waffrasdeajobs.gq Open in urlscan Pro
2606:4700:3031::681b:a084 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://waffrasdeajobs.gq/
Effective URL:
https://waffrasdeajobs.gq/
Submission: On May 04 via manual (May 4th 2020, 5:05:23 am UTC) from NZ

Summary HTTP 12 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3031::681b:a084, located in United States and belongs to CLOUDFLARENET, US. The main domain is waffrasdeajobs.gq.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2020. Valid for: 8 months.

This is the only time waffrasdeajobs.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3031::681b:a084	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
12	4

8 2606:4700:3031::681b:a084 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

waffrasdeajobs.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	waffrasdeajobs.gq 1 redirects waffrasdeajobs.gq	217 KB
4	gstatic.com fonts.gstatic.com	78 KB
1	googleapis.com fonts.googleapis.com	3 KB
12	3

	Domain	Requested by
8	waffrasdeajobs.gq	1 redirects waffrasdeajobs.gq
4	fonts.gstatic.com	waffrasdeajobs.gq
1	fonts.googleapis.com	waffrasdeajobs.gq
12	3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
ospreypublishing.com
www.mortonsbooks.co.uk
airmodels.net
www.topgunbio.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-14` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://waffrasdeajobs.gq/
Frame ID: 5B2BA83D6640420422B288FBE0E88605
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://waffrasdeajobs.gq/ HTTP 301
https://waffrasdeajobs.gq/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

298 kB
Transfer

1300 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TheAviationGeekClub/

Search URL Search Domain Scan URL

URL: https://twitter.com/TAGC17/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7WvIENCLIVL1Eic-69fb2g

Search URL Search Domain Scan URL

URL: https://ospreypublishing.com/
Title: <img width="336" height="280" src="https://waffrasdeajobs.gq/wp-content/uploads/2019/09/Osprey.jpg.webp" data-rel="penci-gallery-image-content" class="image wp-image-29429 centra-img attachment-full size-full" alt="Osprey banner" style="max-width: 100%; height: auto;" />

Search URL Search Domain Scan URL

URL: https://www.mortonsbooks.co.uk/MBCAVG
Title: <img width="500" height="350" src="https://waffrasdeajobs.gq/wp-content/uploads/2020/04/MB_Cat_aviation_500x350.jpg" class="image wp-image-36753 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" />

Search URL Search Domain Scan URL

URL: https://airmodels.net/?aff=18
Title: <img width="500" height="350" src="https://waffrasdeajobs.gq/wp-content/uploads/2018/11/500x350-Banner-White-1.jpg.webp" data-rel="penci-gallery-image-content" class="image wp-image-20992 centra-img attachment-full size-full" alt="Airmodels banner" style="max-width: 100%; height: auto;" srcset="https://waffrasdeajobs.gq/wp-content/uploads/2018/11/500x350-Banner-White-1.jpg.webp 500w,https://waffrasdeajobs.gq/wp-content/uploads/2018/11/500x350-Banner-White-1-100x70.jpg.webp 100w" sizes="(max-width: 500px) 100vw, 500px" />

Search URL Search Domain Scan URL

URL: http://www.topgunbio.com/
Title: <img width="500" height="350" src="https://waffrasdeajobs.gq/wp-content/uploads/2018/04/Bio-Larger-Banner.jpg.webp" class="image wp-image-15706 centra-img attachment-full size-full" alt="Top Gun Days banner" style="max-width: 100%; height: auto;" srcset="https://waffrasdeajobs.gq/wp-content/uploads/2018/04/Bio-Larger-Banner.jpg.webp 500w,https://waffrasdeajobs.gq/wp-content/uploads/2018/04/Bio-Larger-Banner-100x70.jpg.webp 100w" sizes="(max-width: 500px) 100vw, 500px" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://waffrasdeajobs.gq/ HTTP 301
https://waffrasdeajobs.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
waffrasdeajobs.gq/
Redirect Chain

http://waffrasdeajobs.gq/
https://waffrasdeajobs.gq/

156 KB
23 KB

909ms
886ms

Document
text/html

2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: f5ca25a452ac1c8117d50add03f755a5d7f2357dbdf873533b8f5e82648a1587

Request headers

:method: GET
:authority: waffrasdeajobs.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 04 May 2020 05:04:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d485649358c9a68fcfbeb7f76ffe87e161588568685; expires=Wed, 03-Jun-20 05:04:45 GMT; path=/; domain=.waffrasdeajobs.gq; HttpOnly; SameSite=Lax; Secure PHPSESSID=3dv93ubvd2hu7q63pgsbesdeeg; path=/ _subid=83mqc0477uum; expires=Tue, 05-May-2020 05:04:46 GMT; Max-Age=86400; path=/; domain=.waffrasdeajobs.gq ab327=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMxNVwiOjE1ODg1Njg2ODZ9LFwiY2FtcGFpZ25zXCI6e1wiODJcIjoxNTg4NTY4Njg2fSxcInRpbWVcIjoxNTg4NTY4Njg2fSJ9.aPN3NQnQG7mXzKftPg_hXJv1L-qgmAoYtl_lwYO_10E; expires=Tue, 05-May-2020 05:04:46 GMT; Max-Age=86400; path=/; domain=.waffrasdeajobs.gq
vary: Accept-Encoding
x-powered-by: PHP/7.4.4
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58dfaecbec28c26d-FRA
content-encoding: br
cf-request-id: 027fab93730000c26d8b1ec200000001

Redirect headers

Date: Mon, 04 May 2020 05:04:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 04 May 2020 06:04:45 GMT
Location: https://waffrasdeajobs.gq/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 58dfaecbaf0a3233-FRA
cf-request-id: 027fab934c00003233a1185200000001

GET
H2 200 css
fonts.googleapis.com/ 96 KB
3 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair%20Display%20SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CCapriola%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CLora%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26amp%3Bsubset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

724849aaf436ffdad870a0bb7dfc2bc9dd58318b79108d8fe1ea63d9243a32e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 May 2020 05:04:46 GMT
server: ESF
date: Mon, 04 May 2020 05:04:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 May 2020 05:04:46 GMT

GET
H2 200 2c5b52a0996b79f46dd63a87658d6f3b.css
waffrasdeajobs.gq/wp-content/cache/min/1/ 893 KB
116 KB 1131ms
1130ms Stylesheet
text/css 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waffrasdeajobs.gq/wp-content/cache/min/1/2c5b52a0996b79f46dd63a87658d6f3b.css
Requested by: Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: 37b3ac3d9056e95592f457fb187aeda1c859ab3e0433a7e89a9a2d5f8af683c1

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 05:04:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=14400
cf-ray: 58dfaed17e51c26d-FRA
cf-request-id: 027fab96ee0000c26d8b217200000001

GET
H2 200 penci-holder.png
waffrasdeajobs.gq/wp-content/themes/soledad/images/ 125 B
232 B 462ms
462ms Image
image/png 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waffrasdeajobs.gq/wp-content/themes/soledad/images/penci-holder.png
Requested by: Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: 5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 05:04:46 GMT
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
cf-ray: 58dfaed19e7fc26d-FRA
cf-request-id: 027fab96fc0000c26d8b218200000001

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 penci2-holder.png
waffrasdeajobs.gq/wp-content/themes/soledad/images/ 125 B
204 B 462ms
461ms Image
image/png 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waffrasdeajobs.gq/wp-content/themes/soledad/images/penci2-holder.png
Requested by: Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: 5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 05:04:46 GMT
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
cf-ray: 58dfaed19e90c26d-FRA
cf-request-id: 027fab97000000c26d8b21a200000001

GET
H2 200 email-decode.min.js Show response
waffrasdeajobs.gq/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
858 B 7ms
7ms Script
application/javascript 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://waffrasdeajobs.gq/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 05:04:46 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 28 Apr 2020 13:27:49 GMT
server: cloudflare
etag: W/"5ea82f55-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 58dfaed19e8ec26d-FRA
cf-request-id: 027fab97000000c26d8b219200000001
expires: Wed, 06 May 2020 05:04:46 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5724f68726bc57c20a4c615094403ed621f2275f12d16b91654970bdd24544e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce6303bdc4c65aa1b71975c3e3223117d2277175aba7db62ad6dcbb70de7d1e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 warning.png
waffrasdeajobs.gq/wp-content/plugins/wp-content-copy-protector/images/ 483 B
591 B 463ms
463ms Image
image/png 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waffrasdeajobs.gq/wp-content/plugins/wp-content-copy-protector/images/warning.png
Requested by: Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: b0a8bd74d2a1ff5ccd5a18c2d054a74b9b260258861a358b5faddc4f8a62f703

Request headers

Referer: https://waffrasdeajobs.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 05:04:48 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
cf-ray: 58dfaed92bd3c26d-FRA
cf-request-id: 027fab9bbb0000c26d8b255200000001

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair%20Display%20SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CCapriola%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CLora%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26amp%3Bsubset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Origin: https://waffrasdeajobs.gq

Response headers

date: Sat, 04 Apr 2020 04:04:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 2595613
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Sun, 04 Apr 2021 04:04:34 GMT

GET
H2 200 fontawesome-webfont.woff2
waffrasdeajobs.gq/wp-content/themes/soledad/fonts/ 75 KB
76 KB 909ms
908ms Font
text/html 2606:4700:3031::681b:a084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waffrasdeajobs.gq/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.4
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://waffrasdeajobs.gq/wp-content/cache/min/1/2c5b52a0996b79f46dd63a87658d6f3b.css
Origin: https://waffrasdeajobs.gq

Response headers

date: Mon, 04 May 2020 05:04:48 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-powered-by: PHP/7.4.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=14400
cf-ray: 58dfaed92bd6c26d-FRA
cf-request-id: 027fab9bbc0000c26d8b256200000001

GET
H2 200 0QIhMX1D_JOuMw_LIftLtfOm8w.woff2
fonts.gstatic.com/s/lora/v15/ 37 KB
37 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v15/0QIhMX1D_JOuMw_LIftLtfOm8w.woff2

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf5c58603ef244ef93e30730a92f444c6278cbf22f6e6a81a717ffee0f99e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair%20Display%20SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CCapriola%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CLora%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26amp%3Bsubset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Origin: https://waffrasdeajobs.gq

Response headers

date: Thu, 09 Apr 2020 22:53:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 18:21:22 GMT
server: sffe
age: 2095870
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37764
x-xss-protection: 0
expires: Fri, 09 Apr 2021 22:53:37 GMT

GET
H2 200 wXKoE3YSppcvo1PDlk_7JeEAn38z.woff2
fonts.gstatic.com/s/capriola/v7/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/capriola/v7/wXKoE3YSppcvo1PDlk_7JeEAn38z.woff2

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f171a6e3a308d3b85749ff499f02f526520662307a7e46f699f404711e2b03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair%20Display%20SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CCapriola%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CLora%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26amp%3Bsubset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Origin: https://waffrasdeajobs.gq

Response headers

date: Wed, 08 Apr 2020 20:20:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:43:16 GMT
server: sffe
age: 2191437
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14528
x-xss-protection: 0
expires: Thu, 08 Apr 2021 20:20:50 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: waffrasdeajobs.gq
URL: https://waffrasdeajobs.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair%20Display%20SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CCapriola%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CLora%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26amp%3Bsubset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Origin: https://waffrasdeajobs.gq

Response headers

date: Sat, 04 Apr 2020 11:59:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 2567094
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Sun, 04 Apr 2021 11:59:53 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.waffrasdeajobs.gq/	1970-01-19 09:17:35	Name: ab327 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMxNVwiOjE1ODg1Njg2ODZ9LFwiY2FtcGFpZ25zXCI6e1wiODJcIjoxNTg4NTY4Njg2fSxcInRpbWVcIjoxNTg4NTY4Njg2fSJ9.aPN3NQnQG7mXzKftPg_hXJv1L-qgmAoYtl_lwYO_10E
waffrasdeajobs.gq/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3dv93ubvd2hu7q63pgsbesdeeg
.waffrasdeajobs.gq/	1970-01-19 09:17:35	Name: _subid Value: 83mqc0477uum
.waffrasdeajobs.gq/	1970-01-19 09:59:20	Name: __cfduid Value: d485649358c9a68fcfbeb7f76ffe87e161588568685

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
waffrasdeajobs.gq
2606:4700:3031::681b:a084
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
37b3ac3d9056e95592f457fb187aeda1c859ab3e0433a7e89a9a2d5f8af683c1
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
6f171a6e3a308d3b85749ff499f02f526520662307a7e46f699f404711e2b03a
724849aaf436ffdad870a0bb7dfc2bc9dd58318b79108d8fe1ea63d9243a32e0
b0a8bd74d2a1ff5ccd5a18c2d054a74b9b260258861a358b5faddc4f8a62f703
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
ce6303bdc4c65aa1b71975c3e3223117d2277175aba7db62ad6dcbb70de7d1e5
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
dbf5c58603ef244ef93e30730a92f444c6278cbf22f6e6a81a717ffee0f99e77
f5724f68726bc57c20a4c615094403ed621f2275f12d16b91654970bdd24544e
f5ca25a452ac1c8117d50add03f755a5d7f2357dbdf873533b8f5e82648a1587

waffrasdeajobs.gq Open in urlscan Pro 2606:4700:3031::681b:a084 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

298 kBTransfer

1300 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

Indicators

waffrasdeajobs.gq Open in urlscan Pro
2606:4700:3031::681b:a084 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

298 kB
Transfer

1300 kB
Size

4
Cookies

12 HTTP transactions
3 data transactions