urlscan.io logo urlscan.io
SecurityTrails logo

dff69898rt.gurucan.com Open in urlscan Pro
3.222.146.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://dff69898rt.gurucan.com/app
Submission: On November 28 via manual from PL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 3.222.146.93, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dff69898rt.gurucan.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 16th 2022. Valid for: a year.
This is the only time dff69898rt.gurucan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 3.222.146.93 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 151.101.0.176 54113 (FASTLY)
1 2 178.248.237.144 197068 (QRATOR)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.111.151.68 396982 (GOOGLE-CL...)
7 2a03:90c0:41:... 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
2 35.164.115.206 16509 (AMAZON-02)
32 10
5    3.222.146.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-146-93.compute-1.amazonaws.com
dff69898rt.gurucan.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    178.248.237.144 (Russian Federation)

ASN197068 (QRATOR, RU)
widget.cloudpayments.ru
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    34.111.151.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.151.111.34.bc.googleusercontent.com
payments.open.money
7    2a03:90c0:41:2801::24 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
assets.gurucan.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    35.164.115.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-115-206.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
12 gurucan.com
dff69898rt.gurucan.com
assets.gurucan.com
2 MB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2411
q.stripe.com — Cisco Umbrella Rank: 20778
m.stripe.com — Cisco Umbrella Rank: 2225
100 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1017
6 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2659
17 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
45 KB
2 cloudpayments.ru
widget.cloudpayments.ru — Cisco Umbrella Rank: 213046
41 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 300
2 KB
1 open.money
payments.open.money
8 KB
32 8
Domain Requested by
7 assets.gurucan.com dff69898rt.gurucan.com
assets.gurucan.com
5 dff69898rt.gurucan.com assets.gurucan.com
4 unpkg.com dff69898rt.gurucan.com
unpkg.com
3 q.stripe.com dff69898rt.gurucan.com
3 js.stripe.com dff69898rt.gurucan.com
js.stripe.com
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com dff69898rt.gurucan.com
2 widget.cloudpayments.ru 1 redirects dff69898rt.gurucan.com
2 cdnjs.cloudflare.com dff69898rt.gurucan.com
1 payments.open.money dff69898rt.gurucan.com
32 11

This site contains no links.

Subject Issuer Validity Valid
*.gurucan.com
AlphaSSL CA - SHA256 - G2		 2022-08-16 -
2023-09-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-01-11		 3 months crt.sh
*.open.money
Starfield Secure Certificate Authority - G2		 2021-11-10 -
2022-12-12		 a year crt.sh
assets.gurucan.com
R3		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-01-26		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://dff69898rt.gurucan.com/app
Frame ID: D54763A3966354C4CA10BB66B0EF43A3
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: E0A28DBFF2D057F273BDB20A7DDCE706
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 400B8B91107CCA8EAF5B0CB93F221F99
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login page — dff69898rt

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

97 %
HTTPS

40 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

2324 kB
Transfer

6599 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://widget.cloudpayments.ru/bundles/cloudpayments HTTP 301
  • https://widget.cloudpayments.ru/bundles/cloudpayments/

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request app
dff69898rt.gurucan.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dff69898rt.gurucan.com/app
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 / Express
Resource Hash
4db12bcd4e5c3eb2723e7c52a97a5055eea94c4c6ed6359de6339af57fa0497a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Origin
undefined *
Connection
keep-alive
Content-Language
de-DE
Content-Length
2440
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 11:56:28 GMT
ETag
W/"988-1jctslUE4wfyFUPyMC5oZnOz/vA"
Server
nginx/1.21.6
X-Powered-By
Express
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5748362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
382
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laqmnNioOK51gUm9Dn03FEe%2BMgXrArsJAjP0ojyM5ok65mIo8UesL%2BBg7YwsXiv1z0hXgTl8wPvkv0KU%2BUJHxhoXPpN4QM%2Fq%2BW6ZEyMBlEMGcV2TiepmXD9rql0UZD0DZEtgqDLaOHbCiI3woEuia9dV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7712eba7de699019-FRA
expires
Sat, 18 Nov 2023 11:56:28 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
480243
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
637
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-92d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZAJYcO5KAIBe18wcmInTsZloa7y%2BGgdfg1WlsrAEsECJmtZK72kQAEb2jyB8J0mcA80uPgQNZQUvMa2CufMex5qyakQuovRtLMCnFPL4Un4idEKY0e4BCx6%2BobGZoBGYtevTOCIuzkqDu%2BMLSkyJMsY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7712eba7de6a9019-FRA
expires
Sat, 18 Nov 2023 11:56:28 GMT
/
js.stripe.com/v3/ 		398 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 11:56:28 GMT
via
1.1 varnish
age
8
x-cache
HIT
content-length
97906
x-request-id
d7e358c6-3ced-44d5-9a07-6563aad6e3d8
x-served-by
cache-hhn4021-HHN
last-modified
Tue, 22 Nov 2022 04:35:54 GMT
server
Fastly
etag
"0811280c436e51c657484d591864732e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
/
widget.cloudpayments.ru/bundles/cloudpayments/
Redirect Chain
  • https://widget.cloudpayments.ru/bundles/cloudpayments
  • https://widget.cloudpayments.ru/bundles/cloudpayments/
122 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.cloudpayments.ru/bundles/cloudpayments/
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
HTTP/1.1
Server
178.248.237.144 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
nginx /
Resource Hash
3dde90162970c9233774e85c8205faffae38c259b3707ddea5f0bb8489a58fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 11:56:28 GMT
Content-Encoding
br
Last-Modified
Fri, 25 Nov 2022 07:49:23 GMT
Server
nginx
ETag
"63807383-9ee2"
Vary
Accept-Encoding
Content-Security-Policy-Report-Only
default-src https://widget.cloudpayments.ru; connect-src https://widget.cloudpayments.ru https://api.cloudpayments.ru https://static.cloudpayments.ru https://pay.google.com https://pay.yandex.ru; font-src https://widget.cloudpayments.ru data:; frame-src https://widget.cloudpayments.ru https://pay.google.com https://sandbox.pay.yandex.ru https://pay.yandex.ru; frame-ancestors https:; img-src https://widget.cloudpayments.ru https://pay.yandex.ru data:; media-src https://widget.cloudpayments.ru https://static.cloudpayments.ru; object-src https://widget.cloudpayments.ru; script-src https://widget.cloudpayments.ru https://forma.tinkoff.ru https://pay.google.com https://pay.yandex.ru 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline' https:; report-to csp-endpoint; report-uri https://widget.cloudpayments.ru/csp-collector
Content-Type
application/javascript
Report-To
{"group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://widget.cloudpayments.ru/csp-collector" }] }
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
40674

Redirect headers

Location
https://widget.cloudpayments.ru/bundles/cloudpayments/
Date
Mon, 28 Nov 2022 11:56:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
ionicons.js
unpkg.com/ionicons@5.2.3/dist/ 		962 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.2.3/dist/ionicons.js
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13667698
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G67PWGSY37TBDSVAE24XR890-fra
server
cloudflare
etag
W/"3c2-ekNqUptqD1AEc5D0dUT6kSacGE0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7712eba8086abb74-FRA
layer
payments.open.money/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/layer
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
a8b31265d6d8fba855d3a4887699470206912a3bfe08dcc01bee54058e2a3abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:29 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8126
last-modified
Wed, 16 Nov 2022 14:33:16 GMT
server
istio-envoy
etag
W/"1fbe-18480dbc197"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
64b3e814a66c2719b15abf8f7998bd73.woff2
assets.gurucan.com/school/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/school/64b3e814a66c2719b15abf8f7998bd73.woff2
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer
https://dff69898rt.gurucan.com/
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:29 GMT
last-modified
Mon, 29 Aug 2022 08:42:26 GMT
server
nginx
x-powered-by
Express
etag
W/"12258-182e8c42950"
x-cached-since
2022-11-03T12:19:15+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
74328
7980a6361c25b4665dbbe92d4488783c.woff2
assets.gurucan.com/school/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/school/7980a6361c25b4665dbbe92d4488783c.woff2
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af

Request headers

Referer
https://dff69898rt.gurucan.com/
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:29 GMT
last-modified
Mon, 29 Aug 2022 08:42:26 GMT
server
nginx
x-powered-by
Express
etag
W/"3510-182e8c42950"
x-cached-since
2022-11-03T12:19:15+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
13584
main.fa6eb2ba3a3f3e993b18.js
assets.gurucan.com/school/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
946e98f8d56b3611c716c4cfb1b4c400a5587341a30cdeffd8cc9f3d8eb07500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 08:42:26 GMT
server
nginx
x-powered-by
Express
etag
W/"585fe7-182e8c42950"
x-cached-since
2022-11-27T12:32:13+00:00
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache
HIT
sourcemap
https://source.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js.map
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KWP3X7V
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2374988ee580499bd71b9e9e9918e3b65bb33a37a0c21e902155592f273dec19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45518
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 11:56:29 GMT
ionicons.esm.js
unpkg.com/ionicons@5.2.3/dist/ionicons/ 		335 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dff69898rt.gurucan.com/
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26539295
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83NZJRM1X7Q64325S1T3D4
server
cloudflare
etag
W/"14f-6q7cP/2WOxXfiij0/H6SoJ2icJE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7712eba9cd9c9a2a-FRA
p-6f4eae92.js
unpkg.com/ionicons@5.2.3/dist/ionicons/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-6f4eae92.js
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2857224
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJY1JFEFFTDBW2MQ22SH6R3X
server
cloudflare
etag
W/"1f7c-gfDDha4bujGL8M3AApXNE3RBbwQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7712eba9ede59a2a-FRA
p-4372c4bc.js
unpkg.com/ionicons@5.2.3/dist/ionicons/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:56:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
26631302
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT5BY5808C45Q91XA7BSE0BV
server
cloudflare
etag
W/"4a1-eLv8UEu9cOFw7ZcY76wJ+IRRvYI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7712eba9ede69a2a-FRA
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=undefined&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
/
dff69898rt.gurucan.com/api/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dff69898rt.gurucan.com/api/
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
44207cf9cbacf055d02d85422d8b9c3a2ca98888807f741e3fa48315143ae652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dff69898rt.gurucan.com/app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 11:56:29 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
1648
X-XSS-Protection
1; mode=block
Server
nginx/1.21.6
ETag
W/"670-38uFlt3bevQHa35c7KUWKDNcA6U"
X-Download-Options
noopen
X-RateLimit-Remaining
1799
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
undefined
Content-Language
de-DE
X-RateLimit-Reset
1669637001
X-RateLimit-Limit
1800
Access-Control-Allow-Headers
X-Requested-With, Content-Type
checkonline
dff69898rt.gurucan.com/api/ 		78 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dff69898rt.gurucan.com/api/checkonline
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
d05e10c02dd0f3320d4d35be9ec993121dbfa7636c5366c50383f2855e158a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dff69898rt.gurucan.com/app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 11:56:29 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
78
X-XSS-Protection
1; mode=block
Server
nginx/1.21.6
ETag
W/"4e-PwW4AraVcjS6SHGnWbdKJk9OhOA"
X-Download-Options
noopen
X-RateLimit-Remaining
1799
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
undefined
Content-Language
de-DE
X-RateLimit-Reset
1669637470
X-RateLimit-Limit
1800
Access-Control-Allow-Headers
X-Requested-With, Content-Type
me
dff69898rt.gurucan.com/api/users/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dff69898rt.gurucan.com/api/users/me
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
1f7995d8708b9e48565539b27c74e3b2edcf5b6688dbb1dfc49a577afafe0ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dff69898rt.gurucan.com/app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 11:56:30 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
2193
X-XSS-Protection
1; mode=block
Server
nginx/1.21.6
ETag
W/"891-1HopjCp3hC9Lm9b3SVCsPPlL4dc"
X-Download-Options
noopen
X-RateLimit-Remaining
1799
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
undefined
Content-Language
de-DE
X-RateLimit-Reset
1669637011
X-RateLimit-Limit
1800
Access-Control-Allow-Headers
X-Requested-With, Content-Type
notifications
dff69898rt.gurucan.com/api/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dff69898rt.gurucan.com/api/notifications
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
1f7995d8708b9e48565539b27c74e3b2edcf5b6688dbb1dfc49a577afafe0ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://dff69898rt.gurucan.com/app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 11:56:29 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
2193
X-XSS-Protection
1; mode=block
Server
nginx/1.21.6
ETag
W/"891-1HopjCp3hC9Lm9b3SVCsPPlL4dc"
X-Download-Options
noopen
X-RateLimit-Remaining
1799
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
undefined
Content-Language
de-DE
X-RateLimit-Reset
1669637113
X-RateLimit-Limit
1800
Access-Control-Allow-Headers
X-Requested-With, Content-Type
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame E0A2 		200 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dff69898rt.gurucan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1266689
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 11:56:29 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
847353
x-content-type-options
nosniff
x-request-id
8860a8fb-5059-4962-910e-ed545e343eb3
x-served-by
cache-hhn4021-HHN
csp-report
q.stripe.com/ Frame E0A2 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 11:56:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E0A2 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 11:56:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame E0A2 		631 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 11:56:29 GMT
via
1.1 varnish
age
1266688
x-cache
HIT
content-length
332
x-request-id
9f03800a-e6d2-47e1-b5a3-ffce22c95926
x-served-by
cache-hhn4021-HHN
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
746383
inner.html
m.stripe.network/ Frame 400B 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
227
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 11:56:29 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
392
x-content-type-options
nosniff
x-request-id
581f82e9-81a6-443d-b820-57b161122d74
x-served-by
cache-hhn4021-HHN
x-timer
S1669636590.772101,VS0,VE0
resources.json
assets.gurucan.com/translations/ 		18 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/translations/resources.json?lng=en-US+en&ns=app_basic+web_quiz+app_quiz+web_exercises+web_trainings+web_chats+web_layout+chats+basic+web_courses+web_basic+web_articles+web_settings+web_nutrition+web_welcome+web+web_sign+dashboard+alerts+errors&v=140
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
d1ac09016665d39720f0843d539944bee4d59bc68c5dba2591a0767400810f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:29 GMT
content-encoding
gzip
server
nginx
x-powered-by
Express
etag
W/"4832-BH7dm/eiWghCE5kWzG/mn2IlePA"
x-cached-since
2022-11-28T05:07:12+00:00
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cache
HIT
csp-report
q.stripe.com/ Frame 400B 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dff69898rt.gurucan.com
URL: https://dff69898rt.gurucan.com/app
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 11:56:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 400B 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 28 Nov 2022 11:56:29 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
212
x-cache
HIT
content-length
16031
x-request-id
94ac6e7c-c463-44a9-8d38-87d4ec984d63
x-served-by
cache-hhn4021-HHN
server
Fastly
x-timer
S1669636590.785015,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
360
6
m.stripe.com/ Frame 400B 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.115.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-115-206.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
515c1fa3cbba6dad4f8e714d8fa2e2f63bb918cc83172fd2e8967cca5f8b829b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 11:56:30 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
resources.json
assets.gurucan.com/translations/ 		483 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/translations/resources.json?lng=en&ns=web_course+web_plans&v=140
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/school/main.fa6eb2ba3a3f3e993b18.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
9fb4d8ede8a6043590a6dab609790eff73ed3b1f07af358dd850434025a58408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dff69898rt.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
Express
etag
W/"1e3-KINejjwSALD4kIL0e7DlN7bC+6E"
x-cached-since
2022-11-28T11:24:49+00:00
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cache
HIT
7980a6361c25b4665dbbe92d4488783c.woff2
assets.gurucan.com/school/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/school/7980a6361c25b4665dbbe92d4488783c.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af

Request headers

Referer
https://dff69898rt.gurucan.com/
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:30 GMT
last-modified
Mon, 29 Aug 2022 08:42:26 GMT
server
nginx
x-powered-by
Express
etag
W/"3510-182e8c42950"
x-cached-since
2022-11-03T12:19:15+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
13584
64b3e814a66c2719b15abf8f7998bd73.woff2
assets.gurucan.com/school/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/school/64b3e814a66c2719b15abf8f7998bd73.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer
https://dff69898rt.gurucan.com/
Origin
https://dff69898rt.gurucan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 28 Nov 2022 11:56:30 GMT
last-modified
Mon, 29 Aug 2022 08:42:26 GMT
server
nginx
x-powered-by
Express
etag
W/"12258-182e8c42950"
x-cached-since
2022-11-03T12:19:15+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
74328
6
m.stripe.com/ Frame 400B 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.115.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-115-206.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
515c1fa3cbba6dad4f8e714d8fa2e2f63bb918cc83172fd2e8967cca5f8b829b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 11:56:33 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| webpackChunkStripeJSouter function| Stripe object| cp function| __sc_import_ionicons object| Layer object| CONFIG object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| core object| callMachineToDailyJsEmitter object| dailyJsToCallMachineEmitter boolean| _pdfjsCompatibilityChecked object| __SENTRY__ object| __APOLLO_CLIENT__ object| google_tag_manager

10 Cookies

Domain/Path Name / Value
.dff69898rt.gurucan.com/ Name: sbjs_migrations
Value: 1418474375998%3D1
.dff69898rt.gurucan.com/ Name: sbjs_current_add
Value: fd%3D2022-11-28%2011%3A56%3A29%7C%7C%7Cep%3Dhttps%3A%2F%2Fdff69898rt.gurucan.com%2Fapp%7C%7C%7Crf%3D%28none%29
.dff69898rt.gurucan.com/ Name: sbjs_first_add
Value: fd%3D2022-11-28%2011%3A56%3A29%7C%7C%7Cep%3Dhttps%3A%2F%2Fdff69898rt.gurucan.com%2Fapp%7C%7C%7Crf%3D%28none%29
.dff69898rt.gurucan.com/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.dff69898rt.gurucan.com/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.dff69898rt.gurucan.com/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F107.0.5304.121%20Safari%2F537.36
.dff69898rt.gurucan.com/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fdff69898rt.gurucan.com%2Fapp
m.stripe.com/ Name: m
Value: 21ce9807-7438-4ae0-8b8f-1a6b55d9bf9b76dcb5
.dff69898rt.gurucan.com/ Name: __stripe_mid
Value: 6405d06b-441b-4c1b-8946-93160199d8d08107d0
.dff69898rt.gurucan.com/ Name: __stripe_sid
Value: 1e88daec-7d2b-4f62-8001-e6abb2df0588ad5d64

2 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=undefined&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.gurucan.com
cdnjs.cloudflare.com
dff69898rt.gurucan.com
js.stripe.com
m.stripe.com
m.stripe.network
payments.open.money
q.stripe.com
unpkg.com
widget.cloudpayments.ru
www.googletagmanager.com
151.101.0.176
178.248.237.144
2606:4700::6810:7eaf
2606:4700::6811:190e
2a00:1450:4001:80e::2008
2a03:90c0:41:2801::24
3.222.146.93
34.111.151.68
35.164.115.206
54.187.119.242
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
1f7995d8708b9e48565539b27c74e3b2edcf5b6688dbb1dfc49a577afafe0ea6
2374988ee580499bd71b9e9e9918e3b65bb33a37a0c21e902155592f273dec19
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3dde90162970c9233774e85c8205faffae38c259b3707ddea5f0bb8489a58fe6
44207cf9cbacf055d02d85422d8b9c3a2ca98888807f741e3fa48315143ae652
4db12bcd4e5c3eb2723e7c52a97a5055eea94c4c6ed6359de6339af57fa0497a
515c1fa3cbba6dad4f8e714d8fa2e2f63bb918cc83172fd2e8967cca5f8b829b
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef
937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e
946e98f8d56b3611c716c4cfb1b4c400a5587341a30cdeffd8cc9f3d8eb07500
998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
9fb4d8ede8a6043590a6dab609790eff73ed3b1f07af358dd850434025a58408
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8b31265d6d8fba855d3a4887699470206912a3bfe08dcc01bee54058e2a3abd
d05e10c02dd0f3320d4d35be9ec993121dbfa7636c5366c50383f2855e158a56
d1ac09016665d39720f0843d539944bee4d59bc68c5dba2591a0767400810f48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083