urlscan.io logo urlscan.io
SecurityTrails logo

check-gest.defstudio.dev Open in urlscan Pro
2606:4700:3034::ac43:c262  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://check-gest.defstudio.dev/
Effective URL: https://check-gest.defstudio.dev/login
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3034::ac43:c262, located in United States and belongs to CLOUDFLARENET, US. The main domain is check-gest.defstudio.dev.
TLS certificate: Issued by E1 on May 27th 2024. Valid for: 3 months.
This is the only time check-gest.defstudio.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 172.67.194.98 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 20.114.190.119 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
14 8
2    2606:4700:3034::ac43:c262 (United States)

ASN13335 (CLOUDFLARENET, US)
check-gest.defstudio.dev
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    172.67.194.98 (United States)

ASN13335 (CLOUDFLARENET, US)
check-gest.defstudio.dev
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
8 defstudio.dev
check-gest.defstudio.dev
557 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
x.clarity.ms — Cisco Umbrella Rank: 7537
c.clarity.ms — Cisco Umbrella Rank: 1472
28 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 226
767 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
959 B
14 5
Domain Requested by
8 check-gest.defstudio.dev 1 redirects check-gest.defstudio.dev
2 c.clarity.ms 1 redirects
2 www.clarity.ms check-gest.defstudio.dev
www.clarity.ms
1 c.bing.com 1 redirects
1 x.clarity.ms www.clarity.ms
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com check-gest.defstudio.dev
14 7

This site contains no links.

Subject Issuer Validity Valid
defstudio.dev
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://check-gest.defstudio.dev/login
Frame ID: 1618E315E399005FC97C779440A865BD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Check Fruit

Page URL History Show full URLs

  1. https://check-gest.defstudio.dev/ HTTP 302
    https://check-gest.defstudio.dev/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

86 %
HTTPS

63 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

600 kB
Transfer

2130 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://check-gest.defstudio.dev/ HTTP 302
    https://check-gest.defstudio.dev/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&RedC=c.clarity.ms&MXFR=2544D71325E66DBC3C17C38821E66308 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&MUID=347EC596AA5D680C25C5D10DABF169BD

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
check-gest.defstudio.dev/
Redirect Chain
  • https://check-gest.defstudio.dev/
  • https://check-gest.defstudio.dev/login
121 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e536aeffb8bf4356924c58f236cd5c29c855d3755ac4d229dbfe548721f7c68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
89238c0e9ad43683-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 18:08:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCRVyV8EKL7eY4QHrnycqRjRFKMdBHEGQEOLY7JdK%2B0w2Nnvn89Nz%2B2HVQimtDyIAt6SOXzrq9iOcTzC2qRvBi1LK0Rm2IGCBdeOYbKSk9MjdvHIPWmT8sifIz9xrAeRpnrWx31%2BW8dZy%2BnmGk5w6BvDvmvH5o4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
89238c09ec423683-FRA
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 18:08:33 GMT
location
https://check-gest.defstudio.dev/login
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAYEVYLcYFSZ5adkpBS5soWbUN4TUUUzMHq3pMLS%2FkdERRxOnGHmVEv8yt5OivpsFTbptKlIQKrcC6Vag%2B9HEp9oF0PyxD8MSeR99nOcfC%2BZ2C%2Fg6NsmfYtzOnX0eLfoqrhxJMYrwABChVTbTlKEeVRbsiN09zs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 16:47:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 18:08:35 GMT
tailwind.css
check-gest.defstudio.dev/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/css/tailwind.css?id=c13745d057d03510d3f9ac943d48f511
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24034f381597cc05b3e4f1d831a76a2e3406fd1dada942c44c877b9a1c769a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jun 2024 10:52:46 GMT
server
cloudflare
etag
W/"6666dafe-36f4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXAA%2FfhicyUET%2F045vFpAwUIyOYUL9CtCYtzUFUI5vMfgZE20I8gP7Jw9vmt28Yl0qhoMtejoF2jr%2BFw%2F6t1UL%2FEhgh%2B8j9doVdFLhQyg6nXz9R8BZvQqp4MoO2wp2RLM0ny6pKj1tfYFvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c1b59ce4d28-FRA
app.css
check-gest.defstudio.dev/css/ 		296 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/css/app.css?id=41461db828a1daf5da59318fb1753aa1
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b372830d96e3f23aa672789cc50e7355787220f003af31eb2687006935b1f58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 07:19:13 GMT
server
cloudflare
etag
W/"650010f1-4a0e9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRSCJs8%2B%2FozU8tl0a3lejX2pItrcDhwYufBh2Li5AdTxLxlmqh%2Fahl8NZBvdmhneq66gkQazKTaaWULcSG5pxfbiLp7O5nE%2B8G4UWw02gFVQgT%2Bd2hxX0eDin62rG4uelkPyk%2FInwvH0QBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c1b59d24d28-FRA
logo.png
check-gest.defstudio.dev/images/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://check-gest.defstudio.dev/images/logo.png
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aca3812feaf77bf833204299130a175f0959a841c88297f4eade12e42c6605f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41086
x-xss-protection
1; mode=block
last-modified
Mon, 13 Feb 2023 17:11:55 GMT
server
cloudflare
etag
"63ea6f5b-a07e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMx7YKcdYBUVfOkx3gwfZnkWhr7A8YuG4BqRHx93sE6gG%2BmDlSXubxnlNfVtdW%2FhH3Qa2aU5RMkDXNJI9D%2F7rpXC%2F4PE1xWR71qNszNpZ%2FEWBtTHnkS7c5RWEL7YWbK5LJd1w84rVTFuWMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c1b59d34d28-FRA
livewire.js
check-gest.defstudio.dev/livewire/ 		171 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/livewire/livewire.js?id=90730a3b0e7144480175
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 11 Aug 2023 04:02:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3U1SwuONYZMw%2FA6n8dkL7jRWKaH6OhsJEWwIVAoFFqb%2FJdIeW9Vr2X%2FBjxrNOt4hqCt5B89n6NX9eaPFLVy6eFl2uYsxmPpRAWmLgatis%2FMWb2cWeIUpUPNI16ejTWqcLRRhOg5hfWsBmmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c1b79fd4d28-FRA
expires
Wed, 11 Jun 2025 18:08:35 GMT
app.js
check-gest.defstudio.dev/js/ 		1 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/js/app.js?id=4c598511b4a83560cacc88a8740a2e9d
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb546e879c86fd2ecd179a5394a60a64d341119d31d1f7bda6ba55e38a21233d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 May 2024 12:41:21 GMT
server
cloudflare
etag
W/"663a2171-15fef8"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUFPCQQw7pEkba3KyXoU1KqbuEaz3ckr1rmABdQA4kQmLlhARoHjZSfs17AmSAN%2BFjxSo49RkFlFFFsCc2hAkxcL7mBDpv5ErzGzjBXNRxtmn5HloTmcya6TQWZxgiV0bqtC82J%2Fkoakueo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c1cfc4f4d28-FRA
f9j7ywxcs1
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/f9j7ywxcs1
Requested by
Host: check-gest.defstudio.dev
URL: https://check-gest.defstudio.dev/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f40f5628bdd55851dec32e9e7903f86d8a7e3062db21738f6ea09888b5f9f3c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 11 Jun 2024 18:08:35 GMT
x-azure-ref
20240611T180835Z-16577d9575dlcsrkvce80er86w0000000czg000000010zv2
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://check-gest.defstudio.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:14:32 GMT
x-content-type-options
nosniff
age
24843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16292
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:41:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:14:32 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f9j7ywxcs1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:35 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240611T180835Z-16577d9575dlcsrkvce80er86w0000000czg000000010zvb
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
x.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://check-gest.defstudio.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://check-gest.defstudio.dev
Date
Tue, 11 Jun 2024 18:08:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&RedC=c.clarity.ms&MXFR=2544D71325E66DBC3C17C38821E66308
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&MUID=347EC596AA5D680C25C5D10DABF169BD
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&MUID=347EC596AA5D680C25C5D10DABF169BD
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://check-gest.defstudio.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 18:08:36 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 11 Jun 2024 18:08:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 04DD4D358A9A4B9CACFB2DA87F71842C Ref B: FRA31EDGE0805 Ref C: 2024-06-11T18:08:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9113DDCE0D244F48B1F14B87AD2A6E25&MUID=347EC596AA5D680C25C5D10DABF169BD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
check-gest.defstudio.dev/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://check-gest.defstudio.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7b543947fa8d4486eb5777f1e1f1575aa6913941bbee18909ab104a9dd9ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check-gest.defstudio.dev/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 18:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 13 Feb 2023 17:11:55 GMT
server
cloudflare
etag
W/"63ea6f5b-47e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbed3kdTDcI97w9a%2F2eNw6D450HVBiSxuqhsQzTWbihDuNudufwZz%2Fv3SZKH24yATtKer3bSkUVztMHGRbcv6pB%2FVdOkqwtP0E8%2BZad523Erl34%2Fz987m5EFnZYgA6S4BErquBWby17nN1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
vary
Accept-Encoding
cache-control
max-age=14400
x-robots-tag
noindex, nofollow, nosnippet, noarchive
cf-ray
89238c226cf14d28-FRA
collect
x.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.clarity.ms
URL
https://x.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity function| route object| user object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| webpackChunk function| _ function| Popper function| jQuery function| $ object| toastr function| axios object| deftools object| tools object| FullCalendarVDom object| input_table object| Alpine object| $template

12 Cookies

Domain/Path Name / Value
.check-gest.defstudio.dev/ Name: XSRF-TOKEN
Value: eyJpdiI6Im9ocm5xQ1BhUldmdktGV2thVzZ5VlE9PSIsInZhbHVlIjoiUnArLzltV25ZelFmVXRPNUV5N0ZTVkpweFU0dFpKTWp2Y0xCSDZhdjBpYkVMWUVpbjI4cHFYUjh2MVJQK2U2b1Awd2JEeEdkeGlKc2d3TjZLbk9RSFIxcG1UZzRmT0t4Z3kwTzlQNzN1N0Vsa3hDOE5keTViaHAwL01iZXVtV2giLCJtYWMiOiI1ZWQ2M2M5MTk5YTcyMjM0OGZlOGZhYTcxZjdkZjA4YWI1ZGMxMWIxNDNhMzRkYTJjOGFkYmNmYTQ2MDZkNDBiIiwidGFnIjoiIn0%3D
.check-gest.defstudio.dev/ Name: check_fruit_session
Value: eyJpdiI6ImhSbUowbDFHWEkwYzM5ME5rdjduOEE9PSIsInZhbHVlIjoiM1Y5TzBaK3VFS1J3R3daUkJ0OXlSSVZmMnVLbUQ5ZkY4YzkyUVR2NDBYK1NKeGJEd1lkdWRwOGs2ODYyemsrTHRIbktFTFgzVThWWDRYclphR1JZeDJpZnlCZDhFR0NTUE9GL0h5d1ZpSDJEUVR0bjErMU1sTEx3R1R3a2FmZU4iLCJtYWMiOiI3YjBmNjVmZmFkNmVhZjZhMTJiNGFhY2Y4NmViNDQxYjQwYjkzZmJmMWYwNzJmYTkwOGNmNGNmZjUxZDRjN2U2IiwidGFnIjoiIn0%3D
www.clarity.ms/ Name: CLID
Value: 10216ac047c64483bb2591c6d251239b.20240611.20250611
.defstudio.dev/ Name: _clck
Value: iclhgt%7C2%7Cfmj%7C0%7C1623
.defstudio.dev/ Name: _clsk
Value: ntbfpt%7C1718129316124%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 347EC596AA5D680C25C5D10DABF169BD
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 347EC596AA5D680C25C5D10DABF169BD
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 347EC596AA5D680C25C5D10DABF169BD
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

14 Console Messages

Source Level URL
Text
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://check-gest.defstudio.dev/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block