0.goldflowerservice.com Open in urlscan Pro
185.177.94.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wtfa-aa.com/
Effective URL:
https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4
Submission: On September 29 via manual (September 29th 2022, 12:10:17 pm UTC) from FR — Scanned from FR

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 8 domains to perform 44 HTTP transactions. The main IP is 185.177.94.108, located in and belongs to . The main domain is 0.goldflowerservice.com.
TLS certificate: Issued by R3 on September 1st 2022. Valid for: 3 months.

This is the only time 0.goldflowerservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2001:41d0:1:1... 2001:41d0:1:1b00:213:186:33:40	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	91.211.91.114 91.211.91.114	206638 (HOSTFORY) (HOSTFORY)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 3	91.211.91.104 91.211.91.104	() ()
3	185.177.94.108 185.177.94.108	() ()
44	10

25 2001:41d0:1:1b00:213:186:33:40 (France)

ASN16276 (OVH, FR)

www.wtfa-aa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)

cdn.weatherplllatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.211.91.104 (None, ) 2 redirects

ASN- ()

away.bettershitecolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.177.94.108 (None, )

ASN- ()

goldflowerservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.goldflowerservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	wtfa-aa.com www.wtfa-aa.com	5 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	369 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
3	goldflowerservice.com goldflowerservice.com Failed 0.goldflowerservice.com	70 KB
3	bettershitecolumn.com away.bettershitecolumn.com Failed	1 KB
1	w.org s.w.org — Cisco Umbrella Rank: 731	601 B
1	weatherplllatform.com cdn.weatherplllatform.com — Cisco Umbrella Rank: 394493	2 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1515
44	8

	Domain	Requested by
25	www.wtfa-aa.com	www.wtfa-aa.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.wtfa-aa.com www.gstatic.com www.google.com
3	away.bettershitecolumn.com	cdn.weatherplllatform.com
2	0.goldflowerservice.com	www.wtfa-aa.com
2	fonts.gstatic.com	www.google.com
1	goldflowerservice.com	away.bettershitecolumn.com
1	s.w.org	www.wtfa-aa.com
1	cdn.weatherplllatform.com	www.wtfa-aa.com
1	kit.fontawesome.com	www.wtfa-aa.com
44	10

This site contains no links.

Subject Issuer	Validity	Valid
wtfa-aa.com R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.weatherplllatform.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
away.bettershitecolumn.com R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
goldflowerservice.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh

This page contains 2 frames:

Frame: https://0.goldflowerservice.com/?auf=ga4dkojygq5diojygyxtonbtgqxtemrpge3dmnbuguztimjv&s=1&sub1=&sub2=mcoldd4&sub3=&sub4=&cpc=0&cpm=0
Frame ID: 0C2ECD1366A578AC5F23891380327891
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&co=aHR0cHM6Ly93d3cud3RmYS1hYS5jb206NDQz&hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=t30ra4vevv5a
Frame ID: 06FC9A9E8E46BE81BB00F54C7FFB31DB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.wtfa-aa.com/ Page URL
https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46 HTTP 302
https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
https://goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4 Page URL
https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

95 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

10
IPs

5
Countries

5697 kB
Transfer

6488 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wtfa-aa.com/ Page URL
https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46 HTTP 302
https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
https://goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4 Page URL
https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46 HTTP 302
https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.wtfa-aa.com/ 23 KB
6 KB 595ms
547ms Document
text/html 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache / PHP/7.4
Resource Hash: 9d1ec1bcdb7e1194bbd01ed4aa14a4d535132748f063836f7216c6038064ddce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:08 GMT
link: <https://www.wtfa-aa.com/wp-json/>; rel="https://api.w.org/" <https://www.wtfa-aa.com/wp-json/wp/v2/pages/116>; rel="alternate"; type="application/json" <https://www.wtfa-aa.com/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-pingback: https://www.wtfa-aa.com/xmlrpc.php
x-powered-by: PHP/7.4

GET
H2 200 dashicons.min.css
www.wtfa-aa.com/wp-includes/css/ 58 KB
35 KB 33ms
31ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-includes/css/dashicons.min.css?ver=6.0.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 23:54:48 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 all.min.css
www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/ 99 KB
21 KB 48ms
46ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:46 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 20747
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 extra.min.css
www.wtfa-aa.com/wp-content/plugins/menu-icons/css/ 815 B
564 B 19ms
18ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:46 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 351
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 style.min.css
www.wtfa-aa.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 46ms
45ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 02:05:42 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 11681
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 styles.css
www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 18ms
18ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:29 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 972
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 style.css
www.wtfa-aa.com/wp-content/themes/wtfaa/ 18 KB
4 KB 19ms
19ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/style.css?ver=6.0.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 529a3e510c1d8fb72de8bb486f6c3fa65ee82316a9237d4eaef2401151002e40

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 07:39:37 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 3481
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 app.css
www.wtfa-aa.com/wp-content/plugins/simple-lightbox/client/css/ 231 B
325 B 18ms
17ms Stylesheet
text/css 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.9.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f00c690f9ac9a7bbd3f1a4346472c52ff3329d51a5cc7823c2277b0aa041c443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:58 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 112
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 403 e07aa87ba1.js
kit.fontawesome.com/ 0
0 140ms
64ms Script
text/plain 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e07aa87ba1.js

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.wtfa-aa.com/
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
strict-transport-security: max-age=31536000; preload
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 75249d2e0949998c-CDG
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: FxlTjowOL5RYsJ129x8C

GET
H2 200 logo.png
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/images/ 8 KB
8 KB 20ms
18ms Image
image/png 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/images/logo.png
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d89b3006ee082926fc0ba5ec8e84a28e0705deb365505638b30da6d50434e011

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 14 Mar 2022 17:38:35 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 7728
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 left-arrow.png
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/images/icons/ 226 B
405 B 51ms
49ms Image
image/png 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/images/icons/left-arrow.png
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c7bf501b4d32c26e59aaef6cdfb6ff6cfcb683632fb1bcc465874be0b8eb399f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 14 Mar 2022 17:42:51 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 226
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 index.js Show response
www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/swv/js/ 9 KB
3 KB 16ms
16ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 2914
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 index.js Show response
www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 16ms
16ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3934
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 menu.js Show response
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/scripts/ 3 KB
1 KB 16ms
16ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/scripts/menu.js?ver=6.0.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: b0210010615df327b0fef3e6693491a0b2bb3aeba5ef583bd6add5b11315a4f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:08 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 18:06:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 989
expires: Thu, 29 Sep 2022 12:25:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 173ms
70ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&ver=3.0

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d28386b9c1830ed22ff70d2328adc95c12083580fdf2287505e983946665e3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 29 Sep 2022 12:10:09 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.wtfa-aa.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 18ms
16ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
last-modified: Fri, 27 May 2022 16:20:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 2457
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.wtfa-aa.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 19ms
17ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
last-modified: Fri, 27 May 2022 16:20:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 7095
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 index.js Show response
www.wtfa-aa.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
730 B 18ms
16ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 12:53:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 507
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 slider.js Show response
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/scripts/ 3 KB
965 B 25ms
24ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/scripts/slider.js
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8ab5a4dd8122b6587dd9b6ba1ba8c7c4afe59de29631ed1d11228bdda21127bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
last-modified: Sun, 20 Mar 2022 12:27:58 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 742
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.wtfa-aa.com/wp-includes/js/ 18 KB
5 KB 18ms
17ms Script
application/javascript 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
last-modified: Fri, 27 May 2022 16:20:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5009
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 base.js
cdn.weatherplllatform.com/ 6 KB
2 KB 726ms
76ms Script
application/javascript 91.211.91.114
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weatherplllatform.com/base.js?v=22.3

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 20:14:42 GMT
server: nginx
etag: W/"6334ab32-1835"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 B33_02-bis.jpg
www.wtfa-aa.com/wp-content/uploads/2022/04/ 3 MB
3 MB 53ms
51ms Image
image/jpeg 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wtfa-aa.com/wp-content/uploads/2022/04/B33_02-bis.jpg
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f28050b2e74751e9de209bad15643ac4d2afc9e579c4b866ab50fed9a57b329e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 25 Apr 2022 09:33:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 3340062
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 Cotte-0113-scaled.jpg
www.wtfa-aa.com/wp-content/uploads/2022/04/ 608 KB
609 KB 66ms
64ms Image
image/jpeg 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wtfa-aa.com/wp-content/uploads/2022/04/Cotte-0113-scaled.jpg
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 51901a38a3a004bd89d4838075de0a38bae0a50fb8c973c8b95378efbf546c65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Fri, 22 Apr 2022 13:27:23 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 622286
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 SaintMaur_7840_HD.jpg
www.wtfa-aa.com/wp-content/uploads/2022/03/ 893 KB
895 KB 44ms
42ms Image
image/jpeg 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wtfa-aa.com/wp-content/uploads/2022/03/SaintMaur_7840_HD.jpg
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 39bf8d64e69cb863540c175892740660bfa7888d52bf08a00a090c90354efa37

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 21 Mar 2022 22:40:28 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 914533
expires: Thu, 29 Sep 2022 12:25:09 GMT

GET
H2 200 Karla-ExtraBold.ttf
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/fonts/ 38 KB
38 KB 18ms
16ms Font
application/x-font-ttf 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/fonts/Karla-ExtraBold.ttf
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/style.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: aee03bb38949b378f598e057fb2e2916c528503bbfbbfb408f1d48ab9ba64f09

Request headers

Referer: https://www.wtfa-aa.com/wp-content/themes/wtfaa/style.css?ver=6.0.2
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 21 Mar 2022 20:51:54 GMT
server: Apache
accept-ranges: bytes
content-length: 38684
content-type: application/x-font-ttf

GET
H2 200 fa-solid-900.woff2
www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/webfonts/ 151 KB
152 KB 23ms
22ms Font
application/octet-stream 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

Request headers

Referer: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Tue, 27 Sep 2022 12:53:46 GMT
server: Apache
accept-ranges: bytes
content-length: 154840

GET
H2 200 fa-brands-400.woff2
www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/webfonts/ 103 KB
103 KB 23ms
22ms Font
application/octet-stream 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6

Request headers

Referer: https://www.wtfa-aa.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Tue, 27 Sep 2022 12:53:46 GMT
server: Apache
accept-ranges: bytes
content-length: 105112

GET
H2 200 Karla-Regular.ttf
www.wtfa-aa.com/wp-content/themes/wtfaa/assets/fonts/ 37 KB
38 KB 22ms
21ms Font
application/x-font-ttf 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/assets/fonts/Karla-Regular.ttf
Requested by: Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/wp-content/themes/wtfaa/style.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c202ef4c5e75166b8ee4783527eb5da05fca86869aa322c3c1e4e305f7ceb070

Request headers

Referer: https://www.wtfa-aa.com/wp-content/themes/wtfaa/style.css?ver=6.0.2
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
last-modified: Mon, 21 Mar 2022 20:51:55 GMT
server: Apache
accept-ranges: bytes
content-length: 38304
content-type: application/x-font-ttf

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 392 KB
156 KB 93ms
29ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e3e725c4f1e5000be338ab9ec91d8cff25598cd9061e6ca032b892c8a44ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtfa-aa.com/
Origin: https://www.wtfa-aa.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159473
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 12:20:30 GMT

GET
H2 200 2764.svg
s.w.org/images/core/emoji/14.0.0/svg/ 368 B
601 B 79ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2764.svg

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.wtfa-aa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc: HIT cdg 2
date: Thu, 29 Sep 2022 12:10:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 06FC 42 KB
22 KB 79ms
78ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&co=aHR0cHM6Ly93d3cud3RmYS1hYS5jb206NDQz&hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=t30ra4vevv5a

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a17995c6d0fb89c4910189644112700c67af96455bfdf084ef8b216f5d24c7f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Aikp7CtyIvLT3vVNlFFbXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wtfa-aa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22515
content-security-policy: script-src 'report-sample' 'nonce-Aikp7CtyIvLT3vVNlFFbXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 12:10:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 06FC 52 KB
24 KB 84ms
27ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&co=aHR0cHM6Ly93d3cud3RmYS1hYS5jb206NDQz&hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=t30ra4vevv5a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 11:52:12 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 06FC 392 KB
156 KB 97ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e3e725c4f1e5000be338ab9ec91d8cff25598cd9061e6ca032b892c8a44ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159473
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 12:20:30 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 06FC 2 KB
2 KB 29ms
26ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 577800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Sep 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 06FC 15 KB
16 KB 103ms
25ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 155008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 06FC 15 KB
15 KB 111ms
34ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 222530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 06FC 102 B
133 B 67ms
63ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeb691a96656410042906f27f7785eeb0dbcb18814b180b7715e238c14821e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&co=aHR0cHM6Ly93d3cud3RmYS1hYS5jb206NDQz&hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=t30ra4vevv5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Sep 2022 12:10:09 GMT

GET speak.php
away.bettershitecolumn.com/ 0
0

GET
H2

200

track.php
away.bettershitecolumn.com/
Redirect Chain

https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29

828 B
973 B

236ms
236ms

Document
text/html

91.211.91.104

General

Check archive.org

Show headers Download Go to

Full URL

https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29

Requested by

Host: cdn.weatherplllatform.com
URL: https://cdn.weatherplllatform.com/base.js?v=22.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.104 -, , ASN (),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://www.wtfa-aa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 828
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:14 GMT
server: nginx
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:13 GMT
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
server: nginx
strict-transport-security: max-age=15768000;
x-powered-by: PHP/7.3.33

POST
H3 200 reload
www.google.com/recaptcha/api2/ Frame 06FC 32 KB
19 KB 120ms
120ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcFPgchAAAAAOQoGvOEyIVbKlCfMNjzMI7vyIHj&co=aHR0cHM6Ly93d3cud3RmYS1hYS5jb206NDQz&hl=fr&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=t30ra4vevv5a
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 29 Sep 2022 12:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19062
x-xss-protection: 1; mode=block
expires: Thu, 29 Sep 2022 12:10:10 GMT

GET /
goldflowerservice.com/ 0
0

GET
H2 200 / Show response
goldflowerservice.com/ 52 KB
52 KB 511ms
45ms Document
text/html 185.177.94.108

General

Check archive.org

Show headers Download Go to

Full URL

https://goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4

Requested by

Host: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c63f24b5f4730c88bd668a4795bbc262e050c2c360d4e33cb4ea91ee756cfe91

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:15 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Primary Request /
0.goldflowerservice.com/ 18 KB
18 KB 323ms
35ms Document
text/html 185.177.94.108

General

Check archive.org

Show headers Download Go to

Full URL

https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://goldflowerservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:15 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
0.goldflowerservice.com/ 0
263 B 454ms
454ms Document
text/html 185.177.94.108

General

Check archive.org

Show headers Download Go to

Full URL

https://0.goldflowerservice.com/?auf=ga4dkojygq5diojygyxtonbtgqxtemrpge3dmnbuguztimjv&s=1&sub1=&sub2=mcoldd4&sub3=&sub4=&cpc=0&cpm=0

Requested by

Host: www.wtfa-aa.com
URL: https://www.wtfa-aa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 12:10:16 GMT
server: nginx
strict-transport-security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46

Domain: goldflowerservice.com
URL: https://goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=mcoldd4

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 10:40:05	Name: _GRECAPTCHA Value: 09AK_d_356uQ7W7vsPOnNRz7lm8I-akYPhDPvFEHFadnOY6JyRWPsY6rwXvpHqt9UDzGgsm2ePZKY6VyPpIJQgM_Y
			www.wtfa-aa.com/	1970-01-20 06:20:53	Name: slicevisitor Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/e07aa87ba1.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.goldflowerservice.com
away.bettershitecolumn.com
cdn.weatherplllatform.com
fonts.gstatic.com
goldflowerservice.com
kit.fontawesome.com
s.w.org
www.google.com
www.gstatic.com
www.wtfa-aa.com
away.bettershitecolumn.com
goldflowerservice.com
185.177.94.108
192.0.77.48
2001:41d0:1:1b00:213:186:33:40
2606:4700::6812:1634
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:400d:807::2004
91.211.91.104
91.211.91.114
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
39bf8d64e69cb863540c175892740660bfa7888d52bf08a00a090c90354efa37
51901a38a3a004bd89d4838075de0a38bae0a50fb8c973c8b95378efbf546c65
529a3e510c1d8fb72de8bb486f6c3fa65ee82316a9237d4eaef2401151002e40
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5eeb691a96656410042906f27f7785eeb0dbcb18814b180b7715e238c14821e2
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
6d28386b9c1830ed22ff70d2328adc95c12083580fdf2287505e983946665e3f
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
80e3e725c4f1e5000be338ab9ec91d8cff25598cd9061e6ca032b892c8a44ec9
8ab5a4dd8122b6587dd9b6ba1ba8c7c4afe59de29631ed1d11228bdda21127bf
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
9d1ec1bcdb7e1194bbd01ed4aa14a4d535132748f063836f7216c6038064ddce
a17995c6d0fb89c4910189644112700c67af96455bfdf084ef8b216f5d24c7f2
aee03bb38949b378f598e057fb2e2916c528503bbfbbfb408f1d48ab9ba64f09
b0210010615df327b0fef3e6693491a0b2bb3aeba5ef583bd6add5b11315a4f2
c202ef4c5e75166b8ee4783527eb5da05fca86869aa322c3c1e4e305f7ceb070
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c63f24b5f4730c88bd668a4795bbc262e050c2c360d4e33cb4ea91ee756cfe91
c7bf501b4d32c26e59aaef6cdfb6ff6cfcb683632fb1bcc465874be0b8eb399f
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d89b3006ee082926fc0ba5ec8e84a28e0705deb365505638b30da6d50434e011
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
f00c690f9ac9a7bbd3f1a4346472c52ff3329d51a5cc7823c2277b0aa041c443
f28050b2e74751e9de209bad15643ac4d2afc9e579c4b866ab50fed9a57b329e
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

0.goldflowerservice.com Open in urlscan Pro 185.177.94.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

56 %IPv6

8 Domains

10 Subdomains

10 IPs

5 Countries

5697 kBTransfer

6488 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

0.goldflowerservice.com Open in urlscan Pro
185.177.94.108 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

10
IPs

5
Countries

5697 kB
Transfer

6488 kB
Size

2
Cookies

44 HTTP transactions
1 data transactions