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.702735,VS0,VE31
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1279
X-Firefox-Spdy: h2

www.gaf.eu/wp-content/themes/gaf/build/images/favicon/favicon-16x16.png

151.101.194.159

200 OK

606 B

URL HTTP/2
www.gaf.eu/wp-content/themes/gaf/build/images/favicon/favicon-16x16.png
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data
Size
606 B (606 bytes)
Hash
25cc684785c93da765649c751fd2554c
648b542ec6508271281b566c2cef0cd89857ab69
e7c3711246a4c61c9e9cef06a6e8a17c992d39d9e5c9e7b875da4266384d1ede

HTTP Headers

GET /wp-content/themes/gaf/build/images/favicon/favicon-16x16.png HTTP/1.1
Host: www.gaf.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gaf.eu/wp-content/plugins/term-management-tools/assets/src/daln/gass/cc.php
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 17 Aug 2021 08:43:17 GMT
etag: W/"611b76a5-267"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: t11hv6z0n3
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 21 Mar 2023 08:36:55 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679387816.704593,VS0,VE30
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 606
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.142

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 07:53:25 GMT
expires: Tue, 21 Mar 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 2610
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js

142.250.74.142

200 OK

63 kB

URL HTTP/2
www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (591)
Size
63 kB (63056 bytes)
Hash
1d890f22f292d22425dce4961cd00c73
f52a7a3f0128691522751049ca9a9eeb3cefa586
8477c16c7bc3984392656220b32b17026ccbbe5e4da255f7cc6ac1021cec5edc

HTTP Headers

GET /s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 63056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 00:59:11 GMT
expires: Wed, 20 Mar 2024 00:59:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 27464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30f3b190-942a-4719-9acd-24de4ce3cffb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5250 bytes)
Hash
6d65964786df6f0974add4e6e1557e8b
b0516c8fc89a28344607b18953f4ca6a47f3a766
13b494cee4481fda312d2496d64e6bf538af3560c3147e6d4644a55b53b03874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30f3b190-942a-4719-9acd-24de4ce3cffb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5250
x-amzn-requestid: e58ccd5e-c06b-4151-a89d-e5be457173a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5YtUFCwoAMF_zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6413a188-2b2a7f1d27d6e0572129b0e6;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 23:08:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: g02a1S-uNlNZX1Ee0mWQsaxYJ8p07F0b-jT4aMlfTre5bIx1hIKZcA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 08:32:44 GMT
age: 258
etag: "b0516c8fc89a28344607b18953f4ca6a47f3a766"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.youtube.com/iframe_api

142.250.74.142

200 OK

0 B

URL HTTP/2
www.youtube.com/iframe_api
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gaf.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 21 Mar 2023 08:36:55 GMT
date: Tue, 21 Mar 2023 08:36:55 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=l_7yf_tQ-Dc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=bjExBJjqYw0; Domain=.youtube.com; Expires=Sun, 17-Sep-2023 08:36:55 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+803; expires=Thu, 20-Mar-2025 08:36:55 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL