URL: https://app.getguru.com/card/ceEek8ei/SharePoint
Submission: On September 10 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 19 HTTP transactions. The main IP is 13.32.158.17, located in United States and belongs to AMAZON-02, US. The main domain is app.getguru.com.
TLS certificate: Issued by Amazon on January 14th 2021. Valid for: a year.
This is the only time app.getguru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 13.32.158.17 16509 (AMAZON-02)
4 44.240.98.83 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.228.32 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 7
Domain Requested by
5 app.getguru.com app.getguru.com
4 api.getguru.com app.getguru.com
cdnjs.cloudflare.com
3 apis.google.com app.getguru.com
apis.google.com
1 cdnjs.cloudflare.com app.getguru.com
1 cdn.pendo.io app.getguru.com
1 www.googletagmanager.com app.getguru.com
0 fonts.googleapis.com Failed app.getguru.com
0 js.hs-scripts.com Failed app.getguru.com
0 widget.intercom.io Failed app.getguru.com
0 unpkg.com Failed www.googletagmanager.com
19 10

This site contains no links.

Subject Issuer Validity Valid
*.getguru.com
Amazon
2021-01-14 -
2022-02-12
a year crt.sh
*.apis.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
cdn.pendo.io
Amazon
2021-08-29 -
2022-09-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://app.getguru.com/card/ceEek8ei/SharePoint
Frame ID: 6BB17389743DF38FDDD14C0BC92C112E
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Guru

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

79 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

7
IPs

2
Countries

3499 kB
Transfer

11739 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request SharePoint
app.getguru.com/card/ceEek8ei/
525 B
1 KB
Document
General
Full URL
https://app.getguru.com/card/ceEek8ei/SharePoint
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.158.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-158-17.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a32f8ae5c86cdf6f803015ed00842b0ea244a0d2cd8d4aff2232ca710d5e94c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
app.getguru.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Length
320
Connection
keep-alive
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 17:18:07 GMT
x-amz-version-id
tWNHq6uAhLsgat37TFvQTnbYEI8YDtDZ
Server
AmazonS3
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
Date
Fri, 10 Sep 2021 20:28:21 GMT
Cache-Control
max-age=3600
ETag
"4cf47c4f055114d828ba1360f7c8b8ba"
X-Cache
Error from cloudfront
Via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG50-C2
X-Amz-Cf-Id
Hzff4gTRHqp_K0a7p3d3_28vKOji04V9ALAtPmXnHMuvJM51yKCx6g==
Age
2650
main.css
app.getguru.com/
2 MB
608 KB
Stylesheet
General
Full URL
https://app.getguru.com/main.css?00f4c463973e716720d4
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/card/ceEek8ei/SharePoint
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.158.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-158-17.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d3bc55cf6ddffc806368b1a4152081fa02a73d6310eee26a69083a453414eff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://app.getguru.com/card/ceEek8ei/SharePoint
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/card/ceEek8ei/SharePoint
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 21:10:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
CDG50-C2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
621465
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 09 Sep 2021 17:18:02 GMT
Server
AmazonS3
X-Frame-Options
DENY
ETag
"18bd02d522e518511015ea90d5863a07"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
x-amz-version-id
hTSVP2d__qYYDp3Tuz2eoc1zW0MBelI.
Via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Content-Type
text/css
X-Amz-Cf-Id
mMGG-cE1-NNEfQC9dQ5aayXLhKiv5ymyzBzXpSzw92LFPz51qzIShA==
main.js
app.getguru.com/
8 MB
2 MB
Script
General
Full URL
https://app.getguru.com/main.js?00f4c463973e716720d4
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/card/ceEek8ei/SharePoint
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.158.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-158-17.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0097310a59d53cdaa302c577a1a0204dfd765ac60c74d4b70628308786e8653d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://app.getguru.com/card/ceEek8ei/SharePoint
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/card/ceEek8ei/SharePoint
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 21:10:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
CDG50-C2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
2211009
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 09 Sep 2021 17:18:03 GMT
Server
AmazonS3
X-Frame-Options
DENY
ETag
"2793fa2ccea37fa4bc7d3485d93f247e"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
x-amz-version-id
slFY5Nbw.fyTB9lYNtTQuBv3LOfog5oV
Via
1.1 67458d17a348ce0755d6b43ab4d0c04d.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Content-Type
application/javascript
X-Amz-Cf-Id
ertb3d3xfHs_ukBypIjRfrWEKJdUjNsBsTyMNbC3NGa4u-D8d6vWzA==
ceEek8ei
api.getguru.com/api/v1/unauthenticated/card/
0
0
Preflight
General
Full URL
https://api.getguru.com/api/v1/unauthenticated/card/ceEek8ei
Protocol
H2
Server
44.240.98.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-98-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-amzn-trace-id,x-guru-application,x-guru-application-version,x-guru-tracking-app,x-guru-tracking-domain
Origin
https://app.getguru.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 21:10:33 GMT
content-length
0
x-frame-options
DENY
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
pragma
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
access-control-allow-origin
https://app.getguru.com
vary
Origin
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-headers
x-amzn-trace-id,x-guru-application,x-guru-application-version,x-guru-tracking-app,x-guru-tracking-domain
api.js
apis.google.com/js/
12 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/main.js?00f4c463973e716720d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yEaffgHD/Q8tt8l/GJV9dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6cf1a8085d365822968a50501ed9fdee"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-yEaffgHD/Q8tt8l/GJV9dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 10 Sep 2021 21:10:32 GMT
gtm.js
www.googletagmanager.com/
146 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXNNX9M
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/main.js?00f4c463973e716720d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:810::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7edca0a00c8b4ce6112f21b990a2e9a0209534b8ef89d241aa32c78aa0e6732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:10:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53712
x-xss-protection
0
expires
Fri, 10 Sep 2021 21:10:32 GMT
pendo.js
cdn.pendo.io/agent/static/0ea97ad5-529d-48a4-4665-35966b68c7a6/
420 KB
131 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/0ea97ad5-529d-48a4-4665-35966b68c7a6/pendo.js
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/main.js?00f4c463973e716720d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.228.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-228-32.cdg3.r.cloudfront.net
Software
UploadServer /
Resource Hash
fd108b6a1c4686444b903ea3e42fc2fcbc31c26720d48580930f7e912eb4df4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 21:05:19 GMT
Content-Encoding
gzip
Age
313
X-GUploader-UploadID
ADPycduKmD0OohiZrGYq9FvMJIxj_QZWtKhW48VXC4jXsjLi8susNhFHQae0zihs7yFMRRkumKRN3I_nT7l1eS1JG2U
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
133163
Access-Control-Allow-Origin
*
Last-Modified
Fri, 10 Sep 2021 20:14:50 GMT
Server
UploadServer
ETag
"469cd1ad63cdc60bdc79e5851887521c"
Vary
Accept-Encoding
x-goog-hash
crc32c=R6Kd+w==, md5=RpzRrWPNxgvceeWFGIdSHA==
x-goog-generation
1631304889907046
Via
1.1 f35aa6bf386bb517249eff682674d4c5.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
133163
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
GjsX05FUYQkNdzAeoI2NexpcvMjcQgXZtemkz4WeopdGYswoAg_6aA==
Expires
Fri, 10 Sep 2021 21:12:49 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.21.1/
75 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.21.1/rollbar.min.js
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/main.js?00f4c463973e716720d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee2bc6e4edf311a6a0337c339dbd85d0d8d4040b25e390ab18237e2fa84f1c9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://app.getguru.com/
Origin
https://app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12149953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20417
cf-request-id
099ef3bbc700004aa3738e8000000001
timing-allow-origin
*
last-modified
Wed, 17 Mar 2021 17:14:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605238ef-12d45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afItdTaUpTXO1GI%2Bc02Yp8UOIc8y6rNUMd1NJuO4tm1NS6sPqrB5FwsW2v6q8VxWta2%2FmWkpm1%2Bx4qdJTA173hytGxrFYb%2BWbOI4TT%2BdIxwDa39GKonhS5Pe9HcWNXY7WEEckI46PwQSSu8PkobzMx2A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68cba4c6faad5c7a-FRA
expires
Wed, 31 Aug 2022 21:10:32 GMT
ceEek8ei
api.getguru.com/api/v1/unauthenticated/card/
37 B
602 B
XHR
General
Full URL
https://api.getguru.com/api/v1/unauthenticated/card/ceEek8ei
Requested by
Host: app.getguru.com
URL: https://app.getguru.com/main.js?00f4c463973e716720d4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.98.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-98-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
93ba2ced7ae99fb09711786c5690ffff10508b24efddbafe52ab2aca07194250
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Guru-Tracking-Domain
https://app.getguru.com/card/ceEek8ei/SharePoint
X-Guru-Application-Version
2.106.1009
Accept-Language
de-DE,de;q=0.9
X-Amzn-Trace-Id
GApp=webapp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json
X-Guru-Application
webapp
Referer
https://app.getguru.com/
X-Guru-Tracking-App
getguru

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 21:10:33 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://app.getguru.com
access-control-expose-headers
Link,X-LoginUrl,X-Guru-User-Count,X-Guru-User-Count-Allowed,X-Guru-Fact-Count,X-Guru-Fact-Count-Allowed,X-Guru-Board-Count,X-Guru-Board-Count-Allowed,X-Guru-Total-Cards,X-Guru-Total-Drafts,X-Guru-Total-User-Tasks,X-Guru-Search-ID,X-Guru-Recent-Search-ID,X-Guru-Total-Comment-Replies
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
103 KB
35 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 10:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35070
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 10:38:41 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=picker/exm=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
144 KB
46 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=picker/exm=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d6c7218bea788a09ff3c73f2911edf9a804711ab519fae65497caa2bcee366d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 19:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47400
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 19:38:32 GMT
analytics.min.js
unpkg.com/analytics@0.6.7/dist/
0
0

auth
api.getguru.com/user/
0
542 B
XHR
General
Full URL
https://api.getguru.com/user/auth
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.21.1/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.98.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-98-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Guru-Tracking-Domain
https://app.getguru.com/card/ceEek8ei/SharePoint
X-Guru-Application-Version
2.106.1009
Accept-Language
de-DE,de;q=0.9
X-Amzn-Trace-Id
GApp=webapp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
X-Guru-Application
webapp
Referer
https://app.getguru.com/
X-Guru-Tracking-App
getguru
X-ReturnTo
https://app.getguru.com/card/ceEek8ei/SharePoint

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 21:10:34 GMT
x-content-type-options
nosniff
x-frame-options
DENY
access-control-allow-origin
https://app.getguru.com
access-control-expose-headers
Link,X-LoginUrl,X-Guru-User-Count,X-Guru-User-Count-Allowed,X-Guru-Fact-Count,X-Guru-Fact-Count-Allowed,X-Guru-Board-Count,X-Guru-Board-Count-Allowed,X-Guru-Total-Cards,X-Guru-Total-Drafts,X-Guru-Total-User-Tasks,X-Guru-Search-ID,X-Guru-Recent-Search-ID,X-Guru-Total-Comment-Replies
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-length
0
x-xss-protection
1; mode=block
auth
api.getguru.com/user/
0
0
Preflight
General
Full URL
https://api.getguru.com/user/auth
Protocol
H2
Server
44.240.98.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-98-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-amzn-trace-id,x-guru-application,x-guru-application-version,x-guru-tracking-app,x-guru-tracking-domain,x-returnto
Origin
https://app.getguru.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 21:10:33 GMT
content-length
0
x-frame-options
DENY
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
pragma
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
access-control-allow-origin
https://app.getguru.com
vary
Origin
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-headers
content-type,x-amzn-trace-id,x-guru-application,x-guru-application-version,x-guru-tracking-app,x-guru-tracking-domain,x-returnto
a00805e22ea9cd915a183abbca34e890bb474886
widget.intercom.io/widget/
0
0

shoulder-tap-dude@2x.png
app.getguru.com/assets/common/images/
106 KB
106 KB
Image
General
Full URL
https://app.getguru.com/assets/common/images/shoulder-tap-dude@2x.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.158.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-158-17.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6694fb035057b3eab4ac401fa5f0aa2ab2e9df8b29243a2a575f7f8a2e63a781
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.getguru.com/signin
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
9b9aCVqawEvOMLLlyoN_qPEebI1fqEWE
Via
1.1 67458d17a348ce0755d6b43ab4d0c04d.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
CDG50-C2
X-Cache
RefreshHit from cloudfront
Date
Fri, 10 Sep 2021 21:10:35 GMT
Connection
keep-alive
Content-Length
108307
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 09 Sep 2021 17:19:19 GMT
Server
AmazonS3
X-Frame-Options
DENY
ETag
"4f54b45ad8cc1359be32694a76baf8cb"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=3600
X-Amz-Cf-Id
vBDLQAvZONJb3nl-qiXeTooWL1JAxNllm0D77vD6z9Ug7NiklU1naA==
waves-bottom-standard@2x.png
app.getguru.com/assets/common/images/
31 KB
31 KB
Image
General
Full URL
https://app.getguru.com/assets/common/images/waves-bottom-standard@2x.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.158.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-158-17.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10b13372989c033d124e5fee0e5e623d54c7d4de9999369a415f7ee829ebfe72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.getguru.com/signin
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://app.getguru.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
6_pxIvf2Y_xSJuApn9Eo5DncZigoip8A
Via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
815
X-Cache
Hit from cloudfront
Date
Fri, 10 Sep 2021 20:57:00 GMT
Connection
keep-alive
Content-Length
31235
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 09 Sep 2021 17:19:31 GMT
Server
AmazonS3
X-Frame-Options
DENY
ETag
"6d7bb56b625b1b1497d57f2693f6a0ec"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=3600
X-Amz-Cf-Pop
CDG50-C2
X-Amz-Cf-Id
euipxSvnuSiiEWmG4G03BnbJy2lINU8Rjmh_hXZJ5NpgKlqKUf7InA==
4744974.js
js.hs-scripts.com/
0
0

css2
fonts.googleapis.com/
0
0

truncated
/
99 KB
99 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f661e58c48ee7a71e2fc92c348481938d2917e74ea78c748653acbeb15f3fd20

Request headers

Referer
Origin
https://app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/
98 KB
98 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f929763fbc0a70e7bc1f40c23b578c4bf67df0f6145a48bb3f892b0d0c6ea0

Request headers

Referer
Origin
https://app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
103 KB
103 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c18d294042fa72e9cbf2055c8ffc48d7ad613852b35d99fae0b46e86325a8614

Request headers

Referer
Origin
https://app.getguru.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
unpkg.com
URL
https://unpkg.com/analytics@0.6.7/dist/analytics.min.js
Domain
widget.intercom.io
URL
https://widget.intercom.io/widget/a00805e22ea9cd915a183abbca34e890bb474886
Domain
js.hs-scripts.com
URL
https://js.hs-scripts.com/4744974.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap&text=Sign%20in%20with%20Google

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp object| _ablyjs_jsonp function| JSONPTransport function| setImmediate function| clearImmediate object| regeneratorRuntime object| Prism object| __GURU_PRISM__ object| cptable function| IMask object| core object| dataLayer object| pendo object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar object| gapi object| ___jsl object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| google_tag_manager object| c function| Intercom object| intercomSettings

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 223=uT5nSmvKHXZl8ZqKARHKB04itlQhsSZsPpRHQSSr3Gy6fK21EHmfacwQCIGYzrfPi_BJNruQkDgeuoUEKNj6HX4JDBuh4xzFTyFWwD_ZKA5S_3I1TZkG1xl12VUiNJgxjSLbvXgaX6xuaheDd16JbTDViv2jY1E13AorGhJZf-A

1 Console Messages

Source Level URL
Text
network error URL: https://api.getguru.com/user/auth
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getguru.com
apis.google.com
app.getguru.com
cdn.pendo.io
cdnjs.cloudflare.com
fonts.googleapis.com
js.hs-scripts.com
unpkg.com
widget.intercom.io
www.googletagmanager.com
fonts.googleapis.com
js.hs-scripts.com
unpkg.com
widget.intercom.io
13.32.158.17
143.204.228.32
2606:4700::6810:135e
2a00:1450:4007:810::2008
2a00:1450:4007:818::200e
44.240.98.83
0097310a59d53cdaa302c577a1a0204dfd765ac60c74d4b70628308786e8653d
10b13372989c033d124e5fee0e5e623d54c7d4de9999369a415f7ee829ebfe72
2a32f8ae5c86cdf6f803015ed00842b0ea244a0d2cd8d4aff2232ca710d5e94c
3d3bc55cf6ddffc806368b1a4152081fa02a73d6310eee26a69083a453414eff
3d6c7218bea788a09ff3c73f2911edf9a804711ab519fae65497caa2bcee366d
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
6694fb035057b3eab4ac401fa5f0aa2ab2e9df8b29243a2a575f7f8a2e63a781
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
93ba2ced7ae99fb09711786c5690ffff10508b24efddbafe52ab2aca07194250
c18d294042fa72e9cbf2055c8ffc48d7ad613852b35d99fae0b46e86325a8614
c1f929763fbc0a70e7bc1f40c23b578c4bf67df0f6145a48bb3f892b0d0c6ea0
d7edca0a00c8b4ce6112f21b990a2e9a0209534b8ef89d241aa32c78aa0e6732
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee2bc6e4edf311a6a0337c339dbd85d0d8d4040b25e390ab18237e2fa84f1c9
f661e58c48ee7a71e2fc92c348481938d2917e74ea78c748653acbeb15f3fd20
fd108b6a1c4686444b903ea3e42fc2fcbc31c26720d48580930f7e912eb4df4a