lab.gtosecurity.xyz
Open in
urlscan Pro
2606:4700:30::681f:42eb
Public Scan
Submission: On December 20 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 9th 2019. Valid for: 10 months.
This is the only time lab.gtosecurity.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2606:4700:30:... 2606:4700:30::681f:42eb | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700::68... 2606:4700::6811:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 35.186.219.42 35.186.219.42 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 35.174.159.248 35.174.159.248 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 2 | 2606:4700::68... 2606:4700::6811:9d0d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 172.217.22.6 172.217.22.6 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2001 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
17 | 8 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lab.gtosecurity.xyz |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 42.219.186.35.bc.googleusercontent.com
wellmadefrog.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-174-159-248.compute-1.amazonaws.com
app.satismeter.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
badge.hardenize.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
gtosecurity.xyz
lab.gtosecurity.xyz |
273 KB |
2 |
hardenize.com
1 redirects
badge.hardenize.com |
5 KB |
2 |
satismeter.com
app.satismeter.com |
42 KB |
2 |
wellmadefrog.com
wellmadefrog.com |
32 KB |
1 |
googlesyndication.com
tpc.googlesyndication.com |
|
1 |
doubleclick.net
ad.doubleclick.net |
608 B |
1 |
cloudflare.com
ajax.cloudflare.com |
4 KB |
17 | 7 |
Domain | Requested by | |
---|---|---|
9 | lab.gtosecurity.xyz |
lab.gtosecurity.xyz
ajax.cloudflare.com |
2 | badge.hardenize.com | 1 redirects |
2 | app.satismeter.com |
lab.gtosecurity.xyz
app.satismeter.com |
2 | wellmadefrog.com |
lab.gtosecurity.xyz
wellmadefrog.com |
1 | tpc.googlesyndication.com |
wellmadefrog.com
|
1 | ad.doubleclick.net |
wellmadefrog.com
|
1 | ajax.cloudflare.com |
lab.gtosecurity.xyz
|
17 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
wordpress.org |
es.wordpress.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-09 - 2020-10-09 |
10 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
wellmadefrog.com Let's Encrypt Authority X3 |
2019-11-19 - 2020-02-17 |
3 months | crt.sh |
app.satismeter.com Let's Encrypt Authority X3 |
2019-11-15 - 2020-02-13 |
3 months | crt.sh |
ssl760680.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://lab.gtosecurity.xyz/
Frame ID: CFAD7EE6E8B10054AEC6077D623E4DAB
Requests: 20 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: C2128C53EB6832A8174F16508CBB5848
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: A WordPress Commenter
Search URL Search Domain Scan URL
Title: WordPress.org
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://badge.hardenize.com/v2/images/hardenize-badge-lab.gtosecurity.xyz.png HTTP 302
- https://badge.hardenize.com/v2/images/hardenize-badge-standard.png
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
lab.gtosecurity.xyz/ |
29 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ZM8EQJAgkf159nlb_fBnl23JIk.js
lab.gtosecurity.xyz/cdn-cgi/apps/head/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/ |
116 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9
wellmadefrog.com/ |
99 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Iyv4GygtL2TdgheiJ2yC8EI65sk.js
lab.gtosecurity.xyz/cdn-cgi/apps/body/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/ |
3 KB 964 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-upright-var.woff2
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/fonts/inter/ |
219 KB 219 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
808 B 808 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
lab.gtosecurity.xyz/wp-includes/js/ |
1 KB 784 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/js/ |
24 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satismeter.js
app.satismeter.com/ |
162 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
widget
app.satismeter.com/api/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
lab.gtosecurity.xyz/wp-includes/js/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hardenize-badge-standard.png
badge.hardenize.com/v2/images/ Redirect Chain
|
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Akyhk
ad.doubleclick.net/ddm/adj/Bqxov/ |
11 B 608 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame C212 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pxd0rs4Poidi7B2vFA-8A1ZsBFqj5vi5NPnH3u5M9XwzR-o9kj_VC_2V4aOrtewT5iKIxc
wellmadefrog.com/v2/0/ |
216 B 589 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| CloudflareApps object| __cfQR function| admiral function| 4dm1r11545242527 function| satismeter number| __global_unique_id__ function| parcelRequire object| _wpemojiSettings object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents object| wp boolean| __cfRLUnblockHandlers object| twemoji2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lab.gtosecurity.xyz/ | Name: sm_anonymous_id Value: 0a8810b2-1834-4975-8c5f-d085b63ad18a |
|
.gtosecurity.xyz/ | Name: __cfduid Value: dbc7050374c7ef198195fb5fb0795aa541576805516 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
ajax.cloudflare.com
app.satismeter.com
badge.hardenize.com
lab.gtosecurity.xyz
tpc.googlesyndication.com
wellmadefrog.com
172.217.22.6
2606:4700:30::681f:42eb
2606:4700::6811:4004
2606:4700::6811:9d0d
2a00:1450:4001:821::2001
35.174.159.248
35.186.219.42
13bfb9daf305cf5b4dfd13f1da245678d1a0dc1c551b0fc6fa79bed0dffe287d
17dd310e079fb0d6f96f630c76054f84c9f9ac194f51efa2783fff32b76339be
2314a04de305a6bcf2bc9d951d3a0596084649fce911b7e4e085d0c69ac6985b
2be85de91edce5ada3a60555bdbea93058748cf7bc6d7b7feec9e56b0bf030f4
3d1d0035a169f73b281d42878afa39906c178399a76fcb5ce7740c4a6226d66e
5477266df449c87ffea7318d0c6a7b4bda63cbd37ba52081f4bfabe7ff110bee
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6278834157cb1f6a1c2f7e48bdda285403fad41f9320576d298763365a412294
7d45cd7d2d25c7608e0940350f07f84f8b678e860f260eccf9b46350cadeb2c0
99187c3e8d1d328c972d99d42e8c632d0bf7408fa99b3a70918ca62f03bb46d3
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f667621bdd1ef8ce6b9de82c0a0ef5555ace64c90433af14ea4133a943c4e58
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b3e410433d8b8584dfb1292e8fec02646c7fdfe7986b51e37da8be9d5c893798
cc4e4e3bc93d625bfc5c018149e8268004b0010041bf3e0df8503b91a0d6b353
d147d9c0643fffaaf3d886ea095f69f9f60c79172eae9db2eec2c48dc25640c0
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0