lab.gtosecurity.xyz Open in urlscan Pro
2606:4700:30::681f:42eb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lab.gtosecurity.xyz/
Submission: On December 20 via automatic, source certstream-suspicious (December 20th 2019, 1:32:14 am UTC)

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::681f:42eb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is lab.gtosecurity.xyz.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 9th 2019. Valid for: 10 months.

This is the only time lab.gtosecurity.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:30:... 2606:4700:30::681f:42eb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	35.186.219.42 35.186.219.42	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.174.159.248 35.174.159.248	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	2606:4700::68... 2606:4700::6811:9d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
17	8

9 2606:4700:30::681f:42eb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

lab.gtosecurity.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.219.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 42.219.186.35.bc.googleusercontent.com

wellmadefrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.159.248 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-174-159-248.compute-1.amazonaws.com

app.satismeter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:9d0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

badge.hardenize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.6 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gtosecurity.xyz lab.gtosecurity.xyz	273 KB
2	hardenize.com 1 redirects badge.hardenize.com	5 KB
2	satismeter.com app.satismeter.com	42 KB
2	wellmadefrog.com wellmadefrog.com	32 KB
1	googlesyndication.com tpc.googlesyndication.com
1	doubleclick.net ad.doubleclick.net	608 B
1	cloudflare.com ajax.cloudflare.com	4 KB
17	7

	Domain	Requested by
9	lab.gtosecurity.xyz	lab.gtosecurity.xyz ajax.cloudflare.com
2	badge.hardenize.com	1 redirects
2	app.satismeter.com	lab.gtosecurity.xyz app.satismeter.com
2	wellmadefrog.com	lab.gtosecurity.xyz wellmadefrog.com
1	tpc.googlesyndication.com	wellmadefrog.com
1	ad.doubleclick.net	wellmadefrog.com
1	ajax.cloudflare.com	lab.gtosecurity.xyz
17	7

This site contains links to these domains. Also see Links.

Domain
wordpress.org
es.wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-09` - `2020-10-09`	10 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
wellmadefrog.com Let's Encrypt Authority X3	`2019-11-19` - `2020-02-17`	3 months	crt.sh
app.satismeter.com Let's Encrypt Authority X3	`2019-11-15` - `2020-02-13`	3 months	crt.sh
ssl760680.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lab.gtosecurity.xyz/
Frame ID: CFAD7EE6E8B10054AEC6077D623E4DAB
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: C2128C53EB6832A8174F16508CBB5848
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

17
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

358 kB
Transfer

736 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: https://es.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://badge.hardenize.com/v2/images/hardenize-badge-lab.gtosecurity.xyz.png HTTP 302
https://badge.hardenize.com/v2/images/hardenize-badge-standard.png

17 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lab.gtosecurity.xyz/ 29 KB
7 KB 362ms
300ms Document
text/html 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d147d9c0643fffaaf3d886ea095f69f9f60c79172eae9db2eec2c48dc25640c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: lab.gtosecurity.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Fri, 20 Dec 2019 01:31:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbc7050374c7ef198195fb5fb0795aa541576805516; expires=Sun, 19-Jan-20 01:31:56 GMT; path=/; domain=.gtosecurity.xyz; HttpOnly; SameSite=Lax
cf-ray: 547ddc0b8e43cbc8-VIE
link: <https://lab.gtosecurity.xyz/?rest_route=/>; rel="https://api.w.org/"
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
content-encoding: br

GET
H2 200 2ZM8EQJAgkf159nlb_fBnl23JIk.js Show response
lab.gtosecurity.xyz/cdn-cgi/apps/head/ 11 KB
4 KB 398ms
397ms Script
application/javascript 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/cdn-cgi/apps/head/2ZM8EQJAgkf159nlb_fBnl23JIk.js

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1d0035a169f73b281d42878afa39906c178399a76fcb5ce7740c4a6226d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: CF8B02E5C15B878A
cf-ray: 547ddc0d78a4cbc8-VIE
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: NyVpUgYUwe9nr/kUyRUX6UrkIvhEOY6SdniZwSoHCArK035P1vrpJrkzJf9WkrjBZbZQqwYo5Pc=
last-modified: Sun, 15 Dec 2019 23:18:03 GMT
server: cloudflare
etag: W/"b133a3e133ef8a05df3a365fc8e98989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-version-id: GPfzxejQny.sb_paLj1KaoYSMAMCD3rE
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8

GET
H2 200 style.css
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/ 116 KB
21 KB 380ms
379ms Stylesheet
text/css 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-content/themes/twentytwenty/style.css?ver=1.1

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5477266df449c87ffea7318d0c6a7b4bda63cbd37ba52081f4bfabe7ff110bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 01:09:45 GMT
server: cloudflare
etag: W/"1d15a-5dfc1f59-338b6;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 547ddc0d78a1cbc8-VIE
expires: Fri, 27 Dec 2019 01:31:56 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:56 GMT
content-encoding: gzip
last-modified: Wed, 18 Dec 2019 10:56:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfa05cc-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 547ddc0d7911599a-VIE
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sun, 22 Dec 2019 01:31:56 GMT

GET
H2 200 12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9 Show response
wellmadefrog.com/ 99 KB
31 KB 355ms
231ms Script
text/javascript 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://wellmadefrog.com/12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/cdn-cgi/apps/head/2ZM8EQJAgkf159nlb_fBnl23JIk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

42.219.186.35.bc.googleusercontent.com

Software

Resource Hash

7d45cd7d2d25c7608e0940350f07f84f8b678e860f260eccf9b46350cadeb2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: 527c3e9d3e12ea453ce12c6a3e5413e5f244c3947c12b52687b7ea8ef613394e
vary: Accept-Encoding
x-hostname: fabio
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Fri, 20 Dec 2019 01:31:57 GMT
timing-allow-origin: *

GET
H2 200 Iyv4GygtL2TdgheiJ2yC8EI65sk.js Show response
lab.gtosecurity.xyz/cdn-cgi/apps/body/ 36 KB
11 KB 408ms
407ms Script
application/javascript 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/cdn-cgi/apps/body/Iyv4GygtL2TdgheiJ2yC8EI65sk.js

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/cdn-cgi/apps/head/2ZM8EQJAgkf159nlb_fBnl23JIk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2be85de91edce5ada3a60555bdbea93058748cf7bc6d7b7feec9e56b0bf030f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 60ABCEDB34403D13
cf-ray: 547ddc0ffb7fcbc8-VIE
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: RPsA3AT9+7mdy3VpfE03TiHS9JrHPg1Cnns8r58++oaIEgJXD9vZ4FvbR41TUJ9kAa3ZIiiPlZ8=
last-modified: Sun, 15 Dec 2019 23:18:03 GMT
server: cloudflare
etag: W/"2429cf9c29559a69947bed8f57dab5f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-version-id: aVg3M7e6drNeNISOpVOUN.NLOxbyjQLT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8

GET
H2 200 print.css
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/ 3 KB
964 B 256ms
255ms Stylesheet
text/css 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-content/themes/twentytwenty/print.css?ver=1.1

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e410433d8b8584dfb1292e8fec02646c7fdfe7986b51e37da8be9d5c893798

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 01:09:45 GMT
server: cloudflare
etag: W/"a0e-5dfc1f59-338b5;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 547ddc105bfccbc8-VIE
expires: Fri, 27 Dec 2019 01:31:56 GMT

GET
H2 200 Inter-upright-var.woff2
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/fonts/inter/ 219 KB
219 KB 509ms
509ms Font
font/woff2 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://lab.gtosecurity.xyz/wp-content/themes/twentytwenty/style.css?ver=1.1
Origin: https://lab.gtosecurity.xyz

Response headers

date: Fri, 20 Dec 2019 01:31:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 223892
last-modified: Fri, 20 Dec 2019 01:09:45 GMT
server: cloudflare
etag: "36a94-5dfc1f59-c72063;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 547ddc106c09cbc8-VIE
expires: Fri, 27 Dec 2019 01:31:57 GMT

GET
DATA 200
OK truncated
/ 808 B
808 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2314a04de305a6bcf2bc9d951d3a0596084649fce911b7e4e085d0c69ac6985b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://lab.gtosecurity.xyz

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 wp-embed.min.js Show response
lab.gtosecurity.xyz/wp-includes/js/ 1 KB
784 B 258ms
258ms Script
application/x-javascript 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-includes/js/wp-embed.min.js?ver=4.7.12

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 01:13:15 GMT
server: cloudflare
etag: W/"576-5dfc202b-734094;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 547ddc108c4dcbc8-VIE
expires: Fri, 27 Dec 2019 01:31:57 GMT

GET
H2 200 index.js Show response
lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/js/ 24 KB
6 KB 266ms
266ms Script
application/x-javascript 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f667621bdd1ef8ce6b9de82c0a0ef5555ace64c90433af14ea4133a943c4e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 01:09:45 GMT
server: cloudflare
etag: W/"61b1-5dfc1f59-338a9;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 547ddc108c4fcbc8-VIE
expires: Fri, 27 Dec 2019 01:31:57 GMT

GET
H/1.1 200
OK satismeter.js Show response
app.satismeter.com/ 162 KB
41 KB 537ms
248ms Script
application/javascript 35.174.159.248
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/satismeter.js

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/cdn-cgi/apps/body/Iyv4GygtL2TdgheiJ2yC8EI65sk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.159.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-174-159-248.compute-1.amazonaws.com

Software

Cowboy / Express

Resource Hash

99187c3e8d1d328c972d99d42e8c632d0bf7408fa99b3a70918ca62f03bb46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Etag: W/"a26e-16f1dfda218"
Last-Modified: Thu, 19 Dec 2019 11:49:19 GMT
Server: Cowboy
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Date: Fri, 20 Dec 2019 01:31:57 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41582
X-Request-Id: 63fdd8f0-a86d-46f7-b841-e16a351e15d3

GET
DATA 200
OK truncated
/ 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17dd310e079fb0d6f96f630c76054f84c9f9ac194f51efa2783fff32b76339be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H/1.1 200
OK widget Show response
app.satismeter.com/api/ 1 KB
1 KB 401ms
147ms XHR
application/json 35.174.159.248
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/satismeter.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.159.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-174-159-248.compute-1.amazonaws.com

Software

Cowboy / Express

Resource Hash

cc4e4e3bc93d625bfc5c018149e8268004b0010041bf3e0df8503b91a0d6b353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://lab.gtosecurity.xyz/
Origin: https://lab.gtosecurity.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Etag: W/"4e3-JW+ZWANQczBq7+3VzFWNCUobR/s"
Access-Control-Allow-Origin: *
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: dc8a003d-54a1-4054-bdef-471647c1064b
Server: Cowboy
Date: Fri, 20 Dec 2019 01:31:58 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT,POST
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Access-Control-Expose-Headers: Location,Auth-Token
Access-Control-Allow-Headers: Content-Type,Auth-Token

GET
H2 200 wp-emoji-release.min.js Show response
lab.gtosecurity.xyz/wp-includes/js/ 11 KB
4 KB 262ms
261ms Script
application/x-javascript 2606:4700:30::681f:42eb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.gtosecurity.xyz/wp-includes/js/wp-emoji-release.min.js?ver=4.7.12

Requested by

Host: lab.gtosecurity.xyz
URL: https://lab.gtosecurity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:42eb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 01:13:15 GMT
server: cloudflare
etag: W/"2c96-5dfc202b-788269;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 547ddc16cbb5cbc8-VIE
expires: Fri, 27 Dec 2019 01:31:57 GMT

GET
H2

200

hardenize-badge-standard.png
badge.hardenize.com/v2/images/
Redirect Chain

https://badge.hardenize.com/v2/images/hardenize-badge-lab.gtosecurity.xyz.png
https://badge.hardenize.com/v2/images/hardenize-badge-standard.png

4 KB
5 KB

22ms
22ms

Image
image/png

2606:4700::6811:9d0d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://badge.hardenize.com/v2/images/hardenize-badge-standard.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9d0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6278834157cb1f6a1c2f7e48bdda285403fad41f9320576d298763365a412294

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:31:58 GMT
cf-cache-status: HIT
age: 3003
status: 200
content-type: image/png
content-length: 4282
x-amz-id-2: YdIdNUQVB1mUdIFbO+oTzVV5X6RPLaRekiMVDl0guqHmeYFmGDgURQtjJmI6MF8IgN9Jz9cSSdw=
last-modified: Wed, 25 Oct 2017 10:03:56 GMT
server: cloudflare
etag: "41a634359bef829b94f655bb64e0c60b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A6F98972AFCEF43B
cache-control: public, max-age=3600
x-amz-version-id: xmqJvfNVEZdaAJSM_asz7Nkk4pNMFv32
accept-ranges: bytes
cf-ray: 547ddc1a3f0fcbc0-VIE

Redirect headers

date: Fri, 20 Dec 2019 01:31:58 GMT
cf-cache-status: MISS
server: cloudflare
x-amz-request-id: 8B4325BB2C6D8F53
location: https://badge.hardenize.com/v2/images/hardenize-badge-standard.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 302
cf-ray: 547ddc173b24cbc0-VIE
content-length: 0
x-amz-id-2: YnHK3yin2NihRnFf6O+yhyykgVhU0+VdHH5Rd7dYGrYZ46kVIOx6Ht8MlsxtinX3gmFz1RjHJqE=

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Akyhk Show response
ad.doubleclick.net/ddm/adj/Bqxov/ 11 B
608 B 84ms
33ms Script
text/javascript 172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bqxov/Akyhk

Requested by

Host: wellmadefrog.com
URL: https://wellmadefrog.com/12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lab.gtosecurity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Dec 2019 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame C212 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: wellmadefrog.com
URL: https://wellmadefrog.com/12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://lab.gtosecurity.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://lab.gtosecurity.xyz/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 05 Dec 2019 12:45:44 GMT
expires: Fri, 04 Dec 2020 12:45:44 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1255574
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 pxd0rs4Poidi7B2vFA-8A1ZsBFqj5vi5NPnH3u5M9XwzR-o9kj_VC_2V4aOrtewT5iKIxc Show response
wellmadefrog.com/v2/0/ 216 B
589 B 95ms
33ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://wellmadefrog.com/v2/0/pxd0rs4Poidi7B2vFA-8A1ZsBFqj5vi5NPnH3u5M9XwzR-o9kj_VC_2V4aOrtewT5iKIxc

Requested by

Host: wellmadefrog.com
URL: https://wellmadefrog.com/12279de0db82f33c446fc2298fcf0a32dc36b53315bdffc813e221a979bf6a7c4f2b6397c5882384412dc8a95116a51969270fc159293e69a00485cdccc9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

42.219.186.35.bc.googleusercontent.com

Software

Resource Hash

13bfb9daf305cf5b4dfd13f1da245678d1a0dc1c551b0fc6fa79bed0dffe287d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://lab.gtosecurity.xyz/
Origin: https://lab.gtosecurity.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 20 Dec 2019 01:31:58 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fabio
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 20 Dec 2019 01:31:57 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lab.gtosecurity.xyz/	1970-01-19 14:45:45	Name: sm_anonymous_id Value: 0a8810b2-1834-4975-8c5f-d085b63ad18a
			.gtosecurity.xyz/	1970-01-19 06:43:17	Name: __cfduid Value: dbc7050374c7ef198195fb5fb0795aa541576805516

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.cloudflare.com
app.satismeter.com
badge.hardenize.com
lab.gtosecurity.xyz
tpc.googlesyndication.com
wellmadefrog.com
172.217.22.6
2606:4700:30::681f:42eb
2606:4700::6811:4004
2606:4700::6811:9d0d
2a00:1450:4001:821::2001
35.174.159.248
35.186.219.42
13bfb9daf305cf5b4dfd13f1da245678d1a0dc1c551b0fc6fa79bed0dffe287d
17dd310e079fb0d6f96f630c76054f84c9f9ac194f51efa2783fff32b76339be
2314a04de305a6bcf2bc9d951d3a0596084649fce911b7e4e085d0c69ac6985b
2be85de91edce5ada3a60555bdbea93058748cf7bc6d7b7feec9e56b0bf030f4
3d1d0035a169f73b281d42878afa39906c178399a76fcb5ce7740c4a6226d66e
5477266df449c87ffea7318d0c6a7b4bda63cbd37ba52081f4bfabe7ff110bee
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
6278834157cb1f6a1c2f7e48bdda285403fad41f9320576d298763365a412294
7d45cd7d2d25c7608e0940350f07f84f8b678e860f260eccf9b46350cadeb2c0
99187c3e8d1d328c972d99d42e8c632d0bf7408fa99b3a70918ca62f03bb46d3
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f667621bdd1ef8ce6b9de82c0a0ef5555ace64c90433af14ea4133a943c4e58
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b3e410433d8b8584dfb1292e8fec02646c7fdfe7986b51e37da8be9d5c893798
cc4e4e3bc93d625bfc5c018149e8268004b0010041bf3e0df8503b91a0d6b353
d147d9c0643fffaaf3d886ea095f69f9f60c79172eae9db2eec2c48dc25640c0
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

lab.gtosecurity.xyz Open in urlscan Pro 2606:4700:30::681f:42eb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

358 kBTransfer

736 kBSize

2 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

lab.gtosecurity.xyz Open in urlscan Pro
2606:4700:30::681f:42eb Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

358 kB
Transfer

736 kB
Size

2
Cookies

17 HTTP transactions
4 data transactions