guroleads.com Open in urlscan Pro
108.167.140.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://guroleads.com/link/4/8
Submission: On March 19 via manual (March 19th 2022, 8:03:21 pm UTC) from CA — Scanned from CA

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 13 HTTP transactions. The main IP is 108.167.140.199, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is guroleads.com.
TLS certificate: Issued by R3 on March 6th 2022. Valid for: 3 months.

This is the only time guroleads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	108.167.140.199 108.167.140.199		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2606:4700::68... 2606:4700::6810:125e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16 17	34.117.157.161 34.117.157.161		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	3

10 108.167.140.199 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: gator4164.hostgator.com

guroleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eagleford.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.117.157.161 (Kansas City, United States) 16 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.157.117.34.bc.googleusercontent.com

www.vnxhw1h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.psoen2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	psoen2.com 15 redirects www.psoen2.com	3 KB
9	guroleads.com guroleads.com	115 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	18 KB
1	vnxhw1h.com 1 redirects www.vnxhw1h.com	370 B
1	eagleford.co eagleford.co	8 KB
13	5

	Domain	Requested by
16	www.psoen2.com	15 redirects guroleads.com
9	guroleads.com	guroleads.com
2	cdnjs.cloudflare.com	guroleads.com
1	www.vnxhw1h.com	1 redirects
1	eagleford.co	guroleads.com
13	5

This site contains links to these domains. Also see Links.

Domain
www.vnxhw1h.com

Subject Issuer	Validity	Valid
guroleads.com R3	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.singlesbird.com R3	`2022-03-18` - `2022-06-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
wb43trk.com Starfield Secure Certificate Authority - G2	`2021-12-03` - `2022-12-03`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=663cb83f6e2949ee823c66671f7e59dd&__rpa=1&__rc=16&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
Frame ID: D8794F8210C3CFFCF44F7A5845FE9F30
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Raphael (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

raphael(?:-([\d.]+))?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

141 kB
Transfer

350 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vnxhw1h.com/CP11R5/2W2W8GM/?sub1=377631
Title: Link

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.vnxhw1h.com/CP11R5/2W2W8GM/?sub1=377631 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1070&__ptid=5e8979b656854c43875f12faab472572&__rpa=1&__rc=1&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=8ecf28fb98074ac8b41bc11bf44a7b51&__rpa=1&__rc=2&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8e536c1b1f0f47c58ed1b0c4f69c0920&__rpa=1&__rc=3&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=b009d5dc38814b97869de2b974a534b0&__rpa=1&__rc=4&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=0fa5709175c34388bdd5b7fd715ed879&__rpa=1&__rc=5&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=520cd0ee594e4c4bb7036d64d115c129&__rpa=1&__rc=6&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=0599d96a48e848f1a83395e702e2df84&__rpa=1&__rc=7&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=22eded6ce32243ee9ad9d86255d8b701&__rpa=1&__rc=8&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8b9b10fed0fb44ddb013c3d4606df2e1&__rpa=1&__rc=9&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=4725c303a27c43b192cebefa6064d3c3&__rpa=1&__rc=10&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8f6b6bb7794d4673a9672d2eff8a6fa2&__rpa=1&__rc=11&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=7f339a18142547a988ecb27017d08b15&__rpa=1&__rc=12&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=3b08b327dc884d659a08aed18fadd5a8&__rpa=1&__rc=13&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=25b20b6a90a74c59b667aa5e3cc97244&__rpa=1&__rc=14&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=bbb634628c9845f2a8a229e9f54ff54a&__rpa=1&__rc=15&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=663cb83f6e2949ee823c66671f7e59dd&__rpa=1&__rc=16&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 8 Show response
guroleads.com/link/4/ 3 KB
2 KB 957ms
689ms Document
text/html 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: fc65bf4454e96ee79fe2f33c1d0e6a207a1a00cebf9326e2e0f80c076d9eede2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, private
date: Sat, 19 Mar 2022 20:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 974
content-type: text/html; charset=UTF-8
server: Apache

GET
H2 200 giphy.webp
eagleford.co/public/ 8 KB
8 KB 324ms
115ms Image
image/webp 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eagleford.co/public/giphy.webp
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 2057eda01ccdd147367d9ff98aab092de6bbe146c10db824359c372ec0b1cb4e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
last-modified: Sun, 22 Nov 2020 17:39:06 GMT
server: Apache
accept-ranges: bytes
content-length: 8378
content-type: image/webp

GET
H2 200 jquery.min.js Show response
guroleads.com/public/all/vendor/jquery/ 84 KB
37 KB 243ms
243ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/vendor/jquery/jquery.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.2/js/ 63 KB
16 KB 45ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.2/js/select2.min.js

Requested by

Host: guroleads.com
URL: https://guroleads.com/link/4/8

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d381b60e78fe6a92b01261400a97bedafcffca1e1833af850d0daa84bc905ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2657628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15307
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-fdd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81DG4pKjxNZ3GkqC5xYhkQ5iw5Oz8oH%2Fp7V1ofedFwVPsj7xYYtqu72A%2BLMUlLSHOdHq1zyZJGgPkxgo3dt5GrAaZGNIzAo3XmbhQeb9kCvkOlJSPRNM5%2BMpJh5KKI4qv76MrnJvC3LBzNwADBSztM43"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee8ced9ac7fecea-YUL
expires: Thu, 09 Mar 2023 20:02:50 GMT

GET
H2 200 bootstrap.min.js Show response
guroleads.com/public/all/vendor/bootstrap/js/ 36 KB
14 KB 184ms
182ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 14394

GET
H2 200 metisMenu.min.js Show response
guroleads.com/public/all/vendor/metisMenu/ 2 KB
924 B 125ms
123ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/vendor/metisMenu/metisMenu.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 824

GET
H2 200 raphael.min.js Show response
guroleads.com/public/all/vendor/raphael/ 90 KB
38 KB 239ms
237ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/vendor/raphael/raphael.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 2e2f266d07572b616d89422efd244d7df28cc13e647b8ee0472f8a6ff52f5299

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 morris.min.js Show response
guroleads.com/public/all/vendor/morrisjs/ 35 KB
13 KB 182ms
180ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/vendor/morrisjs/morris.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: d2b83656d7c9a375548a3fd463d5f41c93fb3444fab60018f7c68c39fc0fd0ff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 13199

GET
H2 200 morris-data.js Show response
guroleads.com/public/all/data/ 2 KB
650 B 126ms
124ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/data/morris-data.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: e47cfc894e08fdd86d1f8e3c95f5da9286b1b66068cdb6bc1e73758ee6997114

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 618

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 5 KB
2 KB 45ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

Requested by

Host: guroleads.com
URL: https://guroleads.com/link/4/8

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 940723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1885
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-15a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQV2bjlGYKe%2Bc1Z9%2Bno0aHjt%2F95VYGqOiY6Y7CdJBoLr1mTYGA4vqQQrqdnF0D%2BXVJNhLebqypLxy8OkT5yC8CfF0hq0fbQx2uTdk8ZYRJZSnkemJtCAXzhTLrHwz5B4dDvojWei6FMjycbVs3xzA7Vh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee8ced9ac81ecea-YUL
expires: Thu, 09 Mar 2023 20:02:50 GMT

GET
H2 200 sb-admin-2.js Show response
guroleads.com/public/all/dist/js/ 2 KB
699 B 126ms
125ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/dist/js/sb-admin-2.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: bd119e1f2efd5138f30d0bfb4f6bab9a2b306b027a883dc9cfa55851e164a183

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 667

GET
H2 200 push.min.js Show response
guroleads.com/public/all/dist/js/ 19 KB
8 KB 184ms
183ms Script
application/javascript 108.167.140.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://guroleads.com/public/all/dist/js/push.min.js
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.140.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator4164.hostgator.com
Software: Apache /
Resource Hash: 3c517e508d03443e807fbfe18fbdca73f345126beb97f4d22758c4be0cdcbca3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://guroleads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 20:02:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 19:34:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7879

GET
H2

204

/
www.psoen2.com/CP11R5/2T4HGH4/
Redirect Chain

https://www.vnxhw1h.com/CP11R5/2W2W8GM/?sub1=377631
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1070&__ptid=5e8979b656854c43875f12faab472572&__rpa=1&__rc=1&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=8ecf28fb98074ac8b41bc11bf44a7b51&__rpa=1&__rc=2&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8e536c1b1f0f47c58ed1b0c4f69c0920&__rpa=1&__rc=3&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=b009d5dc38814b97869de2b974a534b0&__rpa=1&__rc=4&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=0fa5709175c34388bdd5b7fd715ed879&__rpa=1&__rc=5&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=520cd0ee594e4c4bb7036d64d115c129&__rpa=1&__rc=6&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=0599d96a48e848f1a83395e702e2df84&__rpa=1&__rc=7&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=22eded6ce32243ee9ad9d86255d8b701&__rpa=1&__rc=8&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8b9b10fed0fb44ddb013c3d4606df2e1&__rpa=1&__rc=9&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=4725c303a27c43b192cebefa6064d3c3&__rpa=1&__rc=10&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=8f6b6bb7794d4673a9672d2eff8a6fa2&__rpa=1&__rc=11&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=7f339a18142547a988ecb27017d08b15&__rpa=1&__rc=12&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=3b08b327dc884d659a08aed18fadd5a8&__rpa=1&__rc=13&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=25b20b6a90a74c59b667aa5e3cc97244&__rpa=1&__rc=14&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/ZCJM85/?__rpt=0&__po=1051&__ptid=bbb634628c9845f2a8a229e9f54ff54a&__rpa=1&__rc=15&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=663cb83f6e2949ee823c66671f7e59dd&__rpa=1&__rc=16&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9

0
0

44ms
43ms

Document
text/plain

34.117.157.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=663cb83f6e2949ee823c66671f7e59dd&__rpa=1&__rc=16&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
Requested by: Host: guroleads.com
URL: https://guroleads.com/link/4/8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.161 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 161.157.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

server: nginx
date: Sat, 19 Mar 2022 20:02:51 GMT
vary: Origin
x-eflow-request-id: 290bbe85-007c-4e53-8545-88c4c78aa54f
via: 1.1 google
alt-svc: clear

Redirect headers

server: nginx
date: Sat, 19 Mar 2022 20:02:51 GMT
content-type: text/html; charset=utf-8
content-length: 233
location: https://www.psoen2.com/CP11R5/2T4HGH4/?__rpt=0&__po=552&__ptid=663cb83f6e2949ee823c66671f7e59dd&__rpa=1&__rc=16&sub1=377631&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
vary: Origin
x-eflow-request-id: 40c46955-b68f-433e-9520-3e9f3fa13e6f
via: 1.1 google
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			guroleads.com/	1970-01-20 01:42:07	Name: XSRF-TOKEN Value: eyJpdiI6Ilp5dU9UT2ZvV21aNlZ3VUxwRTdTXC9RPT0iLCJ2YWx1ZSI6ImxvVU1RYXJ3TnZ2WnkwOUtXRVQyS2x4NURadFArU0Vnd3A3R3dXUGZDdFwvTjA4emd4aGZJYXVPYW9mN0RpcDllSitTTnNiRWdXRkdJVVhoTE9mY0Zxdz09IiwibWFjIjoiMTNkNGFkMjc0OWVlZjkwYzViNTA3Yzc4MWYzMDczNTQ1NGRhMGFjOTc5ZWI4YzdmYTUyODM1M2JlZTU5YzQzMyJ9
			guroleads.com/	1970-01-20 01:42:07	Name: laravel_session Value: eyJpdiI6Imx4Y0orYzdaN2NSMUp0TzhzRzRlQ3c9PSIsInZhbHVlIjoiTjlBU21Gd3A5Y0wwSzlQYzNNalpPUWI0bmtoaXlTQ3VzbW1EWG1wa3FpTjA2OVRWZnRNMVRcL3dFUVQrUzd3TTBZTjllTFRtOWIwQjdDMEVIbVdWYUlBPT0iLCJtYWMiOiI1Yzk3NzU0N2JhYWY4MWYwMTliMDUyMWZiMDY4MmRlZDI4ZTI1OTI3OTI0ZDg1YjVhMzFkYTMyZjA3MzgxOTljIn0%3D
			www.vnxhw1h.com/	1970-01-20 01:43:26	Name: uniqueClick_2W2W8GM Value: 8c0a04b3-ba81-4b48-b868-1c3ab17056ba:1647720170
			www.psoen2.com/	1970-01-20 01:43:26	Name: uniqueClick_ZCJM85 Value: da901de6-d0a3-442c-951a-7f904e650518:1647720170
			www.psoen2.com/	1970-01-20 01:43:26	Name: uniqueClick_2T4HGH4 Value: a6e6a798-7b1d-4fef-85e8-2a9affe2af90:1647720170

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://guroleads.com/link/4/8 Message: Mixed Content: The page at 'https://guroleads.com/link/4/8' was loaded over HTTPS, but requested an insecure element 'http://eagleford.co/public/giphy.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://guroleads.com/link/4/8(Line 19) Message: Mixed Content: The page at 'https://guroleads.com/link/4/8' was loaded over HTTPS, but requested an insecure element 'http://eagleford.co/public/giphy.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
eagleford.co
guroleads.com
www.psoen2.com
www.vnxhw1h.com
108.167.140.199
2606:4700::6810:125e
34.117.157.161
2057eda01ccdd147367d9ff98aab092de6bbe146c10db824359c372ec0b1cb4e
2e2f266d07572b616d89422efd244d7df28cc13e647b8ee0472f8a6ff52f5299
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b
3c517e508d03443e807fbfe18fbdca73f345126beb97f4d22758c4be0cdcbca3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
bd119e1f2efd5138f30d0bfb4f6bab9a2b306b027a883dc9cfa55851e164a183
d2b83656d7c9a375548a3fd463d5f41c93fb3444fab60018f7c68c39fc0fd0ff
d381b60e78fe6a92b01261400a97bedafcffca1e1833af850d0daa84bc905ffb
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e47cfc894e08fdd86d1f8e3c95f5da9286b1b66068cdb6bc1e73758ee6997114
fc65bf4454e96ee79fe2f33c1d0e6a207a1a00cebf9326e2e0f80c076d9eede2