urlscan.io logo urlscan.io
SecurityTrails logo

www.gafm.com Open in urlscan Pro
35.174.132.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Submission: On August 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 65 HTTP transactions. The main IP is 35.174.132.21, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.gafm.com.
TLS certificate: Issued by R3 on June 10th 2023. Valid for: 3 months.
This is the only time www.gafm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 35.174.132.21 14618 (AMAZON-AES)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.224.132.111 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 108.138.36.75 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.58.223.182 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
65 13
16    35.174.132.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-132-21.compute-1.amazonaws.com
www.gafm.com
5    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    13.224.132.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-111.lhr3.r.cloudfront.net
cdn.ymaws.com
10    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    108.138.36.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-75.muc50.r.cloudfront.net
js.datadome.co
9    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.58.223.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-223-182.eu-central-1.compute.amazonaws.com
api-js.datadome.co
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
717 KB
16 gafm.com
www.gafm.com
136 KB
11 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 406
fonts.googleapis.com — Cisco Umbrella Rank: 77
156 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 3
96 KB
5 ymaws.com
cdn.ymaws.com — Cisco Umbrella Rank: 39895
539 KB
5 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1006
105 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
9 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 295
1 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 6296
api-js.datadome.co — Cisco Umbrella Rank: 5845
57 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 480
49 KB
65 10
Domain Requested by
16 www.gafm.com 2 redirects www.gafm.com
10 ajax.googleapis.com www.gafm.com
ajax.googleapis.com
9 www.gstatic.com www.gafm.com
www.google.com
www.gstatic.com
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.google.com www.gafm.com
www.google.com
www.gstatic.com
5 cdn.ymaws.com www.gafm.com
cdn.ymaws.com
5 maxcdn.bootstrapcdn.com www.gafm.com
maxcdn.bootstrapcdn.com
3 cdnjs.cloudflare.com www.gafm.com
2 bam.nr-data.net www.gafm.com
1 js-agent.newrelic.com www.gafm.com
1 api-js.datadome.co www.gafm.com
1 js.datadome.co www.gafm.com
1 fonts.googleapis.com www.gafm.com
65 13

This site contains links to these domains. Also see Links.

Domain
masterscertification.com
www.yourmembership.com
Subject Issuer Validity Valid
www.gafm.com
R3		 2023-06-10 -
2023-09-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.ymaws.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-10-10		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.datadome.co
Gandi Standard SSL CA 2		 2022-10-13 -
2023-10-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Frame ID: 7EE5277DB0156B0040D1638ECDBDD543
Requests: 47 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Frame ID: FD3D195331500B331B565E596F25C54A
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Frame ID: 1AD000853EC06066A101A5942BF558BC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Global Academy of Finance & Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

65
Requests

97 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1864 kB
Transfer

3593 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.gafm.com/graphics/logo.png HTTP 301
  • https://cdn.ymaws.com/www.gafm.com/graphics/logo.png
Request Chain 21
  • https://www.gafm.com/graphics/aapm-best.jpg HTTP 301
  • https://cdn.ymaws.com/www.gafm.com/graphics/aapm-best.jpg

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request default.asp
www.gafm.com/invoice/ 		89 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
a0a6985b8e6f45be6a7906584f4ca87c4f7483459e1e6cadbd35304f51f7a6bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; Charset=utf-8
date
Tue, 08 Aug 2023 18:59:21 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-datadome
protected
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
16881426
cdn-cachedat
2021-06-08 14:23:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
990eb37a8813a99367bd383681b974a4
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7f39fefd3c7b91e9-FRA
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617
age
17632540
cdn-cachedat
2021-06-08 14:35:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a25b3b26237dd55b5f417f26a9965dbb
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7f39fefd3c8191e9-FRA
cdn-requestpullsuccess
True
jquery.smartmenus.bootstrap.css
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/jquery.smartmenus.bootstrap.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4908921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
807
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-e30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5YGqOaFyPDp9lwvKQtLCk2xP8NPqaGnSBxMfsZcaWB3mcx8TidN%2BaRlBD6b6M89kBLGDJU4TWck1oUvJaImZizBAz4FaZO%2FeAJAjDKt6JH%2FTAJkWkTenyJ4phicwKl8b3gWNQOIKQr9Vt8gufHbIDT2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f39fefd2dd49bb2-FRA
expires
Sun, 28 Jul 2024 18:59:21 GMT
combined_v138.css
cdn.ymaws.com/gafm.site-ym.com/css/20221025/sp/ 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ymaws.com/gafm.site-ym.com/css/20221025/sp/combined_v138.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-132-111.lhr3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fefdbb8b0bc251b887e6e1f26427cce48dca2bc9e00c4d2e1f4f37aef16a047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
467gHMz.bX_K8I357zauEHIHOx.c_N1q
date
Tue, 08 Aug 2023 18:31:13 GMT
via
1.1 0d02f7d76448fc6a58a71c5efe4feef2.cloudfront.net (CloudFront)
last-modified
Fri, 26 May 2023 13:15:54 GMT
server
AmazonS3
x-amz-cf-pop
LHR3-C2
age
1689
x-amz-server-side-encryption
AES256
etag
"12fcb7327deedc50896309e47f1c7023"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
101651
x-amz-cf-id
U1XTdaeRIl77r1W_6OkhT51HPvCOBol1_q_WI0kmWSN4NJYdSRczHQ==
container.css
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250b8e9beb769ee52e03836896a992927c48c4cead9c8636cb6beb96d3bab335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1274
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 23:16:15 GMT
yuimenu.css
www.gafm.com/global_graphics/skins/MemberCustomPageMenu/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/global_graphics/skins/MemberCustomPageMenu/yuimenu.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
f2f4aabd6e47cd456d35645974506d9f63515bbc1e71d29b77101f150c280ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
content-encoding
gzip
etag
W/"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
text/css
x-xss-protection
1; mode=block
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
16881426
cdn-cachedat
2021-04-13 02:48:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3e4766ad0ddfa4bdecb1b0dc22b73ef7
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7f39fefd3c8391e9-FRA
cdn-requestpullsuccess
True
yahoo-dom-event.js
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/yahoo-dom-event.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 19:11:07 GMT
dragdrop-min.js
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/dragdrop/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/dragdrop/dragdrop-min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf10b3aa3041ae132b5bf14911d22da15d5559c2d8bfba867705e2ed5660d279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 09:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7014
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 09:57:48 GMT
container-min.js
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/container-min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6510126cd65f46ec42cba4c112d83793aaf10551d79dae6dff8a3e8b62eb891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 11:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19857
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 11:01:42 GMT
menu-min.js
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/menu/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/menu/menu-min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9864e0dd14beece0295cde2f45325b0f511400ea740d1b8c0c62ac710b19e202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 07:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15938
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 07:35:51 GMT
json-min.js
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/json/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/json/json-min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 02:35:38 GMT
x-content-type-options
nosniff
age
318223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4919
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 02:35:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 02:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 02:11:17 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4bf411611a715a5752d6e80345cd5fa56731a8ff96e54e5212024337a1c6984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 20:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51847
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 20:46:37 GMT
combined.js
cdn.ymaws.com/global/js/20221207/frontend/ 		411 KB
412 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ymaws.com/global/js/20221207/frontend/combined.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-132-111.lhr3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03ef0f78641c9dc4c10cb6315aca4f78555f86161df5eadd9410d9d2952e3718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
CrPMJdcoVax2KgZu9xJyDkd7W8wkQeL5
date
Tue, 08 Aug 2023 18:42:46 GMT
via
1.1 0d02f7d76448fc6a58a71c5efe4feef2.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 08:15:32 GMT
server
AmazonS3
x-amz-cf-pop
LHR3-C2
age
996
x-amz-server-side-encryption
AES256
etag
"409a6ffb6c8fd8d5776aa82e3444fffb"
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
420702
x-amz-cf-id
S7dRRxtlJn2PrRmEqCmiwOk3CcNjqE_KDk1rtk_-O9vY-rE6O-ouBA==
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
16881420
cdn-cachedat
2021-06-16 21:45:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f49888d0efde4250a350aaefa5312ca9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7f39fefd3c8591e9-FRA
cdn-requestpullsuccess
True
jquery.smartmenus.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/jquery.smartmenus.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f77319a0bd5d1f34c0331be9b59168f51afb97c53884b998d554a20e4f6b3a0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8550738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6108
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-5d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0%2FHSroGUl2NeIdbvl8XFeoTKsL8UECux0uLvOs9dGi%2BVXLJ3tvRw1GJjUcvcBeHoHABYxuJAeE%2BTNzmqWz0mx%2FkYYG75f9hhb5PNGrZ01HS4QAOTL9dfZuTIp8zKU8PlnLAUkheWh7kkkea7gnpgY5Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f39fefd3dd79bb2-FRA
expires
Sun, 28 Jul 2024 18:59:21 GMT
jquery.smartmenus.bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/ 		2 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/jquery.smartmenus.bootstrap.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2d898ab68c7469bb7bcd94baf4da50658fb85da0cfcf58adaf7ac2e93c5f4b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8898721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
665
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-63a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F%2FMU9SjPZOrp6yTzn1AH9g1cLwxElBOo8%2FXUvO7M1BgwyRB9BAUIhHMzqkusPRWpT%2FuO9dXQJ5%2FWc%2Bs2CWi%2FM%2FTQbLbSIiNTrk%2F47zN1%2Fndnlj2mUTZT1xQqP4ERUOSmogAOPioH08rRD%2BVx5ueuDRc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f39fefd3dda9bb2-FRA
expires
Sun, 28 Jul 2024 18:59:21 GMT
AddTableLabels.js
www.gafm.com/global_inc/site_templates/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/global_inc/site_templates/js/AddTableLabels.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
356c0940f6089f957d8cf18f6d56b7bc2cb0ac07cacd378e40c3f9a81447748a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:38 GMT
etag
"051bba0c5c5d91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
1694
x-xss-protection
1; mode=block
print_bw.gif
www.gafm.com/global_graphics/icons/ 		445 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_graphics/icons/print_bw.gif
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
a07318a9dcf4891de4c176d81b1d531b905326a14d7e7843a719f6bb7d85d521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
etag
"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
445
x-xss-protection
1; mode=block
logo.png
cdn.ymaws.com/www.gafm.com/graphics/
Redirect Chain
  • https://www.gafm.com/graphics/logo.png
  • https://cdn.ymaws.com/www.gafm.com/graphics/logo.png
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ymaws.com/www.gafm.com/graphics/logo.png
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Server
13.224.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-132-111.lhr3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
001774e6b34dfc948f05dfd1adfde2206523396bd5a62e5bc7ed9e19eb8042fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 08 Aug 2023 18:16:43 GMT
via
1.1 0d02f7d76448fc6a58a71c5efe4feef2.cloudfront.net (CloudFront)
last-modified
Sun, 01 Apr 2018 04:30:53 GMT
server
AmazonS3
x-amz-cf-pop
LHR3-C2
age
2560
etag
"b586f77ea31bbf222474f7a2aa76807f"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
21626
x-amz-cf-id
v9FsYQqgYqDnbuxZUk-g8ywjaSpP_jLteZoeaxhuYP8JFSiMcSnOcg==

Redirect headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-powered-by
ASP.NET
content-type
text/html
location
https://cdn.ymaws.com/www.gafm.com/graphics/logo.png
content-length
262
x-xss-protection
1; mode=block
aapm-best.jpg
cdn.ymaws.com/www.gafm.com/graphics/
Redirect Chain
  • https://www.gafm.com/graphics/aapm-best.jpg
  • https://cdn.ymaws.com/www.gafm.com/graphics/aapm-best.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ymaws.com/www.gafm.com/graphics/aapm-best.jpg
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Server
13.224.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-132-111.lhr3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f9e9919b90133d83d7b29b744878043eaada016153111a8835ee9d056bb763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 08 Aug 2023 18:22:18 GMT
via
1.1 0d02f7d76448fc6a58a71c5efe4feef2.cloudfront.net (CloudFront)
last-modified
Sun, 01 Apr 2018 04:30:51 GMT
server
AmazonS3
x-amz-cf-pop
LHR3-C2
age
2225
etag
"a41d8e283e84bf7c041efcfe8467daae"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
3947
x-amz-cf-id
GGoa_EMar9ZOvLawuTVPn7mAmn6YGUtvtc7JTq-LGJdM8wh0BtTMjA==

Redirect headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-powered-by
ASP.NET
content-type
text/html
location
https://cdn.ymaws.com/www.gafm.com/graphics/aapm-best.jpg
content-length
267
x-xss-protection
1; mode=block
jquery-ui-custom.css
www.gafm.com/global_inc/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/global_inc/jquery-ui-custom.css
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
6beb6659ea2b587f50a205663a3532e0ce389bf4fd4bb5c339c25cfc72c8e5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
content-encoding
gzip
etag
W/"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
text/css
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
836716a39f6c2c6b5c798b6356a80eadd18c7a6379a5e1117f721307e6f221c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
550
x-xss-protection
1; mode=block
expires
Tue, 08 Aug 2023 18:59:22 GMT
invoice_16x16.png
www.gafm.com/global_graphics/icons/ 		305 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_graphics/icons/invoice_16x16.png
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
38cad8e8a8a8b403943aa0d3b631febacb7804d886833539b671aef058952e20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
etag
"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
305
x-xss-protection
1; mode=block
ssl-new.gif
www.gafm.com/global_graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_graphics/ssl-new.gif
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
ca9e26c16ab9fb90136acbc25853a9ec528b7aac601edbcaf11d6de34185251f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
etag
"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
1521
x-xss-protection
1; mode=block
btn_xpressCheckout.gif
www.gafm.com/global_graphics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_graphics/btn_xpressCheckout.gif
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
f7a80eced1f7b398c9c143bf125e25e9888c58e55d2a66877d97c951bc0bc3dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
etag
"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
3091
x-xss-protection
1; mode=block
pulse.asp
www.gafm.com/ 		0
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/pulse.asp
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VwUEUlVVDhABUVZSBwgCUlUF
tracestate
1090081@nr=0-1-3333366-1588688486-4061429bbf431522----1691521161965
traceparent
00-f10e1e2734a31a0797e580206396e9a9-4061429bbf431522-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjQwNjE0MjliYmY0MzE1MjIiLCJ0ciI6ImYxMGUxZTI3MzRhMzFhMDc5N2U1ODAyMDYzOTZlOWE5IiwidGkiOjE2OTE1MjExNjE5NjUsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory
8
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-datadome
protected
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-powered-by
ASP.NET
content-type
text/html
cache-control
private
content-length
0
x-xss-protection
1; mode=block
pulse.aspx
www.gafm.com/ 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/pulse.aspx
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VwUEUlVVDhABUVZSBwgCUlUF
tracestate
1090081@nr=0-1-3333366-1588688486-6a46d140c32b1e58----1691521161965
traceparent
00-01a65a8e4f0c5e2601a0e8fb4d60f64c-6a46d140c32b1e58-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjZhNDZkMTQwYzMyYjFlNTgiLCJ0ciI6IjAxYTY1YThlNGYwYzVlMjYwMWEwZThmYjRkNjBmNjRjIiwidGkiOjE2OTE1MjExNjE5NjUsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory
8
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-datadome
protected
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
cache-control
private
content-length
0
x-xss-protection
1; mode=block
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 10:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 10:54:10 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://www.gafm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
81717
cdn-cachedat
01/30/2022 20:52:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64464
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
712073bd37b42c042e926cbbe2f9ce59
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f39fefe6f172ba6-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		4 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,300,300italic,400italic&subset=latin
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dd4ee6fa6e3f4d40666014e44287d462b3f415837df52d473653c64ef908f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Aug 2023 18:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 18:59:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Aug 2023 18:59:22 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,300,300italic,400italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gafm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 05:12:56 GMT
x-content-type-options
nosniff
age
308786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 05:12:56 GMT
7Au-p_0qiz-afTf2LwLT.woff2
fonts.gstatic.com/s/muli/v28/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Au-p_0qiz-afTf2LwLT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,300,300italic,400italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
542aa3a659dae23a91406e12842f7c1554e955238427f8374c6a1e17bfdb1940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gafm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 02:32:04 GMT
x-content-type-options
nosniff
age
318438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32108
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 02:32:04 GMT
helpme.gif
www.gafm.com/global_graphics/icons/ 		552 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_graphics/icons/helpme.gif
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
4824218ada82d48c7e8d7844e26aa13cfa6f1608f583a7d629c0694f36a05388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 04:47:36 GMT
etag
"0248a9fc5c5d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
552
x-xss-protection
1; mode=block
tags.js
js.datadome.co/ 		276 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-75.muc50.r.cloudfront.net
Software
Apache /
Resource Hash
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
date
Tue, 08 Aug 2023 18:06:03 GMT
x-amz-cf-pop
MUC50-P2
age
3199
x-cache
Hit from cloudfront
content-length
57540
last-modified
Mon, 05 Jun 2023 12:59:27 GMT
server
Apache
etag
"44e84-5fd6178ff85b9-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
ZrkdIDiyZ0zP2rlt4yjx-JzSUofrJo7yILd8Kd_RnpFQXos81I-ygw==
expires
Tue, 08 Aug 2023 19:06:03 GMT
sprite.png
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/assets/skins/sam/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/assets/skins/sam/sprite.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f4fbd79ef5a544eb28ea9472c8ee20d220939a3faed242871568782c1984cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:28:30 GMT
x-content-type-options
nosniff
age
343852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3745
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 19:28:30 GMT
footerLinkBG.png
cdn.ymaws.com/gafm.site-ym.com/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ymaws.com/gafm.site-ym.com/graphics/footerLinkBG.png
Requested by
Host: cdn.ymaws.com
URL: https://cdn.ymaws.com/gafm.site-ym.com/css/20221025/sp/combined_v138.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.132.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-132-111.lhr3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc102bdcb9dde0fb20cc2d446323fa1f365e26c33a5f3d0524157ec34d908348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ymaws.com/gafm.site-ym.com/css/20221025/sp/combined_v138.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 08 Aug 2023 18:59:23 GMT
via
1.1 0d02f7d76448fc6a58a71c5efe4feef2.cloudfront.net (CloudFront)
last-modified
Sun, 01 Apr 2018 04:30:53 GMT
server
AmazonS3
x-amz-cf-pop
LHR3-C2
etag
"4dfd5e6b86fd2a14f5b6a41ccf8365b7"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1055
x-amz-cf-id
nOjcPUvXjMc3MlwL623l06DJqMR6MELbydP5P8HwMJLybisTpp-vZA==
BreadCrumbService.aspx
www.gafm.com/global_engine/ajax/ 		0
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/global_engine/ajax/BreadCrumbService.aspx?url=%2Finvoice%2Fdefault.asp%3Fid%3D82315F74-384A-467D-BD6E-EB135F1AC036&ref=
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VwUEUlVVDhABUVZSBwgCUlUF
tracestate
1090081@nr=0-1-3333366-1588688486-15adbf0aba28f86a----1691521162076
traceparent
00-36f54b1419b930d5d7190c7bae215dfe-15adbf0aba28f86a-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjE1YWRiZjBhYmEyOGY4NmEiLCJ0ciI6IjM2ZjU0YjE0MTliOTMwZDVkNzE5MGM3YmFlMjE1ZGZlIiwidGkiOjE2OTE1MjExNjIwNzYsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory
8
Accept
text/html, */*; q=0.01
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-datadome
protected
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
cache-control
private
content-length
0
x-xss-protection
1; mode=block
ui-bg_flat_75_ffffff_40x100.png
www.gafm.com/global_inc/images/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gafm.com/global_inc/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/global_inc/jquery-ui-custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
8087a632b7eedf3bea3a2d3affda6595beee37defff37fc65afc65769cf43fb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/global_inc/jquery-ui-custom.css
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-device-memory
8

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
content-security-policy
frame-ancestors 'self'
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
x-xss-protection
1; mode=block
location_select.asp
www.gafm.com/global_engine/ajax/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gafm.com/global_engine/ajax/location_select.asp?ship=False&_value=United+States
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-132-21.compute-1.amazonaws.com
Software
/ ASP.NET
Resource Hash
408c4fa44c622f699bbff377ae166f6e41a702da5158a2b8fc21254942aff879
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VwUEUlVVDhABUVZSBwgCUlUF
tracestate
1090081@nr=0-1-3333366-1588688486-56b26f8e9ee1a0d5----1691521162085
traceparent
00-31caa4ba96a359f84278c29c262c504d-56b26f8e9ee1a0d5-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjU2YjI2ZjhlOWVlMWEwZDUiLCJ0ciI6IjMxY2FhNGJhOTZhMzU5Zjg0Mjc4YzI5YzI2MmM1MDRkIiwidGkiOjE2OTE1MjExNjIwODUsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory
8
Accept
*/*
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
content-security-policy
frame-ancestors 'self'
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
content-encoding
gzip
x-datadome
protected
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/plain; Charset=utf-8
cache-control
private
x-xss-protection
1; mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 		436 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Origin
https://www.gafm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179643
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 04:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 16:59:02 GMT
/
api-js.datadome.co/js/ 		229 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.223.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-223-182.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
b9e0144e6721f408b7ed1e10db90f94f5229a2d1d37f9638a751848c5b1cd382

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 08 Aug 2023 18:59:22 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
229
expires
0
anchor
www.google.com/recaptcha/api2/ Frame FD3D 		51 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d0b0dfd5318f6f053c1371dbfd8377a922e5a5f7ff8f256f97c4f1d4c2952e0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oHZDHkPGqS9L2fP-KdcQFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28773
content-security-policy
script-src 'report-sample' 'nonce-oHZDHkPGqS9L2fP-KdcQFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 18:59:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame FD3D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 15:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 04:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 15:02:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame FD3D 		436 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179643
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 04:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 16:59:02 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FD3D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 09:40:05 GMT
x-content-type-options
nosniff
age
379157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 11 Aug 2023 09:40:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 08:35:58 GMT
x-content-type-options
nosniff
age
296604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 05:38:49 GMT
x-content-type-options
nosniff
age
393633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 05:38:49 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FD3D 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8&co=aHR0cHM6Ly93d3cuZ2FmbS5jb206NDQz&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=x5uj7bhw0i0h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 08 Aug 2023 18:59:22 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
date
Tue, 08 Aug 2023 18:59:22 GMT
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
WPMFB0VJG75YV1Z7
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
50049
x-amz-id-2
FZGRs9jHoygJROiHGl6xMkWo6b2J8tT5vX+5wqPZ7xbNvPJpdkGEDO9l2DizwaxY1IJipLlFmJk=
x-served-by
cache-fra-etou8220105-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1691521163.628640,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
340
bframe
www.google.com/recaptcha/api2/ Frame 1AD0 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
95e65210d0b05c85f336975cfdf950abefb3c2994b905ad0a21b9b4c2d8fb625
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sJvaUdat32N76umFlmu4AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1151
content-security-policy
script-src 'report-sample' 'nonce-sJvaUdat32N76umFlmu4AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 18:59:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
NRJS-7d472678909500711f3
bam.nr-data.net/1/ 		56 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-7d472678909500711f3?a=1570095414&v=1216.487a282&to=NVFWZUdYC0JTBkFfVwwbYUNcFgxfRApcVV1NUFFXVEwJRRwERkY%3D&rst=2091&ck=1&ref=https://www.gafm.com/invoice/default.asp&qt=1&ap=539&be=1066&fe=1880&dc=1328&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1691521160721,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:66,%22c%22:66,%22s%22:171,%22ce%22:279,%22rq%22:280,%22rp%22:1040,%22rpe%22:1041,%22dl%22:1043,%22di%22:1329,%22ds%22:1329,%22de%22:1529,%22dc%22:1880,%22l%22:1880,%22le%22:1883%7D,%22navigation%22:%7B%7D%7D&fp=1263&fcp=1263&jsonp=NREUM.setToken
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 18:59:23 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7f39ff03da050418-FRA
styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 1AD0 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 15:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 04:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 15:02:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 1AD0 		436 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179643
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 04:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 16:59:02 GMT
reload
www.google.com/recaptcha/api2/ Frame 1AD0 		41 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09063a6b5b916c187ed11dfe19db9d6521e559bf0363379239377c14788905e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 08 Aug 2023 18:59:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25133
x-xss-protection
1; mode=block
expires
Tue, 08 Aug 2023 18:59:22 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1AD0 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:41:47 GMT
x-content-type-options
nosniff
age
292655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 12 Aug 2023 09:41:47 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1AD0 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 15:22:46 GMT
x-content-type-options
nosniff
age
358596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 11 Aug 2023 15:22:46 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1AD0 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 03:43:50 GMT
x-content-type-options
nosniff
age
400532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 11 Aug 2023 03:43:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1AD0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 08:35:58 GMT
x-content-type-options
nosniff
age
296604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1AD0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 03:38:02 GMT
x-content-type-options
nosniff
age
400880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 03:38:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1AD0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 05:38:49 GMT
x-content-type-options
nosniff
age
393633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 05:38:49 GMT
payload
www.google.com/recaptcha/api2/ Frame 1AD0 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06ADUVZwAAZqBhMnplL-u4OJ1SyDpiD7K5vQlyq9KeoUO4TbmoazVQ8gUi9NKksur-0-3-vCoj5EGP-dX-mmKSK2tmpI0Iv0lJBi3ShOcEOoqaI3YOz9lwdwmIsVu2WVBwOWTrgTc09u64SB5O6HQoakUVFD5AEvozDa1S8Dv2cM3VgQHqbuVG-PZuVUpvDRr_zJVl29EQKH-zXO0e0sVce3bo-9JJSkm_ew&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14813b31544847a7a8ffa22884106a1b8c13d222ed15b2d7d0dce2eeba7961e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&k=6Lf3F0EmAAAAAMRD-SG1M_-qtzTU_F896wqFMnJ8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:59:23 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41542
x-xss-protection
1; mode=block
expires
Tue, 08 Aug 2023 18:59:23 GMT
NRJS-7d472678909500711f3
bam.nr-data.net/events/1/ 		24 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-7d472678909500711f3?a=1570095414&v=1216.487a282&to=NVFWZUdYC0JTBkFfVwwbYUNcFgxfRApcVV1NUFFXVEwJRRwERkY%3D&rst=2396&ck=1&ref=https://www.gafm.com/invoice/default.asp
Requested by
Host: www.gafm.com
URL: https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.gafm.com/invoice/default.asp?id=82315F74-384A-467D-BD6E-EB135F1AC036
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 08 Aug 2023 18:59:23 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.gafm.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7f39ff057c950418-FRA
Content-Length
24

Verdicts & Comments Add Verdict or Comment

312 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| NREUM object| newrelic function| __nr_require object| YAHOO function| $ function| jQuery function| DP_jQuery_1691521161956 boolean| m_blnDoBodyUnload undefined| m_winAddressManager undefined| m_BlinkTopAlertBarTID number| m_iTopAlertBarHeight number| m_iTopToolBarHeight undefined| ProgressID boolean| ShowProgressBar undefined| DefaultTimer object| CategorySearchResults function| WriteAdminNavBar function| ToggleAdminEditMode function| WriteTopAlertBar function| WriteTopToolBar function| CreateProgressBarMarkup function| WriteProgressBar function| pollForProgress function| createBadgeYUI function| showBadge function| StickyFooterWithAlertBar function| StickyFooter function| HideOnScroll function| QuickSearchForm_DoSubmit function| QuickSearchForm_OnFocus function| BlinkTopAlertBar function| CheckCityStateZip function| CheckMultipartForms function| DoUploadProgress function| openCsvExport function| openAddressManager function| closeAddressManager function| openMugshotPopup function| openPrintView boolean| m_blnInlineHelpIsOn function| switchInlineHelpDisplay function| doInlineHelpOn function| doInlineHelpOff function| setInlineHelpCookie function| setInlineHelpDisplay function| setInlineHelpDisplayItems function| initInlineHelpDisplay function| mediaPopup function| AlertAppUpdate function| ConfirmSignIn function| SearchForm_q_OnKeyPress function| SearchForm_Validate function| StartNewSearch function| FilterSearchByCatalog function| FilterIframeSearchCatalog function| emoticon undefined| m_bYuiGenericDialogResult string| m_sDialogHeaderText function| YuiGenericDialog function| YuiGenericDialogCallback_ButtonClick function| YUIConfirm function| YUIConfirmCustomHeader function| YUIConfirmCustomHeaderCustomPosition function| YuiGenericAlert function| ShowPageAlert function| RaiseAlert function| getCurrentTime function| fixnewlines function| objectExists function| isEmpty function| replaceAccents function| replaceReturns function| insertAtCaret function| setCaretTo function| stripHtml function| urlDecode function| setCookie function| setCookie_Secure function| getCookie function| addEventHandler_OnLoad function| addEventHandler_OnUnload function| addEventHandler_OnLoadAndUnload function| addEventHandler_OnSubmit function| addEventHandler_OnSubmitChained boolean| blnRefreshWindow boolean| blnCallBackRefresh function| getWinSize function| windowIsOpen function| setOpenerRefresh function| reloadSelf function| refreshOpener function| openerLocation function| focusPopup function| goToUrlOnClick function| goToUrlOnClickTargetParent function| openPopup function| returnPopup function| closePopup function| setWinStatus function| addOptionToSelectList function| removeSelectedOption function| addHiddenInputToForm function| ClearDefaultValue function| checkRadioByValue function| getCheckedRadioValue function| getSelectedText function| getSelectedTextById function| getSelectedValue function| getSelectedValueById function| selectOptionByValue function| verifyMsg function| CheckALL function| UnCheckALL function| formFocus function| buildHumanSQL function| ClickOnCrKeyPress function| DoOnCrKeyPress function| SubmitOnCrKeyPress function| VoidOnCrKeyPress function| getkey function| confirmDelete function| InlineDelete_Submit function| InlineItem_Delete function| UserListAdd function| UserListRemove function| RebuildUserList function| adjustIFrameHeight function| adjustIFrameHeight300 function| getIFrameDoc function| ul_onclick function| setDisplay function| switchDisplay function| switchDisplayToggle function| getCssDisplayCookie function| setCssDisplayCookie function| textCounter function| TextCounter_Window_OnLoad function| InitTextCounter function| dhtmlDisplay function| dhtmlFormEdit function| dhtmlFormSubmit function| MaximizeScrollingBlock function| RestoreScrollingBlock function| setInnerHtmlFromHttpRequest undefined| clockForm undefined| clockTime undefined| clockTimeout undefined| clockFormat undefined| clockTid undefined| clockRefresh function| doDate function| startCountdown function| CharShiftDecrypt function| jupload_result function| getAllSheets function| createPrintPagePopup function| getQueryStringParam function| setQueryStringParam number| m_customFormPageNum object| m_customFormPageErrors undefined| m_customFormMultiPageGuid function| ShowCustomFormPage function| SubmitCustomForm function| createBasicYUI function| showDialog function| openFileUploadDialog function| OpenTextEditor function| GetTextEditorContent function| HandleTextEditorSave function| ShouldShowWidgets function| ToggleWidgets function| cleanupHtmlForMobileMenu function| isValidEmailAddress function| GetChildNodeValue function| GetNodeValue function| NewNode function| NewCdataNode string| FORM_VALIDATION_URL function| defaultBadBrowserHandler function| ignoreBadBrowser function| DisableToolbarButton function| EnableToolbarButton function| newXmlDoc function| newXmlHttp function| sendSimpleHttpRequest function| getXml function| loadNewXml function| ValidateForm function| YAHOOinitContextualHelp function| HelpLink_OnClick function| HelpLink_Engagement_OnClick function| getBackendHelpLink function| getHelpLink function| getHelpLinkEngagement function| getHelpTextLink function| CustomHelpLink_OnClick function| CustomHelpLink_OnMouseOut function| getCustomHelpLink function| AutoCompleteField function| AutoCompleteField_FocusHandler function| BindAutoCompleteValues function| actb function| addEvent function| removeEvent function| stopEvent function| getElement function| getTargetElement function| stopSelect function| getCaretEnd function| getCaretStart function| setCaret function| setSelection function| curTop function| curLeft function| isNumber function| replaceHTML function| Pulse undefined| m_ChatTID undefined| m_ChatRequestAlert function| alertBadBrowser function| openNewChatWindow function| openChatWindow function| getChatWinName function| getChatCookie function| setChatCookie function| getChats function| pollForChats function| RaiseChatRequestAlert function| HideChatRequestAlert function| AddToChatToolBar function| ChatToolBarFlash function| ChatToolBar_OnMouseOver function| ChatToolBar_OnMouseOut function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_SW_RunContent function| AC_GetArgs function| AC_AX_RunContent function| AC_AX_GetArgs function| htmlHardDecode function| htmlSoftDecode function| escapeHtml function| decodeObject function| Interval function| HtmlContentInterval function| CDataContentInterval function| SelfClosedTagInterval function| BaseTagInterval function| ClosingTagInterval function| TagInterval function| StyleTagInterval function| CDataTagInterval function| HtmlParser function| FilterLogic object| basicRssParseStrategy object| domElements object| xmlReader object| AutoCompleteField_OnFocus function| JQClass function| moment object| jQuery17205761606028961463 object| m_pulse function| PrintPageClickHandler object| PrintPage_OnClick object| WebFontConfig object| WebFont boolean| organizationSelected function| SetOrganizationSelection function| ClearOrganizationSelection object| gicInvisibleReCaptchaToken object| gicInvisibleReCaptchaSender function| OnInvisibleReCaptchaSubmit function| OnInvisibleReCaptchaClientClick function| HideAlert function| showProcessingAlert function| Window_OnLoad function| setPaymentOptionVisibility boolean| tdsv2Enabled function| disableSubmitButton function| ShowWorkingMessage function| HideWorkingMessage boolean| blnOverrideTDSv2Check function| FinishCheckout string| ddjskey object| ddoptions string| key object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _0x4860b6 object| _0x71b1dd object| _0x9fb528 object| _0x5a010d function| _0x4a2f object| _0x1e58e9 object| _0xb521b6 object| _0x360167 object| _0x24fe77 function| _0x3057 object| _0x18e046 object| _0x267338 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| recaptcha object| closure_lm_619852

11 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AD1dMirsirRwgnSNzbA-otMq8lClPa5U63f2MiqiL4J2mr3Q_EKLkGRuoysXG_b8EfF94E-bk2BUytClRDdpLtY
www.gafm.com/ Name: YmSessionId
Value: ef34dc27-d9cb-4feb-ba80-7ea64d47044a
www.gafm.com/ Name: ASPSESSIONIDAASQQTDR
Value: HKMMKMDBCMDECJEGJDCBCEEB
www.gafm.com/ Name: PulseOff
Value: 0
www.gafm.com/ Name: PulseLC
Value: 1691521161964
www.gafm.com/ Name: PulseLH
Value: 1691521161964
www.gafm.com/ Name: ASPSESSIONIDCASTQRDQ
Value: FLNFHDEBOCNNNNMIGJFIAEFK
www.gafm.com/ Name: ASPSESSIONIDAATSSQDQ
Value: BDGFIMDBIDLLAMGMHJDNBGDE
www.gafm.com/ Name: ASP.NET_SessionId
Value: 3dhfobah1rtfl35xmzgrxlud
.gafm.com/ Name: datadome
Value: 1-6wrKHcn6enyRuImZ_J0jcHIXObULUAY62xsHXEuVKYPywMAQfjZKSkoJMrE6AhOJWr9MasVZGP1hVmvJlpklCpPo-YGI3lgvNAFFK68C1eD0_cd3CJ44t9wXXR4DJe
.nr-data.net/ Name: JSESSIONID
Value: 9f3a38f732ff81c2

1 Console Messages

Source Level URL
Text
network error URL: https://www.gafm.com/global_inc/images/ui-bg_flat_75_ffffff_40x100.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.datadome.co
bam.nr-data.net
cdn.ymaws.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.datadome.co
maxcdn.bootstrapcdn.com
www.gafm.com
www.google.com
www.gstatic.com
108.138.36.75
13.224.132.111
151.101.2.137
162.247.241.14
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
35.174.132.21
52.58.223.182
001774e6b34dfc948f05dfd1adfde2206523396bd5a62e5bc7ed9e19eb8042fc
03ef0f78641c9dc4c10cb6315aca4f78555f86161df5eadd9410d9d2952e3718
09063a6b5b916c187ed11dfe19db9d6521e559bf0363379239377c14788905e2
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
14813b31544847a7a8ffa22884106a1b8c13d222ed15b2d7d0dce2eeba7961e2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
250b8e9beb769ee52e03836896a992927c48c4cead9c8636cb6beb96d3bab335
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
356c0940f6089f957d8cf18f6d56b7bc2cb0ac07cacd378e40c3f9a81447748a
37f9e9919b90133d83d7b29b744878043eaada016153111a8835ee9d056bb763
38cad8e8a8a8b403943aa0d3b631febacb7804d886833539b671aef058952e20
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d2d898ab68c7469bb7bcd94baf4da50658fb85da0cfcf58adaf7ac2e93c5f4b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408c4fa44c622f699bbff377ae166f6e41a702da5158a2b8fc21254942aff879
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4824218ada82d48c7e8d7844e26aa13cfa6f1608f583a7d629c0694f36a05388
4f77319a0bd5d1f34c0331be9b59168f51afb97c53884b998d554a20e4f6b3a0
53f4fbd79ef5a544eb28ea9472c8ee20d220939a3faed242871568782c1984cf
542aa3a659dae23a91406e12842f7c1554e955238427f8374c6a1e17bfdb1940
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
6beb6659ea2b587f50a205663a3532e0ce389bf4fd4bb5c339c25cfc72c8e5c6
6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45
8087a632b7eedf3bea3a2d3affda6595beee37defff37fc65afc65769cf43fb9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
836716a39f6c2c6b5c798b6356a80eadd18c7a6379a5e1117f721307e6f221c6
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8dd4ee6fa6e3f4d40666014e44287d462b3f415837df52d473653c64ef908f10
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95e65210d0b05c85f336975cfdf950abefb3c2994b905ad0a21b9b4c2d8fb625
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
9864e0dd14beece0295cde2f45325b0f511400ea740d1b8c0c62ac710b19e202
9fefdbb8b0bc251b887e6e1f26427cce48dca2bc9e00c4d2e1f4f37aef16a047
a07318a9dcf4891de4c176d81b1d531b905326a14d7e7843a719f6bb7d85d521
a0a6985b8e6f45be6a7906584f4ca87c4f7483459e1e6cadbd35304f51f7a6bc
b9e0144e6721f408b7ed1e10db90f94f5229a2d1d37f9638a751848c5b1cd382
bf10b3aa3041ae132b5bf14911d22da15d5559c2d8bfba867705e2ed5660d279
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca9e26c16ab9fb90136acbc25853a9ec528b7aac601edbcaf11d6de34185251f
cc102bdcb9dde0fb20cc2d446323fa1f365e26c33a5f3d0524157ec34d908348
d0b0dfd5318f6f053c1371dbfd8377a922e5a5f7ff8f256f97c4f1d4c2952e0f
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bf411611a715a5752d6e80345cd5fa56731a8ff96e54e5212024337a1c6984
e6510126cd65f46ec42cba4c112d83793aaf10551d79dae6dff8a3e8b62eb891
f2f4aabd6e47cd456d35645974506d9f63515bbc1e71d29b77101f150c280ac0
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7a80eced1f7b398c9c143bf125e25e9888c58e55d2a66877d97c951bc0bc3dc
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40