gtotrust.com Open in urlscan Pro
41.222.32.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gtotrust.com/
Submission: On January 18 via manual (January 18th 2023, 12:57:22 pm UTC) from AT — Scanned from DE

Summary HTTP 59 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 59 HTTP transactions. The main IP is 41.222.32.14, located in South Africa and belongs to DIAMATRIX, ZA. The main domain is gtotrust.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2023. Valid for: 3 months.

This is the only time gtotrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	41.222.32.14 41.222.32.14	327979 (DIAMATRIX) (DIAMATRIX)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	169.239.217.31 169.239.217.31	327979 (DIAMATRIX) (DIAMATRIX)
16	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
59	13

15 41.222.32.14 (South Africa)

ASN327979 (DIAMATRIX, ZA)
PTR: wp14.domains.co.za

gtotrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 169.239.217.31 (Johannesburg, South Africa)

ASN327979 (DIAMATRIX, ZA)
PTR: rs21.cphost.co.za

i-ballmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gstatic.com fonts.gstatic.com www.gstatic.com	435 KB
15	gtotrust.com gtotrust.com	469 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	892 KB
5	i-ballmedia.com i-ballmedia.com	363 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com — Cisco Umbrella Rank: 188	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 210	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 90	38 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 233	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
59	9

	Domain	Requested by
16	fonts.gstatic.com	gtotrust.com fonts.googleapis.com www.youtube.com
15	gtotrust.com	gtotrust.com
11	www.youtube.com	gtotrust.com www.youtube.com
5	i-ballmedia.com	gtotrust.com
4	jnn-pa.googleapis.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	gtotrust.com
59	12

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
www.linkedin.com
instagram.com
www.givengain.com

Subject Issuer	Validity	Valid
gtotrust.com cPanel, Inc. Certification Authority	`2023-01-18` - `2023-04-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
iballmedia.co.za cPanel, Inc. Certification Authority	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gtotrust.com/
Frame ID: 16266BD9A939F850B49A902B87E9E4B3
Requests: 45 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
Frame ID: 7FE7766067AE6263CCB2D76ADD5BE46C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GTO - Big Difference, Little Lives Help Us Make A Difference

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

98 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

2247 kB
Transfer

5519 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCcGZj5o7M2C53RawPiKCUDA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GTOTrust
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gto-trust/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://instagram.com/gtotrust
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.givengain.com/cause/1020/campaigns/18234/
Title: Donate Donate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

59 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gtotrust.com/ 162 KB
25 KB 930ms
386ms Document
text/html 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed / PHP/8.0.26

Resource Hash

4bc9573c1a9283d3d1004437339bb03e957b1395c50cebbb396e838b381b74b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=86400
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 12:57:14 GMT
etag: "129-1673736827;br"
expires: Sun, 15 Jan 2023 22:53:47 GMT
link: <https://gtotrust.com/wp-json/>; rel="https://api.w.org/" <https://gtotrust.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json" <https://gtotrust.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/8.0.26
x-xss-protection: 1; mode=block

GET
H2 200 webfontloader.min.js Show response
gtotrust.com/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 202ms
201ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 12 Jan 2023 04:17:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4649
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H2 200 68c084a1a929750a2136e1c050be3a53.css
gtotrust.com/wp-content/litespeed/ucss/ 112 KB
13 KB 197ms
196ms Stylesheet
text/css 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

f5e5adef1738c6034fc9fa4772da9a0b4f0632d8a5183988cb73e1aa34cc2857

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 15 Dec 2022 11:41:16 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12983
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H2 200 jquery.min.js Show response
gtotrust.com/wp-includes/js/jquery/ 88 KB
30 KB 200ms
200ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 03 Nov 2022 07:28:10 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 30324
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H2 200 jquery.jsticky.min.js Show response
gtotrust.com/wp-content/plugins/jet-blocks/assets/js/lib/jsticky/ 1 KB
584 B 201ms
200ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/jet-blocks/assets/js/lib/jsticky/jquery.jsticky.min.js

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

aaa30720d478c9319656a698504a84ca2d0b395180a39c9be4ebd686be7e8525

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 13 Dec 2022 14:12:14 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 526
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H3 200 10e5f0f00fe67a6bdb205f06131a3178.js Show response
gtotrust.com/wp-content/litespeed/js/ 509 KB
132 KB 193ms
192ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/litespeed/js/10e5f0f00fe67a6bdb205f06131a3178.js?ver=4d073

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

f20e9c58565d82376d20f1e5af682c0bf78105fbe07226178d6095521e1bd68e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 14 Jan 2023 22:53:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 135132
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
DATA 200
OK truncated Show response
/ 279 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36530e78725370c5013bc7834f0dd22520b0c8df51925978754e27e1f0975359

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3614cac69319b945ec4d953e63cb7af9348906498957df989bd2e06e9b280e39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21852a2df891a0e7fa18362fc1cd141681f8b22a7825201ec3ed45e3124ca824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ProximaNova-Regular.woff2
gtotrust.com/wp-content/uploads/2022/11/ 33 KB
34 KB 578ms
578ms Font
font/woff2 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/uploads/2022/11/ProximaNova-Regular.woff2

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 01 Nov 2022 11:24:52 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 34280
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H3 200 fa-solid-900.woff2
gtotrust.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 579ms
578ms Font
font/woff2 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 13 Jan 2023 09:10:36 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 78196
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H3 200 fa-brands-400.woff2
gtotrust.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 807ms
807ms Font
font/woff2 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 13 Jan 2023 09:10:36 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 76764
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98c4752b756f907c84034742da3b9d9d5be1002fc1d217c59260facac6aabed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 200aa05dd8707ca5b1e8bdca26b85baaa9db1e71849c989fb434f482b1f9391c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ac0e60892a41bc44d642040b8ffa58a85d14eb23b67a4f8cfdebed08b4355c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd488d857a65620fd0b12f6c46441267cd28b55181524865852f8c6565b9ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66988964c9a8d6e5e907e3311e688958d3445e2f8496a56c5a7806e333cf237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 12:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 11:29:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Jan 2023 12:57:15 GMT

GET
H2 200 HOME-kids-smiling-HERO_result.webp
i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/ 193 KB
194 KB 1321ms
388ms Image
image/webp 169.239.217.31
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/HOME-kids-smiling-HERO_result.webp

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.239.217.31 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

rs21.cphost.co.za

Software

LiteSpeed /

Resource Hash

1e506c40a64a8fe2c799f147e28c5316dd5e70b5820383e52170486d158c92b8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
last-modified: Mon, 07 Nov 2022 16:25:47 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 197968
x-xss-protection: 1; mode=block
expires: Wed, 25 Jan 2023 12:57:16 GMT

GET
H2 200 heart-bg-28_result.webp
i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/ 12 KB
12 KB 1789ms
856ms Image
image/webp 169.239.217.31
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/heart-bg-28_result.webp

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.239.217.31 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

rs21.cphost.co.za

Software

LiteSpeed /

Resource Hash

76586c52ff46ffc123febbaf19ca22ba4ce8fe384f9f54a71eb90344d84e6132

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
last-modified: Fri, 04 Nov 2022 13:34:37 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12614
x-xss-protection: 1; mode=block
expires: Wed, 25 Jan 2023 12:57:16 GMT

GET
H2 200 HOME-how-we-began-BW-640px_result.webp
i-ballmedia.com/clients/gto/wp-content/uploads/2022/12/ 65 KB
65 KB 1789ms
857ms Image
image/webp 169.239.217.31
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-ballmedia.com/clients/gto/wp-content/uploads/2022/12/HOME-how-we-began-BW-640px_result.webp

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.239.217.31 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

rs21.cphost.co.za

Software

LiteSpeed /

Resource Hash

bbd6756119921ed1ef3c0adbfed0fae459397dff872ea60bc93168a82b33996c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
last-modified: Mon, 12 Dec 2022 13:16:17 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 66262
x-xss-protection: 1; mode=block
expires: Wed, 25 Jan 2023 12:57:16 GMT

GET
H2 200 girl-bw-01_result.webp
i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/ 59 KB
59 KB 1789ms
857ms Image
image/webp 169.239.217.31
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-ballmedia.com/clients/gto/wp-content/uploads/2022/11/girl-bw-01_result.webp

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.239.217.31 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

rs21.cphost.co.za

Software

LiteSpeed /

Resource Hash

a61096a9b871236d71cc2ce7a54b5d48256a32c51667059927b5a23c9ca5bcf8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
last-modified: Fri, 04 Nov 2022 15:45:04 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60134
x-xss-protection: 1; mode=block
expires: Wed, 25 Jan 2023 12:57:16 GMT

GET
H2 200 HOME-our-goals-2022-BW-640px_result.webp
i-ballmedia.com/clients/gto/wp-content/uploads/2022/12/ 34 KB
34 KB 1788ms
857ms Image
image/webp 169.239.217.31
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i-ballmedia.com/clients/gto/wp-content/uploads/2022/12/HOME-our-goals-2022-BW-640px_result.webp

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

169.239.217.31 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

rs21.cphost.co.za

Software

LiteSpeed /

Resource Hash

7a878878e97933e104a0bb0015c308f6835da873a0d6e1de913a168aea7e0217

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
last-modified: Mon, 12 Dec 2022 13:16:16 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 34330
x-xss-protection: 1; mode=block
expires: Wed, 25 Jan 2023 12:57:16 GMT

GET
H3 200 dearJoe5CASUAL-P.woff2
gtotrust.com/wp-content/uploads/2022/11/ 45 KB
45 KB 550ms
550ms Font
font/woff2 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/uploads/2022/11/dearJoe5CASUAL-P.woff2

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

6fb09cdef3b1853c10317b0ca6d5a536150f492b73384f1b9ddefb24b57a926f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:15 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 01 Nov 2022 11:26:12 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 46436
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:15 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 60ms
32ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fdbf9efc2a3dee59ac086edff2cca2c66184470cb4d88cf8eacc574a45cef51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:31:42 GMT
x-content-type-options: nosniff
age: 1533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31436
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 12:31:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 54ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 22:49:22 GMT
x-content-type-options: nosniff
age: 50873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 22:49:22 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 57ms
29ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434967e3a46663558c534688d0054e4bad8f3301c863b4a17f66080065da0c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:54:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22300
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:54:54 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 05:12:34 GMT
x-content-type-options: nosniff
age: 287081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 05:12:34 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 51ms
24ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21006
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:50:19 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 47ms
20ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

188d810cc883fcbf994c6afbd9b5f7e8f0cfd8185ce38ad9365887c21ed0a720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22207
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:54:44 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 71ms
45ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87fb5bb0d8e0ca0c4d21f594e8503eb6a0023956a9eca832c11fad8ebeba3594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21061
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:54:34 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 73ms
46ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f3700676a53182754044b3c365940f917c7d4f4f9b8d72b1901cc6d8512eb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 16:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22229
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 16:08:41 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 68ms
42ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:50:21 GMT
x-content-type-options: nosniff
age: 4014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31416
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:50:21 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 65ms
39ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33abdf1da701ffb0039838332d89cfa7a4987ba736e5a5be9d398d418bf4ba61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 08:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22164
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 08:26:26 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
20 KB 74ms
48ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131d7ee76b779886898c901bfa19c90b68917c8e4b4b4cc9d929e53a9ecc92a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20549
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:50:33 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
21 KB 73ms
47ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24bbc961b8e37845c94a03ec71d9a0aaa1ef3faaf2277c2f0f6f8781c19efb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21638
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:54:48 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 63ms
37ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b79b191a7e97d8fb165ad70128825eb4fedd69d2677e55de7aff76793da3883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 01:13:38 GMT
x-content-type-options: nosniff
age: 42217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31636
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 01:13:38 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
33 KB 66ms
41ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAexQ.ttf

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/ucss/68c084a1a929750a2136e1c050be3a53.css?ver=4d073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220014e671b6f67906f9e5f81444b16f524c7c117ad571d0759965d45e65271a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Origin: https://gtotrust.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:38:15 GMT
x-content-type-options: nosniff
age: 26340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33608
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 05:38:15 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
gtotrust.com/wp-content/plugins/elementor/assets/js/ 1 KB
741 B 192ms
192ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/js/10e5f0f00fe67a6bdb205f06131a3178.js?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

d5f420c5f254202373c52598749814a5c1e34ca2f90807504335f8dd9b91277c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 13 Jan 2023 09:10:35 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 600
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:16 GMT

GET
H3 200 video.d86bfd0676264945e968.bundle.min.js Show response
gtotrust.com/wp-content/plugins/elementor/assets/js/ 3 KB
1 KB 192ms
192ms Script
application/x-javascript 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/js/10e5f0f00fe67a6bdb205f06131a3178.js?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

7ab950108c967491b2fdf4b7548433bbb4d91b3cf5197276a6bc03cfa4be26bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 13 Jan 2023 09:10:35 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1277
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:16 GMT

GET
H3 200 lf30_editor_svdaaeoe.json Show response
gtotrust.com/wp-content/uploads/2022/11/ 16 KB
16 KB 193ms
193ms XHR
application/json 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to

Full URL

https://gtotrust.com/wp-content/uploads/2022/11/lf30_editor_svdaaeoe.json

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-content/litespeed/js/10e5f0f00fe67a6bdb205f06131a3178.js?ver=4d073

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

c6b64fbb84d3de4cada47433cfc36b22b511e63e7c55ee1f88a9a5075f01b5f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:16 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 09 Nov 2022 07:03:18 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: application/json
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 15975
x-xss-protection: 1; mode=block
expires: Thu, 19 Jan 2023 12:57:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 56ms
31ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: gtotrust.com
URL: https://gtotrust.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 18 Jan 2023 12:57:17 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 Jan 2024 12:18:26 GMT

GET
H3 200 HUD8zvv4fY4 Show response
www.youtube.com/embed/ Frame 7FE7 67 KB
27 KB 97ms
96ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a91c2d91bbd65f628e92534e58c3bd88b7690eac35ba73190c4cdcc852cd8302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gtotrust.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 12:57:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 7FE7 360 KB
49 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 12:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 17 Jan 2024 12:16:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 7FE7 342 KB
107 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:18:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 Jan 2024 12:18:03 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 7FE7 2 MB
598 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 507279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612479
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 Jan 2024 16:02:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 7FE7 9 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 03:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 Jan 2024 03:26:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7FE7 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 63350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7FE7 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:59:48 GMT
x-content-type-options: nosniff
age: 64649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 Jan 2024 18:59:48 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7FE7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
240 B

44ms
42ms

XHR
application/json

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0b0eea961d7abeada36ab97309badbc0e6931ddf16a597d4eafa477c7e7ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 18 Jan 2023 12:57:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7FE7 29 B
588 B 31ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:54:13 GMT
x-content-type-options: nosniff
age: 184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Jan 2023 13:09:13 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 42ms
17ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 18 Jan 2023 12:57:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7FE7 66 KB
30 KB 29ms
28ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7ca3a127cce1124a2f9ec789728fb6ace30810f60accf2882ebb48a87414adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30964
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 7FE7 119 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 507264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 Jan 2024 16:02:53 GMT

GET
H2 200 wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js Show response
www.google.com/js/th/ Frame 7FE7 36 KB
14 KB 93ms
22ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 10:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 10:37:20 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 7FE7 26 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 20:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8398
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Jan 2024 20:15:56 GMT

GET
DATA 200
OK truncated
/ Frame 7FE7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 J6pSeWkaNd45vhgr24NHbXQaj9HPFoETcJ7Q6QQxc3DD_RLw9o0puycJ8_x3jAvjzazqxtmotxs=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7FE7 2 KB
3 KB 350ms
323ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/J6pSeWkaNd45vhgr24NHbXQaj9HPFoETcJ7Q6QQxc3DD_RLw9o0puycJ8_x3jAvjzazqxtmotxs=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c266bcc7e8d53667c107a84399de2f628009e5aac7921289344174aa204bf772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2460
x-xss-protection: 0
expires: Thu, 19 Jan 2023 12:57:18 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/HUD8zvv4fY4/ Frame 7FE7 37 KB
38 KB 196ms
118ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/HUD8zvv4fY4/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVChLMA8=&rs=AOn4CLB0obnmntfuo4Vc2RNSK-E5HGo7jg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c783a743a5680e9f8460d3d68de30f185001a8a512f7b9a5142e6d735fcc3b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38046
x-xss-protection: 0
server: sffe
etag: "1662544519"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Jan 2023 14:57:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7FE7 90 B
134 B 25ms
25ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab2f98ec57787d4ee5fb8945dafb335addd10dc2bc6e7413af1af311a647a7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 17ms
16ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 18 Jan 2023 12:57:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7FE7 4 KB
3 KB 150ms
85ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 12:57:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7FE7 0
10 B 11ms
11ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?f7R9eA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame 7FE7 50 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 09:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 19 Jan 2023 09:53:13 GMT

GET
H3 200 GTO-logo-small.svg
gtotrust.com/wp-content/uploads/2022/11/ 27 KB
8 KB 193ms
192ms Image
image/svg+xml 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gtotrust.com/wp-content/uploads/2022/11/GTO-logo-small.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

6083a15a3295f6f29de647ddf5c7667b9d1b365dd1fe505ae7ea2152e81753a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 03 Nov 2022 09:41:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7965
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:18 GMT

GET
H3 200 KITE-LOGO_result-300x195.webp
gtotrust.com/wp-content/uploads/2022/11/ 7 KB
7 KB 194ms
193ms Image
image/webp 41.222.32.14
DIAMATRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gtotrust.com/wp-content/uploads/2022/11/KITE-LOGO_result-300x195.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

41.222.32.14 , South Africa, ASN327979 (DIAMATRIX, ZA),

Reverse DNS

wp14.domains.co.za

Software

LiteSpeed /

Resource Hash

e536abcac110a88373a4599cdb7371c41fd42925d21c3d6963fd096f1b1bebc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtotrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:57:18 GMT
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 04 Nov 2022 11:34:44 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7436
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:57:18 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7FE7 28 B
54 B 34ms
34ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Goog-Request-Time: 1674046640176
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HUD8zvv4fY4?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fgtotrust.com&widgetid=1
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1V3Jwbl9wczRBWSit2Z-eBg%3D%3D
X-YouTube-Ad-Signals: dt=1674046637596&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 18 Jan 2023 12:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 18 Jan 2023 12:57:20 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -8oSRrC00Ao
.youtube.com/	1970-01-20 13:19:58	Name: DEVICE_INFO Value: ChxOekU0T1RrM05UVTFPRFF6TWpjMk16UTNNdz09EK3Zn54GGK3Zn54G
.youtube.com/	1970-01-20 13:19:58	Name: VISITOR_INFO1_LIVE Value: 5Wrpn_ps4AY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js(Line 1112) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtotrust.com
i-ballmedia.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
169.239.217.31
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2006
2a00:1450:400d:806::2003
2a00:1450:400d:806::2016
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2004
41.222.32.14
0b79b191a7e97d8fb165ad70128825eb4fedd69d2677e55de7aff76793da3883
131d7ee76b779886898c901bfa19c90b68917c8e4b4b4cc9d929e53a9ecc92a2
188d810cc883fcbf994c6afbd9b5f7e8f0cfd8185ce38ad9365887c21ed0a720
1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833
1e506c40a64a8fe2c799f147e28c5316dd5e70b5820383e52170486d158c92b8
200aa05dd8707ca5b1e8bdca26b85baaa9db1e71849c989fb434f482b1f9391c
21852a2df891a0e7fa18362fc1cd141681f8b22a7825201ec3ed45e3124ca824
220014e671b6f67906f9e5f81444b16f524c7c117ad571d0759965d45e65271a
23ac0e60892a41bc44d642040b8ffa58a85d14eb23b67a4f8cfdebed08b4355c
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
2b0b0eea961d7abeada36ab97309badbc0e6931ddf16a597d4eafa477c7e7ee1
33abdf1da701ffb0039838332d89cfa7a4987ba736e5a5be9d398d418bf4ba61
3614cac69319b945ec4d953e63cb7af9348906498957df989bd2e06e9b280e39
36530e78725370c5013bc7834f0dd22520b0c8df51925978754e27e1f0975359
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
434967e3a46663558c534688d0054e4bad8f3301c863b4a17f66080065da0c57
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bc9573c1a9283d3d1004437339bb03e957b1395c50cebbb396e838b381b74b8
5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aae71838ba4983ac1f65ebdfd7ce440a13ca6721863a3b72104b8e5377117ee
6083a15a3295f6f29de647ddf5c7667b9d1b365dd1fe505ae7ea2152e81753a9
66988964c9a8d6e5e907e3311e688958d3445e2f8496a56c5a7806e333cf237d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6fb09cdef3b1853c10317b0ca6d5a536150f492b73384f1b9ddefb24b57a926f
76586c52ff46ffc123febbaf19ca22ba4ce8fe384f9f54a71eb90344d84e6132
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7a878878e97933e104a0bb0015c308f6835da873a0d6e1de913a168aea7e0217
7ab950108c967491b2fdf4b7548433bbb4d91b3cf5197276a6bc03cfa4be26bb
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87fb5bb0d8e0ca0c4d21f594e8503eb6a0023956a9eca832c11fad8ebeba3594
8f3700676a53182754044b3c365940f917c7d4f4f9b8d72b1901cc6d8512eb12
8fdbf9efc2a3dee59ac086edff2cca2c66184470cb4d88cf8eacc574a45cef51
98c4752b756f907c84034742da3b9d9d5be1002fc1d217c59260facac6aabed5
a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306
a61096a9b871236d71cc2ce7a54b5d48256a32c51667059927b5a23c9ca5bcf8
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a91c2d91bbd65f628e92534e58c3bd88b7690eac35ba73190c4cdcc852cd8302
aaa30720d478c9319656a698504a84ca2d0b395180a39c9be4ebd686be7e8525
ab2f98ec57787d4ee5fb8945dafb335addd10dc2bc6e7413af1af311a647a7ca
abd488d857a65620fd0b12f6c46441267cd28b55181524865852f8c6565b9ae6
bbd6756119921ed1ef3c0adbfed0fae459397dff872ea60bc93168a82b33996c
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c
c24bbc961b8e37845c94a03ec71d9a0aaa1ef3faaf2277c2f0f6f8781c19efb5
c266bcc7e8d53667c107a84399de2f628009e5aac7921289344174aa204bf772
c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a
c6b64fbb84d3de4cada47433cfc36b22b511e63e7c55ee1f88a9a5075f01b5f8
c783a743a5680e9f8460d3d68de30f185001a8a512f7b9a5142e6d735fcc3b0b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d5f420c5f254202373c52598749814a5c1e34ca2f90807504335f8dd9b91277c
d7ca3a127cce1124a2f9ec789728fb6ace30810f60accf2882ebb48a87414adb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e536abcac110a88373a4599cdb7371c41fd42925d21c3d6963fd096f1b1bebc4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f20e9c58565d82376d20f1e5af682c0bf78105fbe07226178d6095521e1bd68e
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f5e5adef1738c6034fc9fa4772da9a0b4f0632d8a5183988cb73e1aa34cc2857

gtotrust.com Open in urlscan Pro 41.222.32.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

83 %IPv6

9 Domains

12 Subdomains

13 IPs

3 Countries

2247 kBTransfer

5519 kBSize

3 Cookies

5 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gtotrust.com Open in urlscan Pro
41.222.32.14 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

2247 kB
Transfer

5519 kB
Size

3
Cookies

59 HTTP transactions
9 data transactions