urlscan.io logo urlscan.io
SecurityTrails logo

www.guruin.com Open in urlscan Pro
172.67.23.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.guruin.com/
Submission: On March 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 17 domains to perform 111 HTTP transactions. The main IP is 172.67.23.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.guruin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time www.guruin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 43 172.67.23.98 13335 (CLOUDFLAR...)
7 2a04:4e42:62:... 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.96.91 16509 (AMAZON-02)
1 1 65.9.187.90 16509 (AMAZON-02)
6 65.9.96.16 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.83.219.81 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 34.251.107.229 16509 (AMAZON-02)
2 162.247.243.147 23467 (NEWRELIC-...)
1 3 142.250.185.70 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 216.58.212.130 15169 (GOOGLE)
2 54.220.184.54 16509 (AMAZON-02)
2 104.244.36.20 7415 (ADSAFE-1)
1 142.250.185.194 15169 (GOOGLE)
111 29
43    172.67.23.98 (United States)

ASN13335 (CLOUDFLARENET, US)
www.guruin.com
rs.guruin.com
s8.guruin.com
s3.guruin.com
7    2a04:4e42:62::272 (United States)

ASN54113 (FASTLY, US)
images-na.ssl-images-amazon.com
1    2a02:26f0:6c00:298::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
secure.insightexpressai.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.96.91 (United States)

ASN16509 (AMAZON-02, US)
cdn.pocket-lint.com
1    65.9.187.90 (United States)

ASN16509 (AMAZON-02, US)
widget.intercom.io
6    65.9.96.16 (United States)

ASN16509 (AMAZON-02, US)
js.intercomcdn.com
3    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
7    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    34.251.107.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
3    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
googleads4.g.doubleclick.net
2    54.220.184.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-184-54.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
2    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ade.googlesyndication.com
Domain Requested by
23 rs.guruin.com www.guruin.com
rs.guruin.com
11 s8.guruin.com www.guruin.com
9 pagead2.googlesyndication.com www.guruin.com
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
8 s3.guruin.com 8 redirects
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
tpc.googlesyndication.com
ad.doubleclick.net
7 securepubads.g.doubleclick.net www.googletagservices.com
www.guruin.com
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
7 www.googletagservices.com www.guruin.com
securepubads.g.doubleclick.net
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
7 images-na.ssl-images-amazon.com www.guruin.com
6 js.intercomcdn.com www.guruin.com
widget.intercom.io
js.intercomcdn.com
4 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
3 ad.doubleclick.net 1 redirects c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
www.googletagservices.com
3 c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 connect.facebook.net www.guruin.com
connect.facebook.net
2 dt.adsafeprotected.com c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
2 static.adsafeprotected.com c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 bam-cell.nr-data.net js-agent.newrelic.com
www.guruin.com
2 fw.adsafeprotected.com 1 redirects c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
2 www.google-analytics.com www.guruin.com
1 ade.googlesyndication.com
1 js-agent.newrelic.com www.guruin.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 api-iam.intercom.io js.intercomcdn.com
1 www.google.de www.guruin.com
1 www.google.com www.guruin.com
1 stats.g.doubleclick.net www.guruin.com
1 widget.intercom.io 1 redirects
1 cdn.pocket-lint.com www.guruin.com
1 secure.insightexpressai.com www.guruin.com
1 www.guruin.com
111 31

This site contains links to these domains. Also see Links.

Domain
a.guruin.com
www.facebook.com
weibo.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-30 -
2021-07-30		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2020-09-16 -
2021-09-21		 a year crt.sh
*.insightexpressai.com
DigiCert SHA2 Secure Server CA		 2020-03-16 -
2021-06-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
cdn.pocket-lint.com
Amazon		 2021-02-01 -
2022-03-02		 a year crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.intercom.com
Amazon		 2020-05-13 -
2021-06-13		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-04 -
2021-05-07		 2 months crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-17 -
2021-06-17		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.guruin.com/
Frame ID: B2D1C12E7A4DA43D6D647AD0A09893F9
Requests: 68 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.33c67ae7.js
Frame ID: 27FABAB2524777B23CA237749834E321
Requests: 6 HTTP requests in this frame

Frame: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6688CC2AB54DC272B88DEBC1C2F514DE
Requests: 10 HTTP requests in this frame

Frame: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: AB598945D8F6B8EFC5168E7E12F9150F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 322D6F976B52FA44D75606396274BFA0
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Frame ID: 0F89D28F07A0362B638E067E74444480
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0093823862BDB6493A738EA585F01DC8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9170891/1588636765349/index.html
Frame ID: 7C71941B0052712D47B37BF1D64FE9F7
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 4D81A568B2A6A8090DFBC7F3DA80D1E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

111
Requests

100 %
HTTPS

52 %
IPv6

17
Domains

31
Subdomains

29
IPs

4
Countries

4296 kB
Transfer

10164 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://s3.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg HTTP 301
  • https://s8.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
Request Chain 22
  • https://s3.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg HTTP 301
  • https://s8.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
Request Chain 24
  • https://s3.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg HTTP 301
  • https://s8.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
Request Chain 26
  • https://s3.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg HTTP 301
  • https://s8.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
Request Chain 27
  • https://s3.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg HTTP 301
  • https://s8.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg
Request Chain 29
  • https://s3.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg HTTP 301
  • https://s8.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
Request Chain 30
  • https://s3.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg HTTP 301
  • https://s8.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
Request Chain 33
  • https://s3.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg HTTP 301
  • https://s8.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg
Request Chain 40
  • https://widget.intercom.io/widget/pvrtbbh6 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js
Request Chain 79
  • https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_pre=CIKO1-LDmu8CFT7kuwgdtGIHew;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
Request Chain 93
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/425227/44458354/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.guruin.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d29e5ee4-be43-8d96-f676-773bf8d90833,c:62R8Qn,sl:na,em:true,fr:false,mn:app02ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sqQ0OSm+11%7C1211%7C1212%7C13*.425227-44458354%7C14%7C15,idMap:13*,pl:,rmeas:1,rend:0,renddet:TITLE.us.tn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:22,oid:6ed94952-7e1c-11eb-93ef-02c790015d1e,v:19.8.170,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.guruin.com/ 		129 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.2
Resource Hash
da1c65a093e5be4486d3a035871360ee1588a718ccb27a14474c2e7f177c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.guruin.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc70e8cde3252dc819e923b4632b6e0d61614994612; expires=Mon, 05-Apr-21 01:36:52 GMT; path=/; domain=.guruin.com; HttpOnly; SameSite=Lax after_signin_out_page=%2F; path=/ pl=%7B%22na%22%3Atrue%7D; path=/; expires=Thu, 06 Mar 2031 01:36:52 -0000 poi=2311; path=/; expires=Sat, 06 Mar 2021 01:51:52 -0000 lat=34.052234; path=/; expires=Sat, 06 Mar 2021 01:51:52 -0000 lng=-118.243685; path=/; expires=Sat, 06 Mar 2021 01:51:52 -0000 __giuid=20210306.3261294947.f34e96995ddf3ff5eb1bfde138cfe29c; path=/; expires=Thu, 06 Mar 2036 01:36:52 -0000 W=f209f24a-0040-4d77-aabd-bc3fada2d27a; domain=.guruin.com; path=/; expires=Mon, 05 Apr 2021 01:36:52 -0000; HttpOnly
access-control-allow-headers
*
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-railgun
direct (starting new WAN connection)
enable_chinese_conversion
true
preferred_simplified_chinese
true
referrer-policy
strict-origin-when-cross-origin
status
200 OK
x-assets-version
1056
x-content-type-options
nosniff
x-download-options
noopen
x-format
text/html
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.2
x-request-id
9c41eff6-3923-4a79-ac20-c46142693dc0
x-runtime
0.152477
x-variant
desktop-default,desktop,default
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
08a6c737a300001fbadc38c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b7db05de861fba-AMS
content-encoding
br
lib.css
rs.guruin.com/a/css451/ 		264 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/css451/lib.css
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c707e69ddf3382bba6fc852af1cc9ac1ac4058506ca1806b016e98ac067db3

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-encoding
br
cf-cache-status
HIT
age
10446490
cf-polished
origSize=275138
cf-request-id
08a6c7399700001fbad4017000000001
cf-bgj
minify
server
cloudflare
etag
W/"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
173c597537e6290670f8bd6dec7a747a
cache-control
public, max-age=31536000
cf-ray
62b7db08f9d71fba-AMS
expires
Thu, 04 Nov 2021 06:02:36 GMT
application.css
rs.guruin.com/a/1056/ 		542 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/1056/application.css
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e528658e82dbfc21dbac2c95c526f35f7e621c390a052b5199a47496b631c716

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-encoding
br
cf-cache-status
HIT
age
720347
cf-polished
origSize=560885
cf-request-id
08a6c7399700001fba73020000000001
cf-bgj
minify
server
cloudflare
etag
W/"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
01c61e7c6b6f06e92a0d4d6f93f3adcc
cache-control
public, max-age=31536000
cf-ray
62b7db08f9d81fba-AMS
expires
Fri, 25 Feb 2022 17:31:05 GMT
lib.js
rs.guruin.com/a/js451/ 		3 MB
649 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/js451/lib.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842dedcfa8ce31909652dc6310761c30e0c924fc2b1574abb362c125ed46b231

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
10025760
etag
W/"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
747dca300af27f6e0cf5753623d05b33
cache-control
public, max-age=31536000
cf-ray
62b7db08f9d91fba-AMS
cf-request-id
08a6c7399700001fbab6ab4000000001
expires
Tue, 09 Nov 2021 23:25:52 GMT
61SekUeieoL._AC_SY879_.jpg
images-na.ssl-images-amazon.com/images/I/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/61SekUeieoL._AC_SY879_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29d445b5dbb64bd460f19bc5c7195e7292d237d0ee5faa2923aa5cdc1d05fa3f

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
last-modified
Thu, 12 Mar 2020 17:16:36 GMT
age
2972969
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 25 Jan 2041 15:47:23 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
2a1c92c9-f546-4936-a02e-b37bf3aec9e5
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
22122
x-served-by
cache-dca17767-DCA, cache-hhn11553-HHN
71H%2BTyVJK9L._AC_SL1001_.jpg
images-na.ssl-images-amazon.com/images/I/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/71H%2BTyVJK9L._AC_SL1001_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32477bfb1d56edfac1a7f63c640c75fe685ef15ca5667dc17dc9476c9ed1e177

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
last-modified
Tue, 05 Jan 2021 07:15:32 GMT
age
1276884
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 14 Feb 2041 06:55:28 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
a39c9de8-1d77-4745-8ec9-ada260bc9a9c
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
129441
x-served-by
cache-dca17748-DCA, cache-hhn11553-HHN
713lrdGtGKL._AC_SX679_.jpg
images-na.ssl-images-amazon.com/images/I/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/713lrdGtGKL._AC_SX679_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
987c92fe04a0462733797b2beb9984eab26cbbad66fc752ea01141b291514f3b

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
last-modified
Wed, 23 Sep 2020 08:35:38 GMT
age
1507489
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 11 Feb 2041 14:52:03 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
281792b1-35f7-44c0-9397-18709916a17e
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
99442
x-served-by
cache-dca17743-DCA, cache-hhn11553-HHN
61skGmGEDEL._AC_SL1350_.jpg
images-na.ssl-images-amazon.com/images/I/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/61skGmGEDEL._AC_SL1350_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3ca2ef750c563aa0ab29a90e7a2af094b8ab134f9cefa627db851e526d3013a

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
last-modified
Thu, 23 May 2019 13:20:06 GMT
age
731135
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 20 Feb 2041 14:31:17 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
7c52069c-27ff-4684-b202-e6c7111992e9
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
77445
x-served-by
cache-dca17763-DCA, cache-hhn11553-HHN
app-download-qrcode-fingerprint_new.png
rs.guruin.com/a/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/a/images/app-download-qrcode-fingerprint_new.png
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05d2e8c38107089cbc9274fc8244e445a4cd0a34458bbc98e40c014ad3c59fe

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
cf-cache-status
HIT
age
9251997
cf-polished
origFmt=png, origSize=101732
content-disposition
inline; filename="app-download-qrcode-fingerprint_new.webp"
content-length
53390
cf-request-id
08a6c73aff00001fba9c234000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
57abad416a8ca19a3e47b59aa629ada0
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0b3c5d1fba-AMS
expires
Thu, 18 Nov 2021 11:33:20 GMT
guru-service-wechat-20180309.png
rs.guruin.com/a/images/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/a/images/guru-service-wechat-20180309.png
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5200836eac23b4fb9b76b0457e56045617cd621b31d18ca4deee40923d472f48

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
cf-cache-status
HIT
age
4415488
cf-polished
origFmt=png, origSize=387971
content-disposition
inline; filename="guru-service-wechat-20180309.webp"
cf-request-id
08a6c73b0000001fbad4029000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
9b33dffacebf4d0b68fa823f19667984;o=1
cache-control
public, max-age=31536000
cf-ray
62b7db0b3c5e1fba-AMS
expires
Thu, 13 Jan 2022 23:05:24 GMT
adServerESI.aspx
secure.insightexpressai.com/adServer/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=7602290&rnd=1614994612&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:298::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
application.js
rs.guruin.com/a/1056/ 		689 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/1056/application.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ceb0bc59d43b00d53bede73c6fd1fa7bd79eb1804e913ba0ddcd2b2f442441

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3478953
etag
W/"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
3c41a964e709715c01941241acec6330
cache-control
public, max-age=31536000
cf-ray
62b7db09aab11fba-AMS
cf-request-id
08a6c73a0800001fbaa338b000000001
expires
Mon, 24 Jan 2022 19:14:19 GMT
opensans-regular-webfont.ttf
rs.guruin.com/a/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-regular-webfont.ttf
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4dc0413df98bef4b3e1fea3299d0a51da021ac510959e9f23997415cf6b79b

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
4940737
content-length
45184
cf-request-id
08a6c73b5200007245360d5000000001
server
cloudflare
etag
"mqHisA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
91ca4f24c10f5ed17494b77825e5b9fb
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bbaf87245-AMS
expires
Fri, 07 Jan 2022 04:05:20 GMT
gpt.js
www.googletagservices.com/tag/js/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"803 / 357 of 1000 / last-modified: 1614985848"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19735
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:52 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
506
date
Sat, 06 Mar 2021 01:28:26 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 06 Mar 2021 03:28:26 GMT
logo-guru.png
rs.guruin.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/images/logo-guru.png
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/1056/application.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b84a15890461c9f9cf6fec808be7976091d8a29648f2897beaf0f4ee6697081

Request headers

Referer
https://rs.guruin.com/a/1056/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
cf-cache-status
HIT
age
1377342
cf-polished
origFmt=png, origSize=6466
content-disposition
inline; filename="logo-guru.webp"
cf-request-id
08a6c73b0000001fbab0a0c000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
794b91a0f502ef461c088fe43db2319a
cache-control
public, max-age=31536000
cf-ray
62b7db0b3c601fba-AMS
expires
Fri, 18 Feb 2022 03:01:10 GMT
logo-text-020217.png
rs.guruin.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/images/logo-text-020217.png
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/1056/application.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b899e46aa954e9105e66ea412ea66b084a36f609a709b8920bf0b2c61c734c7d

Request headers

Referer
https://rs.guruin.com/a/1056/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
cf-cache-status
HIT
age
2596434
cf-polished
origFmt=png, origSize=8094
content-disposition
inline; filename="logo-text-020217.webp"
content-length
3784
cf-request-id
08a6c73b0000001fba779db000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
dc901edb188761c6a4a0a942cfa5f649
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0b3c611fba-AMS
expires
Fri, 04 Feb 2022 00:22:58 GMT
icons-061218.png
rs.guruin.com/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/images/icons-061218.png
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/1056/application.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4d2cebdd298aa6991b91a2c1727605a0ea2afcf0ca031c40af31107f31e213

Request headers

Referer
https://rs.guruin.com/a/1056/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:52 GMT
cf-cache-status
HIT
age
4658063
cf-polished
origFmt=png, origSize=44375
content-disposition
inline; filename="icons-061218.webp"
content-length
20364
cf-request-id
08a6c73b0000001fbab923f000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
ba1f79c02bb4e340a8152d35f0b72922
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0b3c631fba-AMS
expires
Mon, 10 Jan 2022 23:59:48 GMT
fontawesome-webfont.woff2
rs.guruin.com/a/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
4603547
content-length
77160
cf-request-id
08a6c73b550000724549204000000001
server
cloudflare
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
06c4a65dbcbd0462a0c2006c91978900
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bbafb7245-AMS
expires
Tue, 11 Jan 2022 09:11:43 GMT
opensans-bold-webfont.ttf
rs.guruin.com/a/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-bold-webfont.ttf
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164daf73aa420c2a9b5fc740b70497674c2737ce520d70761c110e42e4874896

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
10090976
content-length
46600
cf-request-id
08a6c73b540000724551b26000000001
server
cloudflare
etag
"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
cf1694ed13ef949c2467165abd6de885
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bbafa7245-AMS
expires
Mon, 08 Nov 2021 18:12:41 GMT
montserrat-bold-webfont.ttf
rs.guruin.com/a/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-bold-webfont.ttf
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d9aad1e5bcec7dc4a9fe6027254ffedbc59c8ff48f0e261a901b9ec4e96e6a

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
10547246
content-length
44192
cf-request-id
08a6c73b530000724534a23000000001
server
cloudflare
etag
"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
0c4b8ca274e5858d4c5a7f9b51046f90;o=1
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bbaf97245-AMS
expires
Wed, 03 Nov 2021 00:03:23 GMT
_115767573_gettyimages-1229751860.jpg
s8.guruin.com/db/photos/991317/url/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/991317/url/_115767573_gettyimages-1229751860.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30cee697ea1dc73df892e106743be3eb3fd36d7ef47b503bf3f4a39a6a82163d

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA2-C2
cf-polished
qual=85, origFmt=jpeg, origSize=72186
x-cache
Hit from cloudfront
content-disposition
inline; filename="_115767573_gettyimages-1229751860.webp"
content-length
50896
cf-request-id
08a6c73b8a00001fbab9246000000001
last-modified
Wed, 16 Dec 2020 05:11:05 GMT
server
cloudflare
etag
"09fddd125f0ae5fb3b79ad65cdaef5c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bfd421fba-AMS
x-amz-cf-id
JPWZpwpQgVvOGsRNHqSy7JO1V36W-KyfJQDFTApJj1OZHu0K0lP5OA==
cf-bgj
imgq:85,h2pri
cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
s8.guruin.com/db/photos/999774/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
  • https://s8.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a65a38b646b728a34c43efdf8b4868a833e5febd8b526146ef5875bd2f6a1d

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
25221
cf-request-id
08a6c73caf00001fbac3b7f000000001
last-modified
Fri, 05 Mar 2021 22:26:08 GMT
server
cloudflare
etag
"5aadaedb56110ac5927416a8f06842c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0def941fba-AMS
x-amz-cf-id
cf7RM7jphDb0LZAZUyiElJ1-SBqUgx19tmqwiPBbNts8dsBKZ2aE_A==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/999774/url/cell_6d61a308-bcd6-4beb-a524-a3cc3d606bd3.jpg
x-cloud-trace-context
a00d48d46b80e33f291a8ab1079e107c
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd531fba-AMS
content-length
0
cf-request-id
08a6c73b7a00001fbad8291000000001
server
cloudflare
cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
s8.guruin.com/db/photos/999528/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
  • https://s8.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6787ded150e5dc952b98507bf7ca2630e2ef1084caef2a6586dba3601e48a89d

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
27403
cf-request-id
08a6c73cae00001fba779f0000000001
last-modified
Wed, 03 Mar 2021 19:19:41 GMT
server
cloudflare
etag
"31350a5aec4ae726a32280de9fb97a82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0def8e1fba-AMS
x-amz-cf-id
ULSmuqGdmhI5gSWpEaegENmravYIJL-znbXYk68lsc0drMNlvN73rg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/999528/url/cell_ee4d2da7a8764ac6b494291949eeb87c.jpeg
x-cloud-trace-context
0af8dc5e1b0fa44554038a20cdcc5661
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd4d1fba-AMS
content-length
0
cf-request-id
08a6c73b7900001fbacd039000000001
server
cloudflare
81AQyd%2Byr%2BL._SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/81AQyd%2Byr%2BL._SL1500_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68de32ad50b497f1b0de474eac0ff518d2be140a253444165a3c3aa9b38c187d

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
last-modified
Thu, 12 Nov 2020 16:02:39 GMT
age
2428685
x-cache
MISS from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Jan 2041 10:20:30 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
8ee4c618-8726-4346-bdfb-abce32a84b72
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
219687
x-served-by
cache-dca17741-DCA, cache-hhn11553-HHN
cell_GettyImages-1230026556-2048x1366.jpg
s8.guruin.com/db/photos/999795/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
  • https://s8.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f4a1f6f924effa761fb8ee7e0d137994a32a8508d7d1d793984bd6fa6bfcac

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
21414
cf-request-id
08a6c73caf00001fbab389b000000001
last-modified
Sat, 06 Mar 2021 01:16:16 GMT
server
cloudflare
etag
"8be077878d4ad87a3b259f056e193d53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0def931fba-AMS
x-amz-cf-id
leHU_qlBOgFPmeiicgJaoZBVRfkfZBTe0ckiqJO7FPOCNMjFh7o2mg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/999795/url/cell_GettyImages-1230026556-2048x1366.jpg
x-cloud-trace-context
d0053607e4de0000d6263ec7bbde525c
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd571fba-AMS
content-length
0
cf-request-id
08a6c73b7a00001fba6f9ba000000001
server
cloudflare
81cbB6wb%2BqL._SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/81cbB6wb%2BqL._SL1500_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84f2810f8532ac12e3cafa1b3255bb6b64798fd769b63d12fbe97d3a53b50259

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
last-modified
Sat, 31 Oct 2020 06:12:51 GMT
age
2453580
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 19 Jan 2041 03:32:37 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
5e62a730-8cd4-4f6b-8922-9182d43d9d70
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
274379
x-served-by
cache-dca17776-DCA, cache-hhn11553-HHN
2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
s8.guruin.com/db/photos/830949/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
  • https://s8.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3dbca33b9ef5b22e793076ae33895f771a06a98843a86c38d39b99179c2d9bb

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
content-length
139075
cf-request-id
08a6c73cae00001fbab0a21000000001
last-modified
Tue, 08 May 2018 22:12:56 GMT
server
cloudflare
etag
"4aa642f5bdc8af2ba1af48daed008bbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0def901fba-AMS
x-amz-cf-id
UNVZ1AfmWmCQ8bOrOnW8nFPqLHubs3Q8O3yM9G1r1Uz6fK0bHfv7fg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/830949/url/2017-Lexus-RC-gallery-overlay-1204x677-LEX-RCG-MY17-0015.jpg
x-cloud-trace-context
8248d05284b4062bba9928dad08635e0
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd4f1fba-AMS
content-length
0
cf-request-id
08a6c73b7900001fba8e272000000001
server
cloudflare
avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg
s8.guruin.com/db/photos/841169/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ...
  • https://s8.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ...
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
475cece12f7632851d51e9a9504694e51375d24eb8f2cba081b34ea550dffe88

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
5169
cf-request-id
08a6c73e1e00001fba67b70000000001
last-modified
Tue, 10 Jul 2018 00:26:23 GMT
server
cloudflare
etag
"e86ce21a4425c4391faedf4ef128714a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db1029e11fba-AMS
x-amz-cf-id
x4aEjnP6209B3PomRkFA4etbb0ZAyVuvZDGRi-acCeCPj6ELZJH2cg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/841169/url/avatar_aHR0cHM6Ly9pbWcuYnV6emZlZWQuY29tL2J1enpmZWVkLXN0YXRpYy9zdGF0aWMvMjAxOC0wNS8xLzE2L2Fzc2V0L2J1enpmZWVkLXByb2Qtd2ViLTAyL3N1Yi1idXp6LTE4ODUwLTE1MjUyMDQ4MzgtNS5qcGc_.jpg
x-cloud-trace-context
1d4a9df65ed4c5e2e9d52f6455510e3c
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd551fba-AMS
content-length
0
cf-request-id
08a6c73b7a00001fba8e273000000001
server
cloudflare
avatar_20459728003_400cc816e7_k.jpg
s8.guruin.com/db/photos/793031/url/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/793031/url/avatar_20459728003_400cc816e7_k.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc52a4b5dc6e1514359b69843716b901bd7c1130d76bba2ff88dd128a7898e60

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
8672
cf-request-id
08a6c73b7800001fba73036000000001
last-modified
Mon, 24 Jul 2017 18:09:09 GMT
server
cloudflare
etag
"2e17be3dbf9e2aac85dbbbbd645bd7b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bfd451fba-AMS
x-amz-cf-id
Gc5GuRzgKnajYsmn7Xxtt7rX4dkUoOrXyGe75FjO1DcIMevBstln2A==
BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
s8.guruin.com/db/photos/942020/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
  • https://s8.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338c14e9afd4e0db48e1e0533b4772864732f0cc2f165d191b9c9c501e7e1746

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
310403
cf-request-id
08a6c73caf00001fba80825000000001
last-modified
Mon, 13 Jan 2020 22:47:36 GMT
server
cloudflare
etag
"231b9af486de678daa9e804cf7db2421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0def921fba-AMS
x-amz-cf-id
oa3wUarcJDIwPukTYc5xhZ0Ay1UWElCvxLLBAi3yrXn87rS-gY2kLg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/942020/url/BMW-MY20-3Series-M340i-Gallery-Exterior-08.jpg
x-cloud-trace-context
b536b7e37fbb172a590196bac0f608a1
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0bfd4a1fba-AMS
content-length
0
cf-request-id
08a6c73b7900001fba67b4d000000001
server
cloudflare
1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
s8.guruin.com/db/photos/993840/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
  • https://s8.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9ccd9161c6ca983f1a92f60a45484a370e2962d2cad630acc2a3201131fa81

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA2-C2
cf-polished
qual=85, origFmt=jpeg, origSize=160645
x-cache
Hit from cloudfront
content-disposition
inline; filename="1fca4090-f4aa-478f-86e1-0789ae06b4a9.webp"
content-length
114970
cf-request-id
08a6c7403a00001fbab6b03000000001
last-modified
Fri, 08 Jan 2021 21:03:00 GMT
server
cloudflare
etag
"42c627a6f7f0718461a4bc1a0d016ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db138d881fba-AMS
x-amz-cf-id
oBW75PdkONY0ZxWUzlE8MrN07w4mmUCiprYcCWnRYsaWBQwQxO-DQQ==
cf-bgj
imgq:85,h2pri

Redirect headers

date
Sat, 06 Mar 2021 01:36:54 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/993840/url/1fca4090-f4aa-478f-86e1-0789ae06b4a9.jpg
x-cloud-trace-context
7133f751cba09dc36fccbe938c49bb2c
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0e681c1fba-AMS
content-length
0
cf-request-id
08a6c73d0300001fba8e28a000000001
server
cloudflare
6114qzNg-3L._AC_SX569_.jpg
images-na.ssl-images-amazon.com/images/I/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/6114qzNg-3L._AC_SX569_.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c5194c090b2b67792d1975d6a0b7b96e8711ca2c42b6f5ba1f02275ff8a3aca

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
last-modified
Wed, 29 Jul 2020 04:31:24 GMT
age
3772485
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 16 Jan 2041 09:42:09 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
c159cbd4-c600-44f8-813d-b7c8939d710f
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
14704
x-served-by
cache-dca17744-DCA, cache-hhn11553-HHN
148464-phones-news-feature-apple-iphone-12-and-12-pro-release-date-specs-news-and-features-image1-a2lqjvbyuk.jpg
cdn.pocket-lint.com/r/s/1200x/assets/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pocket-lint.com/r/s/1200x/assets/images/148464-phones-news-feature-apple-iphone-12-and-12-pro-release-date-specs-news-and-features-image1-a2lqjvbyuk.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3218dc32c8faa442a5b5a095c3417237053717fabec8fe1122c1c8cac98dd614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 05:56:01 GMT
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 19:22:19 GMT
server
nginx
age
2490052
etag
"5f85fe6b-1432d"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
82733
x-amz-cf-id
pgXguKDDNSJ3AuprnqQ4cmKKEogOhCKVA5HpytcSqkIIoKPpXjN6_g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cell_GettyImages-1231206146.jpg
s8.guruin.com/db/photos/999794/url/
Redirect Chain
  • https://s3.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg
  • https://s8.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg
57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e089158cd32ce1bc9b988cb1783fb721877c2f01374b57bd0bd3687a9d2f5d6

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
content-length
58084
cf-request-id
08a6c73e1700001fba779ff000000001
last-modified
Sat, 06 Mar 2021 00:38:41 GMT
server
cloudflare
etag
"34f92e8fe2eeee85fc3d50de67916284"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db1029d01fba-AMS
x-amz-cf-id
uk2Qo0INgj2x4IlI3ZxaSqM8Kr2Qpe2e1VBo7zDWFBLbcUEUrqW1Gg==

Redirect headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
DYNAMIC
x-path
db/photos/999794/url/cell_GettyImages-1231206146.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
location
https://s8.guruin.com/db/photos/999794/url/cell_GettyImages-1231206146.jpg
x-cloud-trace-context
40a592d94682220bc0fc80466a9b32ea
cache-control
no-cache, max-age=0, s-maxage=0
cf-ray
62b7db0f08c51fba-AMS
content-length
0
cf-request-id
08a6c73d6100001fbad4047000000001
server
cloudflare
avatar_200108214800-coronavirus-super-tease.jpg
s8.guruin.com/db/photos/951859/url/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8.guruin.com/db/photos/951859/url/avatar_200108214800-coronavirus-super-tease.jpg
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69869e2eb8687b63ec31336e4d86fc67dd0e55a8ac5a2a6ead8f9ec8b3bc1ea5

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
via
1.1 52102486f97ad6ff39f81538f01349ab.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
AMS50-C1
cf-polished
qual=85, origFmt=jpeg, origSize=14988
x-cache
Hit from cloudfront
content-disposition
inline; filename="avatar_200108214800-coronavirus-super-tease.webp"
content-length
7618
cf-request-id
08a6c73b7800001fbaa339e000000001
last-modified
Mon, 02 Mar 2020 07:06:47 GMT
server
cloudflare
etag
"ff2668d5d249140659325352fd71ea9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0bfd3e1fba-AMS
x-amz-cf-id
jVRXlZ6pHOENKQKF1XHM-Nn_Q6R8akczEIPqIfpafaxs9UrhrJ_IDw==
cf-bgj
imgq:85,h2pri
dot-loading.gif
rs.guruin.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.guruin.com/images/dot-loading.gif
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/1056/application.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6fbac2c8cd5ba363a94aacfdd1615e0d181a0aa1d467735b31c8a8314344a77

Request headers

Referer
https://rs.guruin.com/a/1056/application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
1843304
cf-polished
origFmt=gif, origSize=11205
content-disposition
inline; filename="dot-loading.webp"
cf-request-id
08a6c73b7800001fbac0ac0000000001
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
c93e9f3f77647c492a40ba1e6efa30cd
cache-control
public, max-age=31536000
cf-ray
62b7db0bed1c1fba-AMS
expires
Sat, 12 Feb 2022 17:35:09 GMT
montserrat-medium-webfont.ttf
rs.guruin.com/a/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-medium-webfont.ttf
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63927421eb35501398c7b54102ba398a39e96957a82613ca700caafd508bcf8

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
2539572
content-length
75400
cf-request-id
08a6c73bc5000072454226b000000001
server
cloudflare
etag
"L9osBg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
c20407f7b92db43dee704322ba4f0fe6
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0c6b157245-AMS
expires
Fri, 04 Feb 2022 16:10:41 GMT
opensans-regular-webfont.woff
rs.guruin.com/a/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-regular-webfont.woff
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229878c518782ea3fd79425209286356d7ab47a08a24b54ea32d9197a7380e47

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
4633973
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-cloud-trace-context
040ed19e46919dc64b70a6da124f18cb
cache-control
public, max-age=31536000
cf-ray
62b7db0cbb1c7245-AMS
cf-request-id
08a6c73bf20000724537016000000001
expires
Tue, 11 Jan 2022 10:23:59 GMT
opensans-bold-webfont.woff
rs.guruin.com/a/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-bold-webfont.woff
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a10f0eb825b1210dcae656c5841f4c0557081fb159ea6866f67b2ed64ac1fd0

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
10343178
content-length
25576
cf-request-id
08a6c73bf30000724541338000000001
server
cloudflare
etag
"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-cloud-trace-context
46f04230db513d778f7be043a5596244;o=1
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0cbb1d7245-AMS
expires
Sat, 06 Nov 2021 08:30:35 GMT
montserrat-bold-webfont.woff
rs.guruin.com/a/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-bold-webfont.woff
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5bf8f35e5ce0435e4b75d94c28001d3b831ff6f12f49b786e5b5404232eb42

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
4633973
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-cloud-trace-context
040ed19e46919dc64b70a6da124f18cb
cache-control
public, max-age=31536000
cf-ray
62b7db0cbb1e7245-AMS
cf-request-id
08a6c73bf40000724546b02000000001
expires
Tue, 11 Jan 2022 10:23:59 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/pvrtbbh6
  • https://js.intercomcdn.com/shim.latest.js
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
434d5ffdc43cfb3ca9461ffe66fc0659522e6e79a917bf7398c503fbfb7f0a43

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 01:36:28 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 12:04:37 GMT
server
AmazonS3
age
26
etag
"34fcc6e0306cb653d3c4da66f8a53dc3"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
5123
x-amz-cf-id
oyGOJbt42D9-0jXSF1bf3eeJeCrT1ua_I1qVlxCJJgMPsAx9AlxdDQ==

Redirect headers

date
Sun, 28 Feb 2021 05:42:55 GMT
via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
server
AmazonS3
age
503639
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
ZAG50-C1
content-length
0
x-amz-cf-id
7WvNlWpLqFIGiLM47Vm9nxYfyukm2xd-UrGOkY3ngpKCRf7Woagp2Q==
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
VJKsacSNuwsvBm7WlWp6LBZutqmVuKkL+0AZIDVVOZ9xgfSnEZ+tvQo7JyH5TVZv1uMVm7dhcZDfg8964apikA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 06 Mar 2021 01:36:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5f1108015cfef56e45331bc8c836e8dcc276cb3e183720427492fddf5ac077f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jOBtDfqO4zmoiIJekwMWGQ==
cross-origin-resource-policy
cross-origin
expires
Sat, 06 Mar 2021 01:40:01 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
iMKi9xlND0h9Kf5N1hvCDHctJWUNU9SICWnxsisbGOX0NXkk12COL8aR96uNatO05PJb1Aui3hjXJQJdXOaZbA==
x-fb-trip-id
917726464
x-fb-content-md5
784b8c3aa1d9d54373d78e63c78fa66f
date
Sat, 06 Mar 2021 01:36:53 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fcaeca03f93c649b16970a04318ccd8d"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1875025208&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guruin.com%2F&ul=en-us&de=UTF-8&dt=%E7%BE%8E%E5%9B%BD%E5%8D%8E%E4%BA%BA%E6%9C%AC%E5%9C%B0%E6%96%B0%E9%97%BB%E3%80%81%E7%94%9F%E6%B4%BB%E6%8C%87%E5%8D%97%E3%80%81%E8%B4%AD%E7%89%A9%E6%8A%98%E6%89%A3%E3%80%81%E7%8E%A9%E4%B9%90%E6%94%BB%E7%95%A5%E3%80%81%E6%8A%95%E8%B5%84%E5%BB%BA%E8%AE%AE%E3%80%81%E6%9C%AC%E5%9C%B0%E6%B4%BB%E5%8A%A8%E3%80%81%E5%91%A8%E6%9C%AB%E5%8E%BB%E5%93%AA%E3%80%81%E4%BA%B2%E5%AD%90%E4%BA%A4%E5%8F%8B%20-%20%E5%92%95%E5%99%9C%E7%BE%8E%E5%9B%BD%E9%80%9A%20(Guruin.com)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=809509108&gjid=1794125930&cid=1456750607.1614994613&tid=UA-68534246-1&_gid=622888845.1614994613&_r=1&_slc=1&z=1700521123
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.guruin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:53 GMT
opensans-regular-webfont.woff2
rs.guruin.com/a/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-regular-webfont.woff2
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730c41853e408d0663e5ccbb1ece03ed1d9516186dc597c53db251be1c0e0505

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
4633973
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
dee8b6598901501d95f9d9631ad6155b;o=1
cache-control
public, max-age=31536000
cf-ray
62b7db0deb517245-AMS
cf-request-id
08a6c73cb50000724536b2b000000001
expires
Tue, 11 Jan 2022 10:24:00 GMT
opensans-bold-webfont.woff2
rs.guruin.com/a/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/opensans-bold-webfont.woff2
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1754b36db4b0d8ff2cef9d7d6f270b2aba08450fb3033091253f40b3f6b50355

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
age
10270373
content-length
19400
cf-request-id
08a6c73cb50000724534a28000000001
server
cloudflare
etag
"zGn8xw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
0bd325114bb3bdb4325d1087cd66f808
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b7db0deb527245-AMS
expires
Sat, 06 Nov 2021 17:45:19 GMT
montserrat-bold-webfont.woff2
rs.guruin.com/a/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-bold-webfont.woff2
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba19730ef29d3acf1773ccc458e87eb2abd65187c6a3c69aaa6630bfaac0f71

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
4633973
etag
"aRN19g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
dee8b6598901501d95f9d9631ad6155b;o=1
cache-control
public, max-age=31536000
cf-ray
62b7db0deb537245-AMS
cf-request-id
08a6c73cb6000072454920a000000001
expires
Tue, 11 Jan 2022 10:24:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-68534246-1&cid=1456750607.1614994613&jid=809509108&gjid=1794125930&_gid=622888845.1614994613&_u=IEBAAAAAAAAAAC~&z=935627738
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 06 Mar 2021 01:36:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.guruin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
montserrat-medium-webfont.woff
rs.guruin.com/a/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-medium-webfont.woff
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7ff4263acfa27e735c66ce9ffb95ee2ea5647fbb99f9263f3b4478ef4a5ea6

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
5042712
etag
"mqHisA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-cloud-trace-context
10a703c702ae99056782e37ae0457654
cache-control
public, max-age=31536000
cf-ray
62b7db0e2b597245-AMS
cf-request-id
08a6c73cd900007245379a6000000001
expires
Thu, 06 Jan 2022 16:51:41 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=11fc8cdb7128c885119b8fd2c6b99c4d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4e63d3c9c8b83cccd2372404e2be4702cfb0360fdf57670627999dda79324d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.guruin.com
Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SkJZdV0aGAvLSL0FOR1L0A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60547
x-fb-rlafr
0
x-fb-debug
/V+vEFLXGm7VvD2069LEUSwbkFVi3Tk0wLlsT2y/jF1xIRePNnagTa2mTUB5hI+DncBM2asLCopx6FgmycgZPg==
x-fb-trip-id
917726464
x-fb-content-md5
ea3ac35639e623991949c9de7f1ef85d
x-frame-options
DENY
date
Sat, 06 Mar 2021 01:36:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7c08743ef979470517efd848bbeceb2b"
timing-allow-origin
*
expires
Sun, 06 Mar 2022 00:22:13 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-68534246-1&cid=1456750607.1614994613&jid=809509108&_u=IEBAAAAAAAAAAC~&z=856545756
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-68534246-1&cid=1456750607.1614994613&jid=809509108&_u=IEBAAAAAAAAAAC~&z=856545756
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
montserrat-medium-webfont.woff2
rs.guruin.com/a/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rs.guruin.com/a/fonts/montserrat-medium-webfont.woff2
Requested by
Host: rs.guruin.com
URL: https://rs.guruin.com/a/css451/lib.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddea6ff6fe66e1ca2a1d8a571f6e16a4ddcc10aca0b86c46fe2e8d3f3c4a22e1

Request headers

Origin
https://www.guruin.com
Referer
https://rs.guruin.com/a/css451/lib.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:53 GMT
cf-cache-status
HIT
server
cloudflare
age
4004986
etag
"QOVtIg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-cloud-trace-context
b0ecaa8a262d0532d8f652f64cbebc24
cache-control
public, max-age=31536000
cf-ray
62b7db0eab5f7245-AMS
cf-request-id
08a6c73d2b00007245360dd000000001
expires
Tue, 18 Jan 2022 17:07:07 GMT
frame-modern.33c67ae7.js
js.intercomcdn.com/ Frame 27FA 		246 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.33c67ae7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/pvrtbbh6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4422a80776ad6778b2142a4db2453434943687836bcdf5e90bf1829070a0115a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 00:04:40 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 12:00:11 GMT
server
AmazonS3
age
5533
etag
"94791a7afa3c848e7f589b98c41c0e06"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
67656
x-amz-cf-id
UHr5QSKx8cDKKY_PnNgya4XpS6ovNSHIvXnKYNlQ3fvR7_vWEhLRjQ==
vendor-modern.25bdf4d6.js
js.intercomcdn.com/ Frame 27FA 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.25bdf4d6.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/pvrtbbh6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd6213140cd6be0c13799ac8cc7ef5890af37d6a45fd916aae2afd7153530b81

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 00:51:24 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 12:44:47 GMT
server
AmazonS3
age
2730
etag
"abaf5f399dffff67af935ea1c3149ce3"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
38308
x-amz-cf-id
wMZSkGaXQLYeynGfkP63tUQyNDQpAvwInY7u2JRm113-eBQkqigm3w==
ping
api-iam.intercom.io/messenger/web/ Frame 27FA 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33c67ae7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
6f4f5968718ad8aa068d46edb651acb9ec3a2cf4272e85a3d4a70959318717ef
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-ami-version
ami-04b949e354e67e20b
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000928ekmk85suicqs4g
x-runtime
0.197241
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6f4f5968718ad8aa068d46edb651acb9"
x-ratelimit-remaining
19946
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.guruin.com
x-intercom-version
0ebe5fa0c3555b20eb153b65b5cd26edbe9fba37
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1614994620
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
locale-zh-CN-json-modern.c6c1df96.js
js.intercomcdn.com/ Frame 27FA 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/locale-zh-CN-json-modern.c6c1df96.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33c67ae7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d806be0c03764db24bcadb2e75b54c0f9a6d1e9a538dc565a8f43238285e0227

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 14:25:51 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
etag
"32c8e45ff787ecb7692072dec52564d6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
content-length
4686
x-amz-cf-id
-J3dGcC6mWkAoioIsaraaLoUazuRldZNUE1s4Rn0KNlGJrbrJBLa8A==
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guruin.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guruin.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2397483973561683&correlator=3316898390541167&output=ldjh&impl=fifs&eid=31060011&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210306&iu_parts=21736281515%2CSkyscraper_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614994614&dt=1614994614368&dlt=1614994612496&idt=1103&frm=20&biw=1600&bih=1200&oid=3&adxs=55&adys=138&adks=3802077567&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guruin.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1456750607.1614994613&ga_sid=1614994614&ga_hid=1875025208&ga_fc=false&fws=4&ohw=1600
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4a8fdd72088487a5eb7a4cd42788183d87880165bdab402c793a10544c85f655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3456
x-xss-protection
0
google-lineitem-id
5631389438
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341251737
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guruin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2397483973561683&correlator=408720974474901&output=ldjh&impl=fifs&eid=31060011&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210306&iu_parts=21736281515%2Cright_2nd&enc_prev_ius=0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614994614&dt=1614994614372&dlt=1614994612496&idt=1103&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=138&adks=3830779167&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guruin.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x-1&msz=300x-1&ga_vid=1456750607.1614994613&ga_sid=1614994614&ga_hid=1875025208&ga_fc=false&fws=4&ohw=360
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
946cc70a56057436c99a5fea6051bde89991965dd427bc4f0b2544ff556937ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3360
x-xss-protection
0
google-lineitem-id
5575953298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138335424146
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guruin.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
nr-1198.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-amz-request-id
6G7N8SBZFWDP9P9M
x-cache
HIT
content-length
10682
x-amz-id-2
0UGCO4Mhlfex45xXj/8DAFadaQ6I71xHRyRaRgwDh98IVodQV5SoRghdxpscDq1FfJKXoBas7qw=
x-served-by
cache-hhn4024-HHN
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1614994615.715357,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2809
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aee93d91509f5406320bca8b90e1fd955c8c2f0f7037e870c6083a6d8d5ef935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6483
x-xss-protection
0
container.html
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6688 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guruin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.guruin.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sat, 06 Mar 2021 01:36:54 GMT
expires
Sun, 06 Mar 2022 01:36:54 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
container.html
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AB59 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guruin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.guruin.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sat, 06 Mar 2021 01:36:54 GMT
expires
Sun, 06 Mar 2022 01:36:54 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame AB59 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145691
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:08:43 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/425227/44458354/dcm/ Frame AB59 		220 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/425227/44458354/dcm/dcmads.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7865715ee0f3e61982729a9fcef1ba291f96a6ba736486b50d210aea4114f287

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-server-name
app02.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB59 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 6688 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145691
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:08:43 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 6688 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Feb 2021 17:29:32 GMT
server
sffe
age
731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2587
x-xss-protection
0
expires
Sat, 06 Mar 2021 02:24:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6688 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
2da4f3541c
bam-cell.nr-data.net/1/ 		57 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/2da4f3541c?a=9786669&v=1198.fe6ec20&to=IVdbRhdYCA0GEU5EVQAXXFwBUhw%3D&rst=2754&ck=1&ref=https://www.guruin.com/&ap=151&be=603&fe=2546&dc=1374&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1614994611990,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:9,%22c%22:9,%22s%22:30,%22ce%22:114,%22rq%22:114,%22rp%22:504,%22rpe%22:609,%22dl%22:506,%22di%22:1374,%22ds%22:1374,%22de%22:1376,%22dc%22:2546,%22l%22:2546,%22le%22:2569%7D,%22navigation%22:%7B%7D%7D&fp=1034&fcp=1034&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 01:36:55 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
62b7db16ed8a0bf1-AMS
cf-request-id
08a6c7425200000bf11f8d3000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AB59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4Xubiyu362g-b36A-c-O-v5PMTp5eCWmRheb1T7k5T-XaxiuEEu290Xs9MznO_x7BpJeRsYm5RAIZ1nM7HXvQ512pzn_q5uMj9mXbWFTEHBzZErBKo-7C6XNIQDkr7irYNUGrjCRsl1Td6dfGLFPzgbhad2Jo53ZsdRnFL-U9yFlgV0i4RMlnR1eh9Q8kcCjoixWISjd2Sh6J8fyM-WLrx8RYsUfufSqOuBpLpbh_KUeWyhTSLIyE4ilDU_b3Et7JfwIeWDcbmCHuoGvaiabD2YdNI3Jpe-Y-2bOMe6LzTKhZ_MvBpMYxKb_e4A&sai=AMfl-YRBb_il-M6cALhMZbIhbwjmfDl2BM7i6o-BxV5H8ynMwBs3iQKzr_NCqBJF3y4Ffz0gL4TaBSyg44gRpvmIyb_BttFCu60iqDXuzgs5636mjHuIEN1njvz3E88xyJBr&sig=Cg0ArKJSzCXW5pcQAX3jEAE&urlfix=1&adurl=
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6688 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrce4xj08zWBpJSQZnyjjee7tpN0As4HmdPOCnPyMzwsbUz78SGxCGHvI-S-9D6U9ahDBFTpvSc4UMyi_Gg2ta2thyMsedFeXX8R6-lZks9_oSVfDYsQFVxeTcduVEItSsNzwH2GQ2mj43h6UeRCHtk_haC3zP0icQYKwZFcQUKnwmxlF8ZjSRPnMzb0rvrBVFJs556zKPjaQ6LZZlffkmi7oUZlJxl2D8VpQqw_CcOZzwRT-LhFtfUBCaR52bX4GEO2lMMfc8EhpMjp5iDGFG3LiruRFTIi-E9wQBDkNk1UQ&sai=AMfl-YRRofdj1_D6dSMzLW5fNUmYWRs8972__qgDyoMgymKj4HrToalHtxrZF6MSKdt_GiJGEVvrZ1seXVMqYL1ow8Vj9F--EKoG5plVPHH_b72aarXIxbzXnAdEXbB2uJc&sig=Cg0ArKJSzCHC78Q5jBnMEAE&urlfix=1&adurl=
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
B25211100.291913995;dc_pre=CIKO1-LDmu8CFT7kuwgdtGIHew;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/ Frame 6688
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_pre=CIKO1-LDmu8CFT7kuwgdtGIHew;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_pre=CIKO1-LDmu8CFT7kuwgdtGIHew;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimpi/N3941.153944.THEADVERTISINGCLUB/B25211100.291913995;dc_pre=CIKO1-LDmu8CFT7kuwgdtGIHew;dc_trk_aid=485042461;dc_trk_cid=67442974;ord=288343335;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v68.js
www.googletagservices.com/dcm/ Frame 6688 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v68.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Feb 2021 15:22:11 GMT
server
sffe
age
295977
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15248
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:23:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 322D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guruin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.guruin.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 20:51:37 GMT
expires
Sat, 05 Mar 2022 20:51:37 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17117
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPoh...
ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/ Frame 0F89 		33 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
2a3b67d61bb2131d5063d9d85900d47c6cb58d286b00a47ca4159aa08c750f85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 06 Mar 2021 01:36:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
16311
x-xss-protection
0
set-cookie
IDE=AHWqTUmqHpd6wRQNfc3jaE6oI3ZWPAaty-OdEFUoldDhMARBAHkq46xoSNbLZpEllWI; expires=Thu, 31-Mar-2022 01:36:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6688 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad0b0cac280b2e18621700f63c6c55f3334ef066fb1cf5b34f7429c2f18bff8b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6688 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoqnYQMQSlBiod6CAFh7W3kMEX5YDYfxWRnP--WNQS-Xs-By4oR4BdToaUJ8p83ITYrmp0BP99XsA6ex3kb-UuBSt4FWyufZljzz_dK7Zj2R3mr7-5K8BAv_jlwiCLnh3kb5cxINMLt4Pvm7-ti7Mu8Q-beCn2YRLX21OZMLmQpzDUf91mieRCHrX7lv7t-kQUuhNvGg5IGzKWdSedhWU_K2oCNo3cgWDHkthv3HvYSfac1mBQYLtVRJZrdXfOoyWO0TstAgJhVFzDGSQesMl3BHsh9X5bnkiIdmXcLYfHZsuk8Q&sai=AMfl-YSE0TYvMDbXW2-1J5nBsgVvCbGjCvkGUA1fVH85i1fwwDVRVNfWeuZHgTjl4l4kVJe2jyvEW6aoXt6XswwqCopBNCjHCQ6JLTrGLdqBJqBPogU3Rdy1vDaA5nPGI4o&sig=Cg0ArKJSzFg4vIaUllloEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:54 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 322D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
211710
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/ Frame 0F89 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Mar 2021 01:32:23 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 0F89 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ad.doubleclick.net
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 14:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39519
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 14:38:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0F89 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145684
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:08:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0093 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 05 Mar 2021 13:42:11 GMT
expires
Sat, 05 Mar 2022 13:42:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42884
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F89 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:55 GMT
index.html
s0.2mdn.net/9170891/1588636765349/ Frame 7C71 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9170891/1588636765349/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f360f543af5222c7c65b85ab08510b91284f001bebab744c0be59830a709da42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9170891/1588636765349/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1982
date
Sat, 06 Mar 2021 01:36:55 GMT
expires
Sun, 07 Mar 2021 01:36:55 GMT
last-modified
Mon, 04 May 2020 23:59:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0F89 		0
437 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdzexGIAwWRwbtJj2Oj7gKnkmzyQ97DIE1gn37D7l0913b4joPclUtc_sCymvGfyHkb86wCChgg4hDBwAh7u20BqTMx_5ctI8mRk6EI8Oo69y7FuUVZ9jZWlmuQobRtwi85OeqAcSzKQkvBw&sig=Cg0ArKJSzC2HTwyqvuNEEAE&urlfix=1&omid=0&rm=1&ctpt=62&cbvp=1&cstd=59&cisv=r20210303.00234&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/ Frame AB59
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/425227/44458354/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.guruin.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc2660f8122a211509527fafa...
  • https://static.adsafeprotected.com/skeleton.js
17 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-184-54.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:55 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
1275068
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:55 GMT
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 4D81 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-184-54.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:55 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
4
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
dt
dt.adsafeprotected.com/ Frame AB59 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=425227&asId=d29e5ee4-be43-8d96-f676-773bf8d90833&tv=%7Bc:62R8QU,pingTime:-2,time:54,type:a,im:%7Bsf:1,pom:1,prf:%7BmdA:147,mdZ:420,beA:438,beZ:439,mfA:441,cmA:442,inA:442,inZ:447,prA:447,prZ:454,si:460,poA:461,poZ:475,cmZ:475,mfZ:475,loA:484,loZ:486,ltA:491,ltZ:491%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:160,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:54,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~1%5D,as:%5B47~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sqQ0OSm+11%7C1211%7C1212%7C13*.425227-44458354%7C14%7C15,idMap:13*,rmeas:1,rend:0,renddet:TITLE.us.tn,sinceFw:30,readyFired:false%7D&br=u
Requested by
Host: c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
URL: https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 01:36:55 GMT
X-Server-Name
dt36.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=2397483973561683&bg=!7O-l76zNAAWsVXnBrDsAKQB2-DxaFLNQzsy0blob-CV-HU6W7SXzlnp6lcWFYMeMj6y9CIuuKJ1wAgAAAGhSAAAAQ2gBBwoBc3swCOKVDqGGSx7oTpiA2YDAE3y41Rh8y3_cVGVX-MQeWPwYToN5bg_CqLuTy-YeHBoxuE2FZO8cm1lrotaBbNgFj2Kq-5ql3lnWHY4s229jHTYXlAuq_pou3r3uU7PCGkIc7qeyjChYUBIyxEUKKna9thDu_EOpZpGl5ZXnAHang3V_BuT5QtjVkX-oEcuSrI3zdgcbu5_7m7E4zWPrCoqk8yWLy1JG62TbBOh85IT-Vx40EIDCgOelIq0A_tTRAqh_oIwQZEsx_hQRo1n13Xtazh9nev6acAb7eth0m3zfd_OPoIL3GOsRw_iQkjaS_OiFxTEMOA3vTYIOg5Fv-aSCS5vJTRXw9g0b94V9sDDz59rPnI3XOBOUk8wmtsxN9B0p7Yt8ngdSTpZjRwZd0sT2e8UXwT9YvPiEkKp4jx75KHWS4YeahiwMoHGcgqU6-2BH04oZcZicM2u-NVYVHjFvf5gVYIhxH_4W62gzJzkRRzivmQINESyRg6PPvJNWIM2SrW8E55v--QIyTuCxGhMpeTupRe2QzMV1rMCMnqSzh-_fFsriY_m2-MoGczrTLreJUb28xQ4Cj0Np59JWAPD0_9r3h4vBm6qvBCiuNZ2XNAtG37fZyi7F9cwFrwv1kYcgg7LWKzzeoa94Gai_qyzhd7dguTbkaMqUsyL6pX1w_u7FCSkQUHYuaDNSECvxLYWuRfT7ib6Y8qVP_WTTbwHPD8jL5DguzVo3o_sUXTRml2MDfkyNmpO4XMNViP5o5vxDsrs2Jg1GO7du99vl2T5b2gs1-gLpHxdz-2OnyNF1QYP0ZcsXjV2KEAoxDIoCHJvSmP9m65fMt65Mdw-oIk8kPHuR-PoVqMDqaG_HhkGpHuzEN0aDZrBGrs_OfsWd06XGChj0epBQvsYyZIVWeRRmH6kC1n5VjBaFIhEroGyI2sD9zmzTwSmpaiXyi0vzZu5RG5qEUXUy0tpXXT5N3NQ5pYwJqj5BAQjgLHcg0yLiAD-P5gqY3Zye7-CZtGUtnDi8VWb-s1qzrWDCCHNxwy4tE-dYzRcxNFXXoiYHYEMtFx1sTlSU0iQWOFsqlNt5VcuURBY_3a2tSrrtCrIBax6omOX55Ht9E3MsuAgebLku7ipqk3m--7CJ9XhMMPJFyULgJNAvRsFAg8VgU4R3bTWNHdt1Qefwe2dx6WJ6_yMgcbS2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
pagead2.googlesyndication.com/bg/ Frame 0093 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
22947
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
expires
Sat, 05 Mar 2022 19:14:28 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7C71 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9170891/1588636765349/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9170891/1588636765349/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 01:36:55 GMT
index.js
s0.2mdn.net/9170891/1588636765349/ Frame 7C71 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9170891/1588636765349/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9170891/1588636765349/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
097cd639b07443d1c2365c1392ff99338003e219012f040a3e7fa42072aef1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9170891/1588636765349/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14936
x-xss-protection
0
last-modified
Mon, 04 May 2020 23:59:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 07 Mar 2021 01:36:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0F89 		0
55 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdzexGIAwWRwbtJj2Oj7gKnkmzyQ97DIE1gn37D7l0913b4joPclUtc_sCymvGfyHkb86wCChgg4hDBwAh7u20BqTMx_5ctI8mRk6EI8Oo69y7FuUVZ9jZWlmuQobRtwi85OeqAcSzKQkvBw&sig=Cg0ArKJSzC2HTwyqvuNEEAE&urlfix=1&omid=0&rm=1&ctpt=217&vt=11&dtpt=155&dett=3&cstd=59&cisv=r20210303.00234&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6575.2472513GURUIN/B25177536.290787385;dc_ver=68.195;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1633448891;ord=khvdm8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstEP1ezWmYrsibWSerJk1JFLPohfXqglVpRxIQ4iWlW1fryyy3pM6tVs9r6tlX1wWbPSWxLWkoG9RySIa9g9NsihZah-2vxFbb9baTQeQ-vivwvtO1WAQvw797GrHz0G4n0KDodRqoaCRBqgAduVhzWmA4lqZYnFMHVPVTTbf_gPv1aPhhjG-ddoJ8-CkWyT-2qM3UZ24giG20mTUmkGf5yHWqdyASG6ZLZSkqseFBuR7VkMOJ6y7QHRMg6lR4wm2FjN_UKsc7P8HGz6j3pMT7DEnuvbxdGPGFId5qF9PU%26sai%3DAMfl-YRm5La36qWqFoz4hVqyKo9LPNYj0I15PW8rmUPhZMhr-MSQC57wE1Jc9VkOjkO6GsjOZtEkECgFFmYC-z7tDcUcAnMdpTUSG4ji2MAEtFWIVnTcLHZtdfAiGLHSRnk%26sig%3DCg0ArKJSzAvo736lhBGgEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guruin.com%2F$0;xdt=1;crlt=UxZxm6)zZl;osda=2;sttr=16;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame AB59 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1a2f79c179634e46b0b48900c82377f4f0bd8252eaedf734721b3870c1d1290

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0093 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMkg6ttxCYNyEN5uO7_UPxsq58AsAAAAAOAHgBAI&bg=!ExClEFPNAAWsVXnBrDsAKQB2-DxaMrmHaWItlMefJC_EPHY6pDRRbpK1zp9iY5zXlyI_SVEm-_UUAgAAAKtSAAAACWgBB5kCttNgGXjn8OmAJxRwaw_T7zG2G_f2HlpalLVVHsOUX3kIBuZThjMNV57C6K4yci9jr8YqV2cwrrIdJVBuXCjEhocdHK56BYcRlyxN9kJDWiA0z2y9c4HzHstggLhYtpydl9xY_Y3Il3yiW4vc4Y0Dh_S4O_G91YcYu7pcAQjp1r7b30e6m4c_WH2xItY90_jOx0IOgdUnOWMo3E6-BFqTB-ya0l0gclzBIz49WU6WXGoVhXLRrdQ9gLX5gxUbMcSOacwDfOiHvpLXfMQ3ZDP61mot3n7ldK9_sa-4xhD-hrSQjuyL-B6_3g87pqL9DES1qxnINuNI3QXHCqkVMKHTW1Z7JwRysJOJvC_dEvT353XqJ9gNPw8gKBO2IN15ARH_X8cDELs4Tmn5-3ajZgGrMKglFKCmGK48F0DsddhGeKwKjgdBOZAXF6IfA5qlKT3edtOZCAOdXdMYMjaSP8oK0-FofMHlVltu_mRL9oS3PbuOoo5cxn_HuHgrrFKwKrX7bIyHbq3luS2NjJ5TxqSd27mKPvAvzSvViNtcLmCIDeZCmLHp0AlAaKje_6QSXeHbeHfWU5oni5wcr5x0PmKYhWVZOUCHed5tRn6Y7J-nTBFQlp1tIzdSvl8GOmj5cUfo8X1td68YI4YRLOWFTgJyLiLNEMKW-Od3ZHu8gOKdIeEuBJFW16Z24BkE41Q5m6XZnmpdVRXcwjyTYg7qtpGSdMD5i5zvNZ12LKpveOcPr-52b_zDbjrFGQBmdXMd8qYak2pVjrTEnbEa4Kw_gYih1h-4QQ0hwwJUJwmG9L90v1k3nP6UXKx20Gom7wjfCO_FMmQmkVI3g92SbU-QKAenmKovy46V0oXh_Bj9qeTNaXy0a0y_GD5SPwCX182jY4t3XFRzoqer82mTX6drzoblZ1DTdrrrxTE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AB59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQwASMkdTyCgCd1nQKs5UAnEnanBkc5ld768RxRUZzbL1XsxeBGmEnFph5s4pj_4QwkheZ7CY3JjRivODG4Yj36hzGr0YcFf2kx2koYdEyV1Ty8vl7B6glMnvRAqlTsZkv_z3xYi53YwO-9EYEAWoNBeai13voXhsvU43geAvH_HypHlGoLVfNuXfyAyaKCEay1pL73ehw8sJBvxRCW4o4sQXoZKKV88Pcfa2xjdOVp8hpTyfSdkU5J6lFYDi2mmpAhPIhLKxswQ9nGqCEb6EGxFE6ROqgZQUL80DZ3JcQidZg2meJBc9FM9wdPs7d&sai=AMfl-YQyylxRm_FIpk8xFOGt_pAlcBTH0RCl-EbYth8mvkyDV7Nq1vmR_lZ4XEGMzMZhiXThq9F6kgJpKj_VSydCyDNp24iTuHNtINH4jxOmGLzsIENujxsYQtcP0fdmLOfI&sig=Cg0ArKJSzAMsdQxdDRAfEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Mar 2021 01:36:55 GMT
dt
dt.adsafeprotected.com/ Frame AB59 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=425227&asId=d29e5ee4-be43-8d96-f676-773bf8d90833&tv=%7Bc:62R90c,pingTime:-10,time:630,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1614994615655%7C%7C81343add802649bb5800fbdcda2ede9f%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf6ce29cda1013fa1bdf067243a646273%7C%7C2f72ae87c93ea8e960b7ba6b121057f4%7C%7Cb4cfdd44002c5fbc2f7944a929ac236d%7C%7C9ef9bd50d0bbf0e3d0ec320111fafe1f%7C%7C36f554a45281e5971dbe6c61a686fc89%7C%7C1614879537,im:%7Bimprf:%7Bttecl:504,ecd:119,tsecr:3%7D%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 01:36:55 GMT
X-Server-Name
dt36.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6688 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf6CZuA8LxgfYXdsNbsq-LTeDzP7nsn44J1yWOE7lb8PN3-N55UbDm3KFmVjbdaOXqDpFXHiUYlB_Qy5e83O47Vsg2lIFKujtdo9oDSG8&sig=Cg0ArKJSzFRHrv-UGBYbEAE&id=lidar2&mcvt=1005&p=138,1010,388,1310&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3830779167&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614994614581&dlt=149&rpt=138&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F89 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTIlXPLKS277Z-PfOrazrd6NF_1pPYdRjsDW-RD-yjczs2G5-sHXR48ZXeAYPBSTJtK1VJn76dlXtr0Q2hIgfXNw&sig=Cg0ArKJSzNUsB9VymN0XEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=1633448891&rs=6&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AB59 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCygBYapfvTHupCARzsi0Bk3jko_-mYiQLihCmQemVdJ2I9Gz1Unqs_OSGSrZQaGhsf2A8H1375H1tohpwLwkyg74N1dF8paLSk80olvA-Jpm3poM1&sig=Cg0ArKJSzLoRzNHGvI6CEAE&id=osdim&mcvt=1000&p=138,55,738,215&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3802077567&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614994614589&dlt=138&rpt=125&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:36:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~app-modern.257e5d56.js
js.intercomcdn.com/ Frame 27FA 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.257e5d56.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33c67ae7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cacb52fd8f9cf1cf5a024cd14e0fafc0e465fd612393a987738a26aa422e4b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 05 Mar 2021 23:39:49 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 14:25:51 GMT
server
AmazonS3
age
7032
etag
"73e03cee2bfaea6e367366d779272eb5"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
98686
x-amz-cf-id
3eMw8UYOog2BsDZb5kqcLTrcCARABxB0vQslk0buF_hzS0nqc2xGtw==
app-modern.e5e1c7c9.js
js.intercomcdn.com/ Frame 27FA 		664 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.e5e1c7c9.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.33c67ae7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c89bb01edbd760fef71e0cff1af951cdfaebda27c66953893b2293b4150ee49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 06 Mar 2021 00:51:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:59:36 GMT
server
AmazonS3
age
2731
etag
"3596a61b72ae8978110709ea63635819"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-length
159763
x-amz-cf-id
SPGdpHmcoXf8HD5HS4xYoZebtP3zWQJW5tNoAkqL6DxQtFgTlvanAw==
2da4f3541c
bam-cell.nr-data.net/events/1/ 		24 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/2da4f3541c?a=9786669&v=1198.fe6ec20&to=IVdbRhdYCA0GEU5EVQAXXFwBUhw%3D&rst=12754&ck=1&ref=https://www.guruin.com/
Requested by
Host: www.guruin.com
URL: https://www.guruin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.guruin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 06 Mar 2021 01:37:05 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.guruin.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
62b7db54c8500bf1-AMS
Content-Length
24
cf-request-id
08a6c7690100000bf14f053000000001
dc_oe=ChMI3LfX4sOa7wIVG8e7CB1GZQ6-EAAYACCo__w-;met=1;&timestamp=1614994625181;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0F89 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3LfX4sOa7wIVG8e7CB1GZQ6-EAAYACCo__w-;met=1;&timestamp=1614994625181;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 01:37:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| GuruInGlobalMethod_ConvertChinese function| GuruInGlobalMethod_WriteTimeZoneCookie function| GuruInGlobalMethod_triggerUnreadNotification function| GuruInGlobalMethod_closeSearchModal function| GuruInGlobalMethod_DynamicCompileContent function| GuruInGlobalMethod_LoadShareGroupsData function| GuruInGlobalMethod_sync_poi function| GuruInGlobalMethod_resizeIframe function| GuruInGlobalMethod_LoadUserInfo function| GuruInGlobalMethod_shareURLToWeChat function| GuruInGlobalMethod_ValidateEmail string| GURUIN_GOOGLE_BROWSER_API object| Guruin boolean| GuruInGlobalVar_autoloading boolean| GuruInGlobalVar_product_loading boolean| GuruInGlobalVar_native_app boolean| GuruInGlobalVar_enable_chinese_conversion boolean| GuruInGlobalVar_preferred_simplified_chinese string| GuruInGlobalVar_web_push_notification_key number| GuruInGlobalVar_web_push_notification_identitier function| qrcode function| DateFormatter function| datetimepickerFactory function| $ function| jQuery function| Swiper function| loadImage function| IScroll object| iscrollHandler object| jQuery11130002707378119812809 function| _ function| md5 function| Q function| moment object| angular function| Autolinker function| autosize function| Hammer object| Handlebars function| MediumEditor object| MediumInsert object| html5 object| Modernizr object| Turbolinks boolean| GURUIN_JAVASCRIPT_LIBRARY_COMPLETED function| GuruInGlobalMethod_Intercom_load function| GuruInGlobalMethod_Intercom_Do_iframe_customize function| GuruInGlobalMethod_Intercom_iframe_customize function| GuruInGlobalMethod_Do_Intercom_customize function| GuruInGlobalMethod_Intercom_customize function| GuruInGlobalMethod_Intercom_update function| GuruInGlobalMethod_Intercom_shutdown object| googletag string| GoogleAnalyticsObject function| ga boolean| Guruin.Scripts.ga object| GuruInGlobalData_ShareGroupsList function| doTurbolinksBootstrap object| Renative object| GuruIn function| GuruInGlobalMethod_GoogleAdsInitialize function| GuruInGlobalMethod_GoogleAdsInfiniteScrolling function| GuruInGlobalMethod_GoogleLoadAds function| GuruInGlobalMethod_GoogleMapInitialize function| GuruInGlobalMethod_GoogleMapChangeMarkerVisibility function| GuruInGlobalMethod_GoogleMapCreateMarker function| GuruInGlobalMethod_RedrawGoogleMapMarkers function| GuruInGlobalMethod_loadMaps function| GuruInGlobalMethod_GoogleMapFitBounds function| GuruInGlobalMethod_FindPoiInArticle function| GuruInGlobalMethod_GoogleMapCurrentLocation function| GuruInGlobalMethod_initAutocomplete function| GuruInGlobalMethod_loadGoogleAutocomplete function| GuruInGlobalMethod_loadMiniArticleMap function| GuruInGlobalMethod_loadMiniArticleRelatedMap function| GuruInGlobalMethod_GoogleMapReCalculateMapViewportData function| GuruInGlobalMethod_CheckMiniArticlesPopup function| GuruInGlobalMethod_DeleteGoogleMapMarkers function| GuruInGlobalVar_addMiniArticleMapListener object| MiniArticlePopupMap object| ExternalService object| PushNotification function| GuruInGlobalMethod_shareButtonClick function| GuruInGlobalMethod_ShareListButtonClick function| GuruInGlobalMethod_shareLink function| GuruInGlobalMethod_ShareListButtonLink function| GuruInGlobalMethod_SetupWeixinShareJS function| GuruInGlobalMethod_UpdateWechatShareMeta function| GuruInGlobalMethod_shareToFacebook function| GuruInGlobalMethod_shareToWeibo function| GuruInGlobalMethod_shareToWeChat function| GuruinGlobalFunction_ChooseHotKeywords function| GuruinGlobalFunction_ChooseModalResult function| GuruinGlobalFunction_ChooseLocation function| GuruinGlobalFunction_ChooseDepartureAirport function| GuruinGlobalFunction_ChooseArrivalAirport function| GuruinGlobalFunction_InviteFriend function| GuruInGlobalFunction_ReplaceSpecialCharacter function| GuruinGlobalFunction_BuildAutocompleteInviteFriendResult function| GuruinGlobalFunction_BuildAutocompletePlainResult function| GuruinGlobalFunction_BuildAutocompleteResultWithIcon function| parseDateTime function| GuruinGlobalMethod_sort function| GuruInGlobalMethod_loadSearchResultCount object| TurbolinksBootstrapped undefined| Cookies function| Marquee3k function| createCalendar boolean| GURUIN_JAVASCRIPT_ANGULAR_MODULES_COMPLETED number| GuruInTurbolinksVisits function| Intercom object| globalvariableSlots object| renativeTriggerQueue string| FACEBOOK_PIXEL_ID function| fbq function| _fbq object| intercomSettings undefined| url object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| FB function| __intercomAssignLocation function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.guruin.com/ Name: __gads
Value: ID=c006b55bc2c32375-22ff1ebcb3ba0004:T=1614994614:S=ALNI_MbB9e9s_8aFnMTbvtPGdW0pp3HhzA
.guruin.com/ Name: intercom-id-pvrtbbh6
Value: e1b8d154-2446-44c3-9799-7b2f4a99afe2
.guruin.com/ Name: _gat
Value: 1
.guruin.com/ Name: __cfduid
Value: dc70e8cde3252dc819e923b4632b6e0d61614994612
.guruin.com/ Name: _gid
Value: GA1.2.622888845.1614994613
www.guruin.com/ Name: lng
Value: -118.243685
www.guruin.com/ Name: __giuid
Value: 20210306.3261294947.f34e96995ddf3ff5eb1bfde138cfe29c
.guruin.com/ Name: _ga
Value: GA1.2.1456750607.1614994613
www.guruin.com/ Name: poi
Value: 2311
www.guruin.com/ Name: bctz
Value: -60
.guruin.com/ Name: W
Value: f209f24a-0040-4d77-aabd-bc3fada2d27a
www.guruin.com/ Name: after_signin_out_page
Value: %2F
.guruin.com/ Name: intercom-session-pvrtbbh6
Value:
www.guruin.com/ Name: lat
Value: 34.052234
www.guruin.com/ Name: pl
Value: %7B%22na%22%3Atrue%7D

18 Console Messages

Source Level URL
Text
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 10)
Message:
Bootstrap for [push]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 10)
Message:
Bootstrap for [guruin.app]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 10)
Message:
Bootstrap for [webevent]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14967)
Message:
###### GuruIn Bootstrap BEGIN ######
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 923)
Message:
#[Renative.Uri.pushState bootstrap] [done]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14973)
Message:
Turbolinks bootstrap...
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 3971)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 483)
Message:
#[Renative.UI] bind: [SubjectFeed:load] (ExternalService.Web.subjectFeedSwiderInitialize)
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 4790)
Message:
#[GuruIn.App (angular)] App bootstrap...
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14490)
Message:
#[GuruIn.defaultBoostrap] bootstrap:region (#default)
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14828)
Message:
#[GuruIn] sendPageviewTracking [/]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14829)
Message:
#[GuruIn] sendPageviewTracking [done]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 14841)
Message:
#[GuruIn] turbolinks:url:changed [done]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 516)
Message:
#[Renative.UI] trigger: (SubjectFeed:load)
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 15004)
Message:
###### GuruIn Bootstrap ENDDD ######
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 10)
Message:
Bootstrap for [boot]
console-api log URL: https://rs.guruin.com/a/1056/application.js(Line 4167)
Message:
Notification is not defined
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32)
Message:
a: 0.002197265625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
api-iam.intercom.io
bam-cell.nr-data.net
c2660f8122a211509527fafa3e63d479.safeframe.googlesyndication.com
cdn.pocket-lint.com
connect.facebook.net
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
images-na.ssl-images-amazon.com
js-agent.newrelic.com
js.intercomcdn.com
pagead2.googlesyndication.com
rs.guruin.com
s0.2mdn.net
s3.guruin.com
s8.guruin.com
secure.insightexpressai.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.guruin.com
104.244.36.20
142.250.185.194
142.250.185.70
142.250.186.34
151.101.114.110
162.247.243.147
172.67.23.98
216.58.212.130
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:802::2001
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:400c:c1b::9d
2a02:26f0:6c00:298::1ec4
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:62::272
34.251.107.229
54.220.184.54
65.9.187.90
65.9.96.16
65.9.96.91
99.83.219.81
097cd639b07443d1c2365c1392ff99338003e219012f040a3e7fa42072aef1c6
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11c707e69ddf3382bba6fc852af1cc9ac1ac4058506ca1806b016e98ac067db3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
164daf73aa420c2a9b5fc740b70497674c2737ce520d70761c110e42e4874896
1754b36db4b0d8ff2cef9d7d6f270b2aba08450fb3033091253f40b3f6b50355
1e5bf8f35e5ce0435e4b75d94c28001d3b831ff6f12f49b786e5b5404232eb42
229878c518782ea3fd79425209286356d7ab47a08a24b54ea32d9197a7380e47
29d445b5dbb64bd460f19bc5c7195e7292d237d0ee5faa2923aa5cdc1d05fa3f
2a3b67d61bb2131d5063d9d85900d47c6cb58d286b00a47ca4159aa08c750f85
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30cee697ea1dc73df892e106743be3eb3fd36d7ef47b503bf3f4a39a6a82163d
3218dc32c8faa442a5b5a095c3417237053717fabec8fe1122c1c8cac98dd614
32477bfb1d56edfac1a7f63c640c75fe685ef15ca5667dc17dc9476c9ed1e177
338c14e9afd4e0db48e1e0533b4772864732f0cc2f165d191b9c9c501e7e1746
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3a10f0eb825b1210dcae656c5841f4c0557081fb159ea6866f67b2ed64ac1fd0
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
434d5ffdc43cfb3ca9461ffe66fc0659522e6e79a917bf7398c503fbfb7f0a43
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
4422a80776ad6778b2142a4db2453434943687836bcdf5e90bf1829070a0115a
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
475cece12f7632851d51e9a9504694e51375d24eb8f2cba081b34ea550dffe88
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a8fdd72088487a5eb7a4cd42788183d87880165bdab402c793a10544c85f655
4ba19730ef29d3acf1773ccc458e87eb2abd65187c6a3c69aaa6630bfaac0f71
4c5194c090b2b67792d1975d6a0b7b96e8711ca2c42b6f5ba1f02275ff8a3aca
4c89bb01edbd760fef71e0cff1af951cdfaebda27c66953893b2293b4150ee49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5200836eac23b4fb9b76b0457e56045617cd621b31d18ca4deee40923d472f48
54f4a1f6f924effa761fb8ee7e0d137994a32a8508d7d1d793984bd6fa6bfcac
5b84a15890461c9f9cf6fec808be7976091d8a29648f2897beaf0f4ee6697081
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6787ded150e5dc952b98507bf7ca2630e2ef1084caef2a6586dba3601e48a89d
68de32ad50b497f1b0de474eac0ff518d2be140a253444165a3c3aa9b38c187d
69869e2eb8687b63ec31336e4d86fc67dd0e55a8ac5a2a6ead8f9ec8b3bc1ea5
6f4f5968718ad8aa068d46edb651acb9ec3a2cf4272e85a3d4a70959318717ef
730c41853e408d0663e5ccbb1ece03ed1d9516186dc597c53db251be1c0e0505
7865715ee0f3e61982729a9fcef1ba291f96a6ba736486b50d210aea4114f287
842dedcfa8ce31909652dc6310761c30e0c924fc2b1574abb362c125ed46b231
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f2810f8532ac12e3cafa1b3255bb6b64798fd769b63d12fbe97d3a53b50259
8e089158cd32ce1bc9b988cb1783fb721877c2f01374b57bd0bd3687a9d2f5d6
946cc70a56057436c99a5fea6051bde89991965dd427bc4f0b2544ff556937ae
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
987c92fe04a0462733797b2beb9984eab26cbbad66fc752ea01141b291514f3b
98d9aad1e5bcec7dc4a9fe6027254ffedbc59c8ff48f0e261a901b9ec4e96e6a
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1a2f79c179634e46b0b48900c82377f4f0bd8252eaedf734721b3870c1d1290
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cacb52fd8f9cf1cf5a024cd14e0fafc0e465fd612393a987738a26aa422e4b
ad0b0cac280b2e18621700f63c6c55f3334ef066fb1cf5b34f7429c2f18bff8b
ae9ccd9161c6ca983f1a92f60a45484a370e2962d2cad630acc2a3201131fa81
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee93d91509f5406320bca8b90e1fd955c8c2f0f7037e870c6083a6d8d5ef935
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b899e46aa954e9105e66ea412ea66b084a36f609a709b8920bf0b2c61c734c7d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc52a4b5dc6e1514359b69843716b901bd7c1130d76bba2ff88dd128a7898e60
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
ce7ff4263acfa27e735c66ce9ffb95ee2ea5647fbb99f9263f3b4478ef4a5ea6
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
d5f1108015cfef56e45331bc8c836e8dcc276cb3e183720427492fddf5ac077f
d6fbac2c8cd5ba363a94aacfdd1615e0d181a0aa1d467735b31c8a8314344a77
d806be0c03764db24bcadb2e75b54c0f9a6d1e9a538dc565a8f43238285e0227
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da1c65a093e5be4486d3a035871360ee1588a718ccb27a14474c2e7f177c0dde
dd6213140cd6be0c13799ac8cc7ef5890af37d6a45fd916aae2afd7153530b81
ddea6ff6fe66e1ca2a1d8a571f6e16a4ddcc10aca0b86c46fe2e8d3f3c4a22e1
e05d2e8c38107089cbc9274fc8244e445a4cd0a34458bbc98e40c014ad3c59fe
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e528658e82dbfc21dbac2c95c526f35f7e621c390a052b5199a47496b631c716
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
e9a65a38b646b728a34c43efdf8b4868a833e5febd8b526146ef5875bd2f6a1d
eb4dc0413df98bef4b3e1fea3299d0a51da021ac510959e9f23997415cf6b79b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d2cebdd298aa6991b91a2c1727605a0ea2afcf0ca031c40af31107f31e213
f360f543af5222c7c65b85ab08510b91284f001bebab744c0be59830a709da42
f3ca2ef750c563aa0ab29a90e7a2af094b8ab134f9cefa627db851e526d3013a
f3ceb0bc59d43b00d53bede73c6fd1fa7bd79eb1804e913ba0ddcd2b2f442441
f3dbca33b9ef5b22e793076ae33895f771a06a98843a86c38d39b99179c2d9bb
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4e63d3c9c8b83cccd2372404e2be4702cfb0360fdf57670627999dda79324d6
f63927421eb35501398c7b54102ba398a39e96957a82613ca700caafd508bcf8