webapp.gruw.io Open in urlscan Pro
2620:0:890::100  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response webapp.gruw.io/	1 KB 806 B	403ms 132ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e13493e034ba45c869c7c9ad44742c7cbb861eb045462b6b307e54d22096249d Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 455 content-type text/html; charset=utf-8 date Fri, 13 Dec 2024 20:53:53 GMT etag "6a0185617c252c49b450b0cb2cb6f2e4eb4c1b564e3c14fec387873a1d98f4a6-br" last-modified Fri, 13 Dec 2024 18:56:33 GMT strict-transport-security max-age=31556926 vary x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-served-by cache-bur-kbur8200141-BUR x-timer S1734123234.621037,VS0,VE60
GET H2	200	flutter_bootstrap.js Show response webapp.gruw.io/	8 KB 3 KB	188ms 187ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/flutter_bootstrap.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4075928da61018629e57c1b4b3d76500d03f76a2bc75a8410e44d5d0056729ae Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "726234064bb870fe6332fea9c1776c299d0156d7889038d6b2f06e5e21ed5f5a-br" x-timer S1734123234.763954,VS0,VE116 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 2785 date Fri, 13 Dec 2024 20:53:53 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 13 Dec 2024 18:56:33 GMT x-served-by cache-bur-kbur8200141-BUR x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H3	200	favicon.png webapp.gruw.io/	917 B 1 KB	126ms 125ms	Other image/png	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/favicon.png Protocol H3 Security QUIC, , AES_256_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "0cab6e3dd5a9f008afdd133e1e1207cf65f2f2a10eb6712e3c209d8a5f76425a-br" x-timer S1734123234.961662,VS0,VE52 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 777 date Fri, 13 Dec 2024 20:53:54 GMT content-type image/png last-modified Fri, 13 Dec 2024 18:56:33 GMT x-served-by cache-lax-kwhp1940055-LAX x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H2	200	canvaskit.wasm Show response www.gstatic.com/flutter-canvaskit/83bacfc52569459a4a654727cad2546820cb0d6a/chromium/	5 MB 1 MB	607ms 274ms	Fetch application/wasm	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/flutter-canvaskit/83bacfc52569459a4a654727cad2546820cb0d6a/chromium/canvaskit.wasm Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/flutter_bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4b279a4f7c833ca3819d8a8de85d711af87ac47992df91617cb325f6941bd2fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-encoding br age 29197 report-to {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 12:47:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 12:47:18 GMT last-modified Tue, 10 Dec 2024 19:11:52 GMT content-type application/wasm vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="flutter-team" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team accept-ranges bytes access-control-allow-origin * content-length 1542276 x-xss-protection 0 server sffe
GET H2	200	canvaskit.js Show response www.gstatic.com/flutter-canvaskit/83bacfc52569459a4a654727cad2546820cb0d6a/chromium/	91 KB 26 KB	467ms 135ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/flutter-canvaskit/83bacfc52569459a4a654727cad2546820cb0d6a/chromium/canvaskit.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/flutter_bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edd9778c1196f50bdedb22692084ad11a7625ace0ac3b9ea7e31421d0af14af4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding br age 24577 report-to {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 14:04:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 14:04:18 GMT last-modified Tue, 10 Dec 2024 19:11:33 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="flutter-team" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team accept-ranges bytes access-control-allow-origin * content-length 26056 x-xss-protection 0 server sffe
GET H3	200	main.dart.js Show response webapp.gruw.io/	3 MB 0	3ms 3ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/main.dart.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/flutter_bootstrap.js Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 0b19b4e54478d27fef10408b002ad33504c3df9910c3e103cd16032a708c56c9 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "7c3b2324382250d136b7e60b643fb5545c82075dab55716e9d68aa73a1dc17e8-br" x-timer S1734123234.212450,VS0,VE385 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 621024 date Fri, 13 Dec 2024 20:53:54 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 13 Dec 2024 18:56:33 GMT vary x-fh-requested-host, accept-encoding x-cache-hits 0 x-served-by cache-lax-kwhp1940055-LAX
GET H3	200	FontManifest.json Show response webapp.gruw.io/assets/	82 B 0	9ms 9ms	Fetch application/json
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/assets/FontManifest.json Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 28b1eb2b3d2e1ad60b8c8b0f9100b1ccbf492f7fa97f5bebb51ea97e73926e7d Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "210667deefef655c75d32a0c4132f33b81f91d01861ca0dca46e4a50fc7f4296-br" x-timer S1734123235.527882,VS0,VE73 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 71 date Fri, 13 Dec 2024 20:53:54 GMT content-type application/json last-modified Fri, 13 Dec 2024 18:56:33 GMT vary x-fh-requested-host, accept-encoding x-cache-hits 0 x-served-by cache-lax-kwhp1940055-LAX
GET H3	200	MaterialIcons-Regular.otf Show response webapp.gruw.io/assets/fonts/	9 KB 0	168ms 168ms	Fetch font/otf
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/assets/fonts/MaterialIcons-Regular.otf Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 892a3626de49d5c74600c346a3347e2834fd0be84da2e0821c32023dad1dda41 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "6de2e5dea562e651079caaab8899996d84d0f588f994ba75b2e31e48da03ee09-br" x-timer S1734123236.063226,VS0,VE83 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 4258 date Fri, 13 Dec 2024 20:53:56 GMT content-type font/otf last-modified Fri, 13 Dec 2024 18:56:33 GMT vary x-fh-requested-host, accept-encoding x-cache-hits 0 x-served-by cache-lax-kwhp1940055-LAX
GET H3	200	KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response fonts.gstatic.com/s/roboto/v20/	167 KB 89 KB	323ms 144ms	Fetch font/ttf	142.250.80.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f3.1e100.net Software sffe / Resource Hash 017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 90585 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 12 Dec 2025 19:44:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 19:44:11 GMT last-modified Wed, 24 Jul 2019 01:18:48 GMT content-type font/ttf vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 91230 x-xss-protection 0 server sffe
GET H2	200	client Show response accounts.google.com/gsi/	226 KB 86 KB	444ms 173ms	Script application/javascript	2607:f8b0:4004:c08::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dfb05760cc9f8fc856db99f8b2847901c79de1869e3acca1593b3ab1e6581cae Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lWwV2z4CqGFNH0zvKrW7Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-lWwV2z4CqGFNH0zvKrW7Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http cache-control private, max-age=1800 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} x-content-type-options nosniff expires Fri, 13 Dec 2024 20:53:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" date Fri, 13 Dec 2024 20:53:57 GMT x-xss-protection 0 content-type application/javascript; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site server ESF x-frame-options SAMEORIGIN
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/10.11.1/	99 KB 22 KB	141ms 139ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.11.1/firebase-app.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 88353 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Fri, 12 Dec 2025 20:21:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 20:21:24 GMT last-modified Thu, 25 Apr 2024 15:11:27 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 22509 x-xss-protection 0 server sffe
GET H2	200	firebase-firestore.js Show response www.gstatic.com/firebasejs/10.11.1/	426 KB 109 KB	142ms 141ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.11.1/firebase-firestore.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f379b66e553a2c6becce312f1f445ed4a436bec29b9823a337dc3f75c712ce7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 29872 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 12:36:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 12:36:05 GMT last-modified Thu, 25 Apr 2024 15:12:27 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 111667 x-xss-protection 0 server sffe
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/10.11.1/	29 KB 9 KB	146ms 145ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.11.1/firebase-analytics.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c75b37a48bfd99927dd587d1216f540bbe0d37d4bfe8d5cc31da7cdad720bd7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 25484 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 13:49:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 13:49:13 GMT last-modified Thu, 25 Apr 2024 15:11:52 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 9402 x-xss-protection 0 server sffe
GET H2	200	firebase-auth.js Show response www.gstatic.com/firebasejs/10.11.1/	147 KB 39 KB	147ms 146ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.11.1/firebase-auth.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 42765 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 09:01:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 09:01:12 GMT last-modified Thu, 25 Apr 2024 15:11:49 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 40023 x-xss-protection 0 server sffe
GET H2	200	firebase-storage.js Show response www.gstatic.com/firebasejs/10.11.1/	45 KB 14 KB	148ms 148ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.11.1/firebase-storage.js Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 690e51e921b9450df68d6afc3e3084d2876a92da43786e338d19edb2e8d06d68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://webapp.gruw.io Referer https://webapp.gruw.io/ Response headers content-encoding gzip age 55591 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 05:27:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 05:27:26 GMT last-modified Thu, 25 Apr 2024 15:12:13 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 13798 x-xss-protection 0 server sffe
HEAD H3	200	/ Show response one.one.one.one/	0 885 B	196ms 104ms	XHR text/html	1.0.0.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://one.one.one.one/ Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Security QUIC, , AES_128_GCM Server 1.0.0.1 , Australia, ASN13335 (CLOUDFLARENET, US), Reverse DNS one.one.one.one Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'sha256-qcMXZ/ErgDG9p2Htysz9era6iflv8JXya41zOY0slSc=' 'sha256-ydM8qJ+T0Nd7adK8t34/cs0GvvCG0JBujCWzV3uML8E=' 'sha256-TzTXRDJBcbY1qVQheGb/4iSGqKPqCg6XVoerYf5BYMY=' embed.cloudflarestream.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' data:; font-src fonts.gstatic.com; connect-src 'self' 1.1.1.1 1.0.0.1 *.cloudflare-dns.com *.help.every1dns.net; frame-src embed.cloudflarestream.com; manifest-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-encoding gzip etag W/"e3b0b55949321bee09e380eb849f90fd" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HV%2Bo3QBef40MTztKeF3pkTOUcbWNSx1P5QS%2Bqe2vmRYAOt1xjdETXl27PIwzQHoAoIVVHXLEcrHS8DQv0HcFC90xe2re3rVmI%2FePyJ7enpaSREdZLar1kDKUX82ofFucjA%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 13 Dec 2024 20:53:57 GMT content-type text/html; charset=utf-8 vary Accept-Encoding priority u=1,i x-frame-options DENY content-security-policy default-src 'none'; script-src 'self' 'sha256-qcMXZ/ErgDG9p2Htysz9era6iflv8JXya41zOY0slSc=' 'sha256-ydM8qJ+T0Nd7adK8t34/cs0GvvCG0JBujCWzV3uML8E=' 'sha256-TzTXRDJBcbY1qVQheGb/4iSGqKPqCg6XVoerYf5BYMY=' embed.cloudflarestream.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' data:; font-src fonts.gstatic.com; connect-src 'self' 1.1.1.1 1.0.0.1 *.cloudflare-dns.com *.help.every1dns.net; frame-src embed.cloudflarestream.com; manifest-src 'self' nel {"report_to":"cf-nel","max_age":604800} cache-control public, max-age=0, must-revalidate referrer-policy strict-origin-when-cross-origin cf-ray 8f18d8bacd8b69ac-LAX access-control-allow-origin * server cloudflare
HEAD H3	200	/ Show response icanhazip.com/	0 373 B	197ms 91ms	XHR text/plain	104.16.184.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://icanhazip.com/ Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.184.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers access-control-allow-methods GET cf-ray 8f18d8bae8abcf16-SJC access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 16 server-timing cfExtPri date Fri, 13 Dec 2024 20:53:57 GMT content-type text/plain vary Accept-Encoding server cloudflare priority u=1,i
HEAD H3	200	1 Show response jsonplaceholder.typicode.com/todos/	0 986 B	396ms 297ms	XHR application/json	172.67.167.151 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsonplaceholder.typicode.com/todos/1 Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.167.151 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-encoding zstd cf-cache-status MISS etag W/"53-hfEnumeNh6YirfjyjaujcOPPT+s" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1734123237&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=NdFbK%2Fn5ioZU1ep9gYOZu1F%2FbpE1RBewH9rgOpRXSr0%3D"}]} x-content-type-options nosniff expires -1 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=71843&min_rtt=70661&rtt_var=12265&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4117&recv_bytes=4417&delivery_rate=292&cwnd=12000&unsent_bytes=0&cid=5406d0c7eb00a4bf&ts=310&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 13 Dec 2024 20:53:57 GMT content-type application/json; charset=utf-8 vary Origin, Accept-Encoding priority u=1,i reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1734123237&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=NdFbK%2Fn5ioZU1ep9gYOZu1F%2FbpE1RBewH9rgOpRXSr0%3D nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} cache-control max-age=43200 pragma no-cache x-ratelimit-reset 1734123272 access-control-allow-credentials true via 1.1 vegur x-ratelimit-remaining 999 cf-ray 8f18d8bad9252aec-LAX access-control-allow-origin https://webapp.gruw.io x-ratelimit-limit 1000 x-powered-by Express server cloudflare
HEAD H2	200	1 Show response reqres.in/api/users/	0 765 B	564ms 380ms	XHR application/json	2606:4700:20::ac43:49ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://reqres.in/api/users/1 Requested by Host: webapp.gruw.io URL: https://webapp.gruw.io/main.dart.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/ Response headers content-encoding br cf-cache-status MISS etag W/"152-u+PREu/p8Opn/uEvEGESR7Dst7c" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1734123237&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=%2FaR%2FaXn%2BnTHu8692LoX3exQk3FJi8paaQKkxMxQSe3s%3D"}]} server-timing cfL4;desc="?proto=TCP&rtt=70486&min_rtt=70136&rtt_var=11764&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2229&delivery_rate=55357&cwnd=254&unsent_bytes=0&cid=2d19ed45b1907709&ts=394&x=0" date Fri, 13 Dec 2024 20:53:57 GMT content-type application/json; charset=utf-8 vary Accept-Encoding reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1734123237&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=%2FaR%2FaXn%2BnTHu8692LoX3exQk3FJi8paaQKkxMxQSe3s%3D nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} cache-control max-age=14400 via 1.1 vegur cf-ray 8f18d8bb5ee02acb-LAX access-control-allow-origin * x-powered-by Express server cloudflare
GET H3	200	favicon.png webapp.gruw.io/	917 B 0	5ms 5ms	Other image/png
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/favicon.png Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/Startup Response headers cache-control max-age=3600 content-encoding br etag "0cab6e3dd5a9f008afdd133e1e1207cf65f2f2a10eb6712e3c209d8a5f76425a-br" x-timer S1734123234.961662,VS0,VE52 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 777 date Fri, 13 Dec 2024 20:53:54 GMT content-type image/png last-modified Fri, 13 Dec 2024 18:56:33 GMT vary x-fh-requested-host, accept-encoding x-cache-hits 0 x-served-by cache-lax-kwhp1940055-LAX
GET H3	200	favicon.png webapp.gruw.io/	917 B 0	8ms 8ms	Other image/png
General Check archive.org Show headers Download Go to Full URL https://webapp.gruw.io/favicon.png Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://webapp.gruw.io/Auth Response headers cache-control max-age=3600 content-encoding br etag "0cab6e3dd5a9f008afdd133e1e1207cf65f2f2a10eb6712e3c209d8a5f76425a-br" x-timer S1734123234.961662,VS0,VE52 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache MISS content-length 777 date Fri, 13 Dec 2024 20:53:54 GMT content-type image/png last-modified Fri, 13 Dec 2024 18:56:33 GMT vary x-fh-requested-host, accept-encoding x-cache-hits 0 x-served-by cache-lax-kwhp1940055-LAX
GET		style accounts.google.com/gsi/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

accounts.google.com

URL

https://accounts.google.com/gsi/style

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _flutter object| flutterCanvasKitLoaded object| flutterCanvasKit function| onGoogleLibraryLoad object| firebase_core object| firebase_analytics object| firebase_storage object| firebase_auth object| firebase_firestore object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_781041

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://webapp.gruw.io/Startup Message: [GroupMarkerNotSet(crbug.com/242999)!:A02063008C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://webapp.gruw.io/Startup Message: [GroupMarkerNotSet(crbug.com/242999)!:A0303B038C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://webapp.gruw.io/Auth Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C062008C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
fonts.gstatic.com
icanhazip.com
jsonplaceholder.typicode.com
one.one.one.one
reqres.in
webapp.gruw.io
www.gstatic.com
accounts.google.com
1.0.0.1
104.16.184.241
142.250.80.35
172.67.167.151
199.36.158.100
2606:4700:20::ac43:49ad
2607:f8b0:4004:c08::54
2607:f8b0:4006:809::2003
2620:0:890::100
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7
0b19b4e54478d27fef10408b002ad33504c3df9910c3e103cd16032a708c56c9
28b1eb2b3d2e1ad60b8c8b0f9100b1ccbf492f7fa97f5bebb51ea97e73926e7d
4075928da61018629e57c1b4b3d76500d03f76a2bc75a8410e44d5d0056729ae
4b279a4f7c833ca3819d8a8de85d711af87ac47992df91617cb325f6941bd2fc
5f379b66e553a2c6becce312f1f445ed4a436bec29b9823a337dc3f75c712ce7
690e51e921b9450df68d6afc3e3084d2876a92da43786e338d19edb2e8d06d68
7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015
892a3626de49d5c74600c346a3347e2834fd0be84da2e0821c32023dad1dda41
c75b37a48bfd99927dd587d1216f540bbe0d37d4bfe8d5cc31da7cdad720bd7f
dfb05760cc9f8fc856db99f8b2847901c79de1869e3acca1593b3ab1e6581cae
e13493e034ba45c869c7c9ad44742c7cbb861eb045462b6b307e54d22096249d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd9778c1196f50bdedb22692084ad11a7625ace0ac3b9ea7e31421d0af14af4