urlscan.io logo urlscan.io
SecurityTrails logo

user.gurumaps.app Open in urlscan Pro
2a01:4f8:231:3520::2  Public Scan

Go To Rescan Add Verdict Report
URL: https://user.gurumaps.app/
Submission: On September 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2a01:4f8:231:3520::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is user.gurumaps.app.
TLS certificate: Issued by R3 on September 14th 2021. Valid for: 3 months.
This is the only time user.gurumaps.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2a01:4f8:231:3520::2 (Germany)

ASN24940 (HETZNER-AS, DE)
user.gurumaps.app
1    2a00:1450:4007:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f027:18:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4007:80b::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4007:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
7 user.gurumaps.app user.gurumaps.app
3 fonts.gstatic.com fonts.googleapis.com
2 apis.google.com user.gurumaps.app
apis.google.com
2 connect.facebook.net user.gurumaps.app
connect.facebook.net
1 fonts.googleapis.com user.gurumaps.app
0 accounts.google.com Failed apis.google.com
16 6

This site contains no links.

Subject Issuer Validity Valid
user.gurumaps.app
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://user.gurumaps.app/
Frame ID: 006B79201EA7B7798A1F2E2304E927FF
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 70AC76A21F3690A9BC3859868015CEC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

16
Requests

94 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1298 kB
Transfer

1530 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
user.gurumaps.app/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
45aaea8055aa2d8c8d7e5255bedaa26dbafe3685436b1b4e0f81a4c8af336b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:method
GET
:authority
user.gurumaps.app
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 14 Sep 2021 22:47:38 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 24 May 2021 19:56:26 GMT
etag
W/"60ac04ea-a20"
strict-transport-security
max-age=31536000;
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-encoding
gzip
css2
fonts.googleapis.com/ 		4 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Be+Vietnam:wght@400;500;600;700&display=swap
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89671ea6642ff3f89deefdce44964794d73f63ef60d959b2efe4c17975386b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 22:47:43 GMT
server
ESF
date
Tue, 14 Sep 2021 22:47:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 22:47:43 GMT
index.css
user.gurumaps.app/fonts/ 		494 B
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.gurumaps.app/fonts/index.css
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d53edfdffc17c6a894fb75ca02a17e7fd00e62290de25fd3306c41679c16bd8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/fonts/index.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:38 GMT
last-modified
Mon, 24 May 2021 19:55:48 GMT
server
nginx
etag
"60ac04c4-1ee"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
text/css
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
494
2.d05b89a1.chunk.css
user.gurumaps.app/static/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.gurumaps.app/static/css/2.d05b89a1.chunk.css
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e0ac5580f0a8f613605c540a31f12e32d2022c6f54d3f957c48f4359905837d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/css/2.d05b89a1.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:38 GMT
last-modified
Mon, 24 May 2021 19:56:26 GMT
server
nginx
etag
"60ac04ea-5382"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
text/css
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
21378
2.dfa42400.chunk.js
user.gurumaps.app/static/js/ 		999 KB
1000 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.gurumaps.app/static/js/2.dfa42400.chunk.js
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
6720cb671c20960da80ddd0d85e07c04d0e8ec040521065c14f2573a45d91f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/js/2.dfa42400.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:38 GMT
last-modified
Mon, 24 May 2021 19:56:26 GMT
server
nginx
etag
"60ac04ea-f9a73"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
1022579
main.6501f040.chunk.js
user.gurumaps.app/static/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.gurumaps.app/static/js/main.6501f040.chunk.js
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
216c14006ba94963c7447e316510399208a84a697cbc6dfcd27242a7fcc0db97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/js/main.6501f040.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:38 GMT
last-modified
Mon, 24 May 2021 19:56:26 GMT
server
nginx
etag
"60ac04ea-179e8"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
96744
logo_single.svg
user.gurumaps.app/static/brand/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.gurumaps.app/static/brand/logo_single.svg
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
7ccd10144c6386b5068079aea33d220fd0281e96a6662fb5f620d85ff1f9c500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/brand/logo_single.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:44 GMT
last-modified
Mon, 24 May 2021 19:55:48 GMT
server
nginx
etag
"60ac04c4-786"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/svg+xml
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
1926
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/static/js/2.dfa42400.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d0899a3a630a0b795c2d1f6ea4de8611dae83b03becbda6a1d36d1c8ac5d2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1x3wZn4oqZIG2JRtQ08y8Q==
cross-origin-resource-policy
cross-origin
expires
Tue, 14 Sep 2021 23:06:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
goPKLujMoAkfNSQzG3NcdKYyfdomIzbxobGS6oakXBUzeVDF7UwcfeQiJTAX0N1INoZ/Z0dEK6y6xpP38v0OsQ==
x-fb-trip-id
1781455057
x-fb-content-md5
b0d5d5a8e93dddf99902e793cfe4384e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 14 Sep 2021 22:47:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"64b0f7725164e482f56eaba249993722"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
api.js
apis.google.com/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/static/js/2.dfa42400.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MlNIZVz+1dDKd/UMD9HFtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6cf1a8085d365822968a50501ed9fdee"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-MlNIZVz+1dDKd/UMD9HFtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 14 Sep 2021 22:47:49 GMT
illustration_login.svg
user.gurumaps.app/static/illustrations/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.gurumaps.app/static/illustrations/illustration_login.svg
Requested by
Host: user.gurumaps.app
URL: https://user.gurumaps.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:231:3520::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8cad28f4dd9f9eec5ba21b93e015679ca1165e384ff25244df5c2bb29f1b84ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/illustrations/illustration_login.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
user.gurumaps.app
referer
https://user.gurumaps.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 22:47:44 GMT
last-modified
Mon, 24 May 2021 19:55:48 GMT
server
nginx
etag
"60ac04c4-3603"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/svg+xml
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
13827
FBVwdDflz-iPfoPuIC2iKlUE_UBFJg.woff2
fonts.gstatic.com/s/bevietnam/v2/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bevietnam/v2/FBVwdDflz-iPfoPuIC2iKlUE_UBFJg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Be+Vietnam:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ef88e9a90bff0373122ef0356027b2686ed46f6677cde5fb05f1f77850af293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.gurumaps.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 10:58:44 GMT
x-content-type-options
nosniff
age
42545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17964
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:41:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 10:58:44 GMT
FBVwdDflz-iPfoPuIC2iKnkD_UBFJg.woff2
fonts.gstatic.com/s/bevietnam/v2/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bevietnam/v2/FBVwdDflz-iPfoPuIC2iKnkD_UBFJg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Be+Vietnam:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aff8f7c899206dab89dabc90ab271da5f8b58d249a43e53c0f83ae0922c6b60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.gurumaps.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 04:30:10 GMT
x-content-type-options
nosniff
age
584259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17984
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:40:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 04:30:10 GMT
FBVwdDflz-iPfoPuIC2iKh0C_UBFJg.woff2
fonts.gstatic.com/s/bevietnam/v2/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bevietnam/v2/FBVwdDflz-iPfoPuIC2iKh0C_UBFJg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Be+Vietnam:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bba25f89504698be227d0d44550384df97f1448dc1337753fb719d3a770e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.gurumaps.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:46:35 GMT
x-content-type-options
nosniff
age
97274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17988
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:41:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:46:35 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.gurumaps.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35070
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:43:18 GMT
iframe
accounts.google.com/o/oauth2/ Frame 70AC 		0
0
sdk.js
connect.facebook.net/en_US/ 		222 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=6336a9f883c901c56c99e51686c3d44b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29db2d3dcc3f5e302b07f0c4495b5ceed99a41d7adcfa9ff16fd16e581ea6430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://user.gurumaps.app/
Origin
https://user.gurumaps.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6NJyXJTTKhJ4MwS07gH8tQ==
cross-origin-resource-policy
cross-origin
expires
Wed, 14 Sep 2022 21:31:53 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66874
x-fb-rlafr
0
x-fb-debug
OAchTEklHLCrYA4OqX+G7mecd8caMfWxTV72K9DwivqfEq+rqkI5GBnBSRCDmTf4olE1zfO+KGMhx4KHevdx5g==
x-fb-trip-id
2050670934
x-fb-content-md5
0c20772aef3b6c5beab7a0e16325bb58
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 14 Sep 2021 22:47:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"646d5ee6032e52b99c14a9b65e9ffc26"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/o/oauth2/iframe

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp@minimal/material-kit-react number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| regeneratorRuntime function| fbAsyncInit object| gapi object| ___jsl object| osapi object| FB

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 223=p7TyfOcbLM31GNIcPLsJKHXY_0ZkkHI4VhgPYkkj2T7Py_Qe3jxTRVI8cVsYjmrjC4-tyj7Y5SvuV5jSV5Y-9wkOD6kyKOt9j--b4EbodfOyHc4KzzQWfq-rMIvOTqECqDv-DZtkIhB8U6UuHuL_Mwaw-B9q0q-27qDLY3LX2Us
.user.gurumaps.app/ Name: G_ENABLED_IDPS
Value: google

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;