URL: https://sw30039.groupfun.com/
Submission: On June 10 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 36 HTTP transactions. The main IP is 2606:4700:4400::ac40:9b1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sw30039.groupfun.com.
TLS certificate: Issued by E1 on May 27th 2024. Valid for: 3 months.
This is the only time sw30039.groupfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:440... 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
2 2620:1ec:bdf::43 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
2 20.231.53.73 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
36 13
Apex Domain
Subdomains
Transfer
15 groupfun.com
sw30039.groupfun.com
486 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 783
c.clarity.ms — Cisco Umbrella Rank: 1541
q.clarity.ms — Cisco Umbrella Rank: 7060
28 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 387
236 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
c.bing.com — Cisco Umbrella Rank: 231
16 KB
2 gstatic.com
maps.gstatic.com
5 KB
2 ndcdn.com
s03.ndcdn.com
16 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8139
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
249 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
101 KB
36 10
Domain Requested by
15 sw30039.groupfun.com 1 redirects sw30039.groupfun.com
6 maps.googleapis.com sw30039.groupfun.com
maps.googleapis.com
3 bat.bing.com sw30039.groupfun.com
bat.bing.com
2 maps.gstatic.com
2 q.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 s03.ndcdn.com sw30039.groupfun.com
1 c.bing.com 1 redirects
1 www.google.de sw30039.groupfun.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com sw30039.groupfun.com
36 13

This site contains links to these domains. Also see Links.

Domain
groupfun.com
Subject Issuer Validity Valid
groupfun.com
E1
2024-05-27 -
2024-08-25
3 months crt.sh
ndcdn.com
GTS CA 1P5
2024-04-26 -
2024-07-25
3 months crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-05-01 -
2024-06-27
2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.de
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sw30039.groupfun.com/
Frame ID: 3B3D958A4F5337AA2489EED7186D756E
Requests: 34 HTTP requests in this frame

Frame: https://sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 72C494CE724E6DBF7F1079C9D27A3780
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Group Fun: Meet Local Swingers on Our Swingers Lifestyle Site

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

94 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

888 kB
Transfer

2844 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://sw30039.groupfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Request Chain 29
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&RedC=c.clarity.ms&MXFR=343D727BFE1462441FBB66E1FA146CC3 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&MUID=2FA0F8E5A6E96EB93B73EC7FA7626F3D

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sw30039.groupfun.com/
49 KB
10 KB
Document
General
Full URL
https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f75a605c10fa82752ed74d10632b2bb210ad092760359521f585178817b66be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89152de3b83937cb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 00:17:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
landing0081.css
sw30039.groupfun.com/css/sites/groupfun.com/
31 KB
6 KB
Stylesheet
General
Full URL
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0d68cb4f942f190c13a2dc65bd067b757be792528d6d210a03e94e1883fea9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 10:29:21 GMT
server
cloudflare
age
207721
etag
W/"6662e101-7ddb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
89152de4a8d537cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
landing.js
sw30039.groupfun.com/js/dist/
1 MB
227 KB
Script
General
Full URL
https://sw30039.groupfun.com/js/dist/landing.js?v=2.210.1.master.20240607122807
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f11cedd4dded967fe298cace1567a4a8f4a4aead4dc808f827e539503e38983

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 10:31:37 GMT
server
cloudflare
age
207721
etag
W/"6662e189-10b731"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
89152de4a8d737cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
logo.svg
s03.ndcdn.com/sites/groupfun.com/
37 KB
12 KB
Image
General
Full URL
https://s03.ndcdn.com/sites/groupfun.com/logo.svg?v=2.210.1.master.20240607122807
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8108bb2e616432db292d6a5dd399a9a6feb0be3bc3f4e693473eced611ce3c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 12:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221565
etag
W/"660d4732-95bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuOWy1oIYD8GETL0nmSOLTNI6Dp8WtI2%2BmHl7Xq1fD%2Fi%2Fl7gZ9vzXAdbrJTVprLBm4LzP4Awg5W1QOMR5SJ3et307Ev4oXW8%2Bz1VPGkvqLqtYgrxQHbwv9KO2y5rJZWk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
89152de50ac33a72-FRA
alt-svc
h3=":443"; ma=86400
scroll-top.svg
sw30039.groupfun.com/img/
2 KB
936 B
Image
General
Full URL
https://sw30039.groupfun.com/img/scroll-top.svg
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9742611b8047997b2d47bc38aa756bb94c3fd1165db6c21be1e6de77ac8b07

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
age
207721
etag
W/"6662e014-8d8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
89152de4a8d937cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
js
maps.googleapis.com/maps/api/
258 KB
85 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
78a8ecff60a7ae7345101705ccf5d0ee547ab48735f30956e31f7264cb1a6291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86751
x-xss-protection
0
js
www.googletagmanager.com/gtag/
300 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJVJCZREFQ
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73a3b4e5164fc6933a940caf02e8e593bb1fc81dd4be2f090239816f76e76b30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 00:17:35 GMT
config.js
sw30039.groupfun.com/js/dist/
3 KB
835 B
Script
General
Full URL
https://sw30039.groupfun.com/js/dist/config.js
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699ef34a55a18e454a65dd2e7e9fa36fa8bb72742890f28205e7f3c5740a558a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
age
207721
etag
W/"6662e014-aff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
89152de4f91d37cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
require.js
sw30039.groupfun.com/node_modules/requirejs/
84 KB
21 KB
Script
General
Full URL
https://sw30039.groupfun.com/node_modules/requirejs/require.js
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Aug 2018 06:00:39 GMT
server
cloudflare
age
207721
etag
W/"5b839387-151d3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
89152de5092537cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 10 Jun 2024 00:17:35 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 01388B112815465987D127C520F3B2F6 Ref B: FRA31EDGE0512 Ref C: 2024-06-10T00:17:35Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
svg-icons.svg
sw30039.groupfun.com/img/svg-icons/
120 KB
34 KB
Other
General
Full URL
https://sw30039.groupfun.com/img/svg-icons/svg-icons.svg
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4ef71e58a468b57073e720e1d56c94279f0b94f06c4e6b6793d134affb9146

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
etag
W/"6662e014-1df91"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
89152de5092637cb-FRA
expires
Wed, 10 Jul 2024 00:17:35 GMT
dropdown-arrow-black.svg
sw30039.groupfun.com/img/
283 B
298 B
Image
General
Full URL
https://sw30039.groupfun.com/img/dropdown-arrow-black.svg
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8abf2461ad95181e9f608ad005000ed305e40aecd437b122cd654473ca07c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
age
207721
etag
W/"6662e014-11b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
89152de5092837cb-FRA
expires
Sun, 07 Jul 2024 14:35:34 GMT
Roboto-Bold.woff2
sw30039.groupfun.com/fonts/Roboto/
62 KB
62 KB
Font
General
Full URL
https://sw30039.groupfun.com/fonts/Roboto/Roboto-Bold.woff2
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ed8b1167ec0b84e9724010180a1c4e7568b442538cf330c0a23f308c120afd5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Origin
https://sw30039.groupfun.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
etag
"6662e014-f894"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
89152de5293437cb-FRA
content-length
63636
Saira-Black.woff2
sw30039.groupfun.com/fonts/Saira/
28 KB
28 KB
Font
General
Full URL
https://sw30039.groupfun.com/fonts/Saira/Saira-Black.woff2
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e0d528d71ad23fd19fc3ff354641c95d9a028e0df8e88012c176ede42f4b5d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Origin
https://sw30039.groupfun.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
etag
"6662e014-7184"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
89152de5293537cb-FRA
content-length
29060
Saira-Bold.woff2
sw30039.groupfun.com/fonts/Saira/
29 KB
29 KB
Font
General
Full URL
https://sw30039.groupfun.com/fonts/Saira/Saira-Bold.woff2
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce37b9a90c9d4f5bb9f3b2284925401bf49cb9a73fae76d8286f2fb9ae49db8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Origin
https://sw30039.groupfun.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
etag
"6662e014-741c"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
89152de5293a37cb-FRA
content-length
29724
Roboto-Regular.woff2
sw30039.groupfun.com/fonts/Roboto/
62 KB
62 KB
Font
General
Full URL
https://sw30039.groupfun.com/fonts/Roboto/Roboto-Regular.woff2
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fbb89399a794fabe5aa2d19a6ef8ec6f7c9b2bb1c5e36db55504f728b5248f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/css/sites/groupfun.com/landing0081.css?v=2.210.1.master.20240607122807
Origin
https://sw30039.groupfun.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Jun 2024 10:25:24 GMT
server
cloudflare
etag
"6662e014-f808"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
89152de5293e37cb-FRA
content-length
63496
main.js
sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 72C4
Redirect Chain
  • https://sw30039.groupfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB
Script
General
Full URL
https://sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2711a991b3848033f94abd1613ad43eaa96d751b166e757b5e6e829988c4907
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89152de63aa037cb-FRA

Redirect headers

date
Mon, 10 Jun 2024 00:17:35 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control
max-age=300, public
cf-ray
89152de5ea1037cb-FRA
content-length
0
223000350.js
bat.bing.com/p/action/
4 KB
2 KB
Script
General
Full URL
https://bat.bing.com/p/action/223000350.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
af3b94124eb8b07b4307c7434786d0e9f41997f3f14800918708df0e10b309f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 10 Jun 2024 00:17:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FEF593818EF046BFAFCC4FA68669C864 Ref B: FRA31EDGE0512 Ref C: 2024-06-10T00:17:35Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/
0
288 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=223000350&Ver=2&mid=26b71769-9b4f-4282-af76-995173a1082d&sid=d6916d4026be11ef9240152a5e6680fc&vid=d6916a4026be11efa4c9112028719307&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Group%20Fun%3A%20Meet%20Local%20Swingers%20on%20Our%20Swingers%20Lifestyle%20Site&p=https%3A%2F%2Fsw30039.groupfun.com%2F&r=&lt=444&evt=pageLoad&sv=1&rn=559425
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Jun 2024 00:17:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B7134C6CB7B4488CAAC6833CBFD1BD14 Ref B: FRA31EDGE0512 Ref C: 2024-06-10T00:17:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
89152de3b83937cb
sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 72C4
0
354 B
XHR
General
Full URL
https://sw30039.groupfun.com/cdn-cgi/challenge-platform/h/g/jsd/r/89152de3b83937cb
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jun 2024 00:17:35 GMT
server
cloudflare
cf-ray
89152de71c1337cb-FRA
content-length
0
content-type
text/plain; charset=UTF-8
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VJVJCZREFQ&gtm=45je4650v885023736za200&_p=1717978655505&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=238238440.1717978656&ecid=589656621&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1717978655&sct=1&seg=0&dl=https%3A%2F%2Fsw30039.groupfun.com%2F&dt=Group%20Fun%3A%20Meet%20Local%20Swingers%20on%20Our%20Swingers%20Lifestyle%20Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=704&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJVJCZREFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 00:17:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sw30039.groupfun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
249 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJVJCZREFQ&cid=238238440.1717978656&gtm=45je4650v885023736za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJVJCZREFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 00:17:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sw30039.groupfun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJVJCZREFQ&cid=238238440.1717978656&gtm=45je4650v885023736za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=202936642
Requested by
Host: sw30039.groupfun.com
URL: https://sw30039.groupfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 00:17:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sw30039.groupfun.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
223000350
www.clarity.ms/tag/uet/
828 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/223000350?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/223000350.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f6cc7ba6002d730c6053608a1c8af444ff1688efd546ed85268732d229db90c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 10 Jun 2024 00:17:36 GMT
x-azure-ref
20240610T001736Z-16577d9575djs4f803z3v1nks00000000180000000008f1r
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
828
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
clarity.js
www.clarity.ms/s/0.7.32/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/223000350?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:36 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240610T001736Z-16577d9575djs4f803z3v1nks00000000180000000008f1v
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
common.js
maps.googleapis.com/maps-api-v3/api/js/57/3a/
257 KB
57 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/3a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ef5e252a6d3d794396d90eb9cdef64fa0525ed0dc399b83f0f859036dad45ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 22:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57591
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Jun 2025 22:52:09 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/57/3a/
182 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/3a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62a3ccfe225de33b4b05801dde6daf3e0d00bcff461fc951e12d985ffb820b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 22:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
6554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57002
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Jun 2025 22:28:22 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/57/3a/
94 KB
25 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/3a/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
897244c78f9dd2a84e741c362aaaf1ebb89bded3e7df8fd4cc88deb02a2d81f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 20:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
13921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25224
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Jun 2025 20:25:35 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/57/3a/
46 KB
14 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/3a/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCjYIb7jx0EvOECrXa8dq4Q5TAhDUj5LAc&loading=async&libraries=places&language=en&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c5f7f60c314d95a5c963c4a8ea6a40015dbf2502fe2dd020a11538e736e9bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 22:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
178724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13847
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 22:38:52 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&RedC=c.clarity.ms&MXFR=343D727BFE1462441FBB66E1FA146CC3
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&MUID=2FA0F8E5A6E96EB93B73EC7FA7626F3D
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&MUID=2FA0F8E5A6E96EB93B73EC7FA7626F3D
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sw30039.groupfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 00:17:36 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 10 Jun 2024 00:17:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C9571CEE3C14F0FA8B9600415FDE7F2 Ref B: FRA31EDGE0512 Ref C: 2024-06-10T00:17:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2C63971EA552479ABF262B4261509436&MUID=2FA0F8E5A6E96EB93B73EC7FA7626F3D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.png
s03.ndcdn.com/sites/groupfun.com/
4 KB
4 KB
Other
General
Full URL
https://s03.ndcdn.com/sites/groupfun.com/favicon.png?v=2.210.1.master.20240607122807
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff5c6d3d12878a123cfe05aa841a5c578c59a6ab25d0faa5ffffa066e15bc32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:36 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 12:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
205757
etag
"660d4732-fab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQcYzutVlwWHlTWz758C%2BlPuvywN7htdxog4PMVHmDwudEioJPN9vr15jwR%2F3VFzgGdUfP4eD3vc6pfe5P4Kosn2hfdHEckbFOTkWbqbVCJ2iKPj6dhSbZmhp3zyVIBF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
89152dea7f3d3a72-FRA
alt-svc
h3=":443"; ma=86400
content-length
4011
collect
q.clarity.ms/
0
300 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://sw30039.groupfun.com
Date
Mon, 10 Jun 2024 00:17:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/
2 KB
2 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:36 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 10 Jun 2024 00:17:36 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/
3 KB
4 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 00:17:36 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 10 Jun 2024 00:17:36 GMT
collect
q.clarity.ms/
0
300 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://sw30039.groupfun.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://sw30039.groupfun.com
Date
Mon, 10 Jun 2024 00:17:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| uetq object| global object| URL_PARAMS object| sessionUser object| SITE_VARIABLES object| ERROR_MESSAGES object| SUCCESS_MESSAGES string| AUTO_POST_VALIDATION_ERROR_MESSAGE object| JS_STRINGS function| gtag object| dataLayer object| config function| requirejs function| require function| define object| Twig function| $ function| jQuery function| Hammer function| Swiper function| UET function| UET_init function| UET_push object| ueto_f01867e96f object| google_tag_manager object| google_tag_data object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| onYouTubeIframeAPIReady object| gaGlobal function| clarity object| clarityuetq object| __e3_

19 Cookies

Domain/Path Name / Value
.groupfun.com/ Name: PHPSESSID
Value: efbfc71gh3np2ctci10be58nb0
.groupfun.com/ Name: pc_aff
Value: zCUV456Pj2N2xhHVxjNh3P6h_oK7RvR9hS6jmyWQ2jzg_m6501d1rdj2obxO6MRoT8rVX_iOBJ-HIY0o6LryjjISdn5ev61zwIDyXYXV6rR7o3wkUZQmHb1bwNW1h1TGlMc3oshbPZ6_7YG51V63VnTOp1nzDMK6Z0KzY6bU8tA7qBOWz-TIOFLbmm4cO47Ey483bU5fRZDRYnehCr_3EA
sw30039.groupfun.com/ Name: SERVERID
Value: wbs10
.groupfun.com/ Name: __cf_bm
Value: 2eqYeY_aekVi_1AeM2S4yErzguGNraJ9bFbCWHhMir4-1717978655-1.0.1.1-wUfCUDuehFxORATLQFDuTkLjsr4S_C3TQBbsN1ias5FmlrbF2odmx1.8KP1KRHEIhRGqFiKqd.OjAgWF2QvZkg
.groupfun.com/ Name: _uetsid
Value: d6916d4026be11ef9240152a5e6680fc
.groupfun.com/ Name: _uetvid
Value: d6916a4026be11efa4c9112028719307
.bing.com/ Name: MUID
Value: 2FA0F8E5A6E96EB93B73EC7FA7626F3D
.groupfun.com/ Name: cf_clearance
Value: CD8EWIf13wN3zT5Ek8qXcBk00T8SIn1ajqCFgdCAq0E-1717978655-1.0.1.1-U3SU4QSKGIXaDucBQl56dWYnXKaQK9daIwz28bVcuLSTQQClGABrnCX5PBYCTMpS3nhalBCr7wYcBdYNLUxx2A
.groupfun.com/ Name: _ga
Value: GA1.1.238238440.1717978656
.groupfun.com/ Name: _ga_VJVJCZREFQ
Value: GS1.1.1717978655.1.0.1717978655.60.0.589656621
www.clarity.ms/ Name: CLID
Value: b4e36a87f60a4a29ba49081bfcb34638.20240610.20250610
.groupfun.com/ Name: _clck
Value: a7lg8p%7C2%7Cfmi%7C0%7C1622
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2FA0F8E5A6E96EB93B73EC7FA7626F3D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2FA0F8E5A6E96EB93B73EC7FA7626F3D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.groupfun.com/ Name: _clsk
Value: 1safymp%7C1717978656923%7C1%7C1%7Cq.clarity.ms%2Fcollect

18 Console Messages

Source Level URL
Text
recommendation verbose URL: https://sw30039.groupfun.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://sw30039.groupfun.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sw30039.groupfun.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
maps.googleapis.com
maps.gstatic.com
q.clarity.ms
region1.analytics.google.com
s03.ndcdn.com
stats.g.doubleclick.net
sw30039.groupfun.com
www.clarity.ms
www.google.de
www.googletagmanager.com
142.250.185.195
172.217.18.10
188.114.97.3
20.231.53.73
2001:4860:4802:32::36
2606:4700:4400::ac40:9b1c
2620:1ec:bdf::43
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:400c:c0c::9a
68.219.88.97
0a0d68cb4f942f190c13a2dc65bd067b757be792528d6d210a03e94e1883fea9
0f75a605c10fa82752ed74d10632b2bb210ad092760359521f585178817b66be
1ce37b9a90c9d4f5bb9f3b2284925401bf49cb9a73fae76d8286f2fb9ae49db8
1f11cedd4dded967fe298cace1567a4a8f4a4aead4dc808f827e539503e38983
2e8abf2461ad95181e9f608ad005000ed305e40aecd437b122cd654473ca07c3
33e0d528d71ad23fd19fc3ff354641c95d9a028e0df8e88012c176ede42f4b5d
3c5f7f60c314d95a5c963c4a8ea6a40015dbf2502fe2dd020a11538e736e9bb6
3ff5c6d3d12878a123cfe05aa841a5c578c59a6ab25d0faa5ffffa066e15bc32
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
62a3ccfe225de33b4b05801dde6daf3e0d00bcff461fc951e12d985ffb820b0e
699ef34a55a18e454a65dd2e7e9fa36fa8bb72742890f28205e7f3c5740a558a
6ef5e252a6d3d794396d90eb9cdef64fa0525ed0dc399b83f0f859036dad45ca
73a3b4e5164fc6933a940caf02e8e593bb1fc81dd4be2f090239816f76e76b30
78a8ecff60a7ae7345101705ccf5d0ee547ab48735f30956e31f7264cb1a6291
7f6cc7ba6002d730c6053608a1c8af444ff1688efd546ed85268732d229db90c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
897244c78f9dd2a84e741c362aaaf1ebb89bded3e7df8fd4cc88deb02a2d81f7
8ed8b1167ec0b84e9724010180a1c4e7568b442538cf330c0a23f308c120afd5
9485f0917f97fcf4f63a5ea365200ffd57f123f451382a2f9a1ad2e2fd51ac9b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ab4ef71e58a468b57073e720e1d56c94279f0b94f06c4e6b6793d134affb9146
af3b94124eb8b07b4307c7434786d0e9f41997f3f14800918708df0e10b309f2
b2711a991b3848033f94abd1613ad43eaa96d751b166e757b5e6e829988c4907
c5fbb89399a794fabe5aa2d19a6ef8ec6f7c9b2bb1c5e36db55504f728b5248f
c8108bb2e616432db292d6a5dd399a9a6feb0be3bc3f4e693473eced611ce3c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9742611b8047997b2d47bc38aa756bb94c3fd1165db6c21be1e6de77ac8b07