urlscan.io logo urlscan.io
SecurityTrails logo

webapp.besecret.com Open in urlscan Pro
2600:9000:211e:2200:16:8397:e300:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3vuRaiO
Effective URL: https://webapp.besecret.com/auth/guest&step=2
Submission: On January 12 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 18 domains to perform 55 HTTP transactions. The main IP is 2600:9000:211e:2200:16:8397:e300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is webapp.besecret.com.
TLS certificate: Issued by Amazon on June 4th 2022. Valid for: a year.
This is the only time webapp.besecret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
11 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.123 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 13.32.110.74 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 51.77.64.70 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
8 195.201.246.85 24940 (HETZNER-AS)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 143.204.215.118 16509 (AMAZON-02)
1 54.154.122.88 16509 (AMAZON-02)
1 99.86.240.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
2 20.62.48.180 8075 (MICROSOFT...)
55 24
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
3    2606:4700:3031::ac43:ccbb (United States)

ASN13335 (CLOUDFLARENET, US)
www.besecret.com
prod-api.besecret.com
11    2600:9000:211e:2200:16:8397:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
webapp.besecret.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net
static.hotjar.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.110.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-74.vie50.r.cloudfront.net
script.hotjar.com
2    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
3    2a00:1450:400d:80a::200d (Ireland)

ASN15169 (GOOGLE, US)
accounts.google.com
8    195.201.246.85 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 3biene.com
heimlich.app
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
vars.hotjar.com
1    54.154.122.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-122-88.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    99.86.240.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-83.vie50.r.cloudfront.net
vc.hotjar.io
1    2a00:1450:4001:806::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
Apex Domain
Subdomains		 Transfer
14 besecret.com
www.besecret.com
webapp.besecret.com
prod-api.besecret.com
2 MB
8 heimlich.app
heimlich.app
333 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1214
c.clarity.ms — Cisco Umbrella Rank: 1704
e.clarity.ms — Cisco Umbrella Rank: 9113
21 KB
5 google.com
accounts.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
116 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
224 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 362
c.bing.com — Cisco Umbrella Rank: 253
14 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 607
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 877
in.hotjar.com — Cisco Umbrella Rank: 1631
74 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5880
656 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
239 B
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5549
860 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 703
72 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 492
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2082
257 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
53 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5162
364 B
55 18
Domain Requested by
11 webapp.besecret.com webapp.besecret.com
8 heimlich.app webapp.besecret.com
4 connect.facebook.net webapp.besecret.com
connect.facebook.net
3 accounts.google.com webapp.besecret.com
accounts.google.com
3 bat.bing.com webapp.besecret.com
bat.bing.com
2 e.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google.de webapp.besecret.com
2 www.google.com 1 redirects webapp.besecret.com
2 www.facebook.com webapp.besecret.com
2 prod-api.besecret.com webapp.besecret.com
2 pro.ip-api.com webapp.besecret.com
2 maxcdn.bootstrapcdn.com webapp.besecret.com
maxcdn.bootstrapcdn.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
1 c.bing.com 1 redirects
1 fonts.gstatic.com webapp.besecret.com
1 csp.withgoogle.com webapp.besecret.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com webapp.besecret.com
1 www.googletagmanager.com webapp.besecret.com
1 www.besecret.com 1 redirects
1 bit.ly 1 redirects
55 27

This site contains links to these domains. Also see Links.

Domain
www.besecret.com
Subject Issuer Validity Valid
*.webapp.besecret.com
Amazon		 2022-06-04 -
2023-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-22 -
2023-01-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
heimlich.app
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://webapp.besecret.com/auth/guest&step=2
Frame ID: 18327B095DC449B83F4D659B7E898CC4
Requests: 50 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 23A1B0E9FAB094DB0A03E700A5CB102A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=undefined&shape=undefined&logo_alignment=undefined&width=145px&locale=undefined&client_id=254685056907-2ffrmaihncoblevb6rnp2tg8d5b0mh8j.apps.googleusercontent.com&iframe_id=gsi_971162_534150&as=XVjm9BJa5NjMpAgL%2FZCTcw
Frame ID: AA850EC432D9A8478D73A6B9FD7F7C4A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Besecret

Page URL History Show full URLs

  1. http://bit.ly/3vuRaiO HTTP 301
    https://www.besecret.com/app/Chriskr?subid=cartel2 HTTP 302
    https://webapp.besecret.com/auth/guest&step=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

55
Requests

96 %
HTTPS

56 %
IPv6

18
Domains

27
Subdomains

24
IPs

3
Countries

3088 kB
Transfer

6371 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3vuRaiO HTTP 301
    https://www.besecret.com/app/Chriskr?subid=cartel2 HTTP 302
    https://webapp.besecret.com/auth/guest&step=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=elzAY8eaL5fI1waVmb_wAg&sscte=1&crd=&pscrd=EktDaEFJZ1B6LW5RWVF2YlR6aWQ2WF81WUxFaVFBbW0xMlFFRDBzQ3J3aGx2bUJpX2hocjhPMG9BOUZSS0Q4V2wxdWtwMXlxcEhCTFkaV0NoRUlnUHotblFZUWpZN2h6X2lEdG9QaUFSSXNBRy1oZWlnMGNxeGhOSXlKOUdaa3Y4M2lfMXNVUTFCdExwRjZ2LWdnMVVMZ3JGcmFmYWdEaVBhQW1UTQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ1B6LW5RWVF2YlR6aWQ2WF81WUxFaVFBbW0xMlFFRDBzQ3J3aGx2bUJpX2hocjhPMG9BOUZSS0Q4V2wxdWtwMXlxcEhCTFkaV0NoRUlnUHotblFZUWpZN2h6X2lEdG9QaUFSSXNBRy1oZWlnMGNxeGhOSXlKOUdaa3Y4M2lfMXNVUTFCdExwRjZ2LWdnMVVMZ3JGcmFmYWdEaVBhQW1UTQ&is_vtc=1&ocp_id=elzAY8eaL5fI1waVmb_wAg&cid=CAQSKQDq26N9WH5rvZUmpHYZ5osrNKQmNI3wX33-PxvR7zmJjvWBMB3A-6PlIBM&random=4290339300 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ1B6LW5RWVF2YlR6aWQ2WF81WUxFaVFBbW0xMlFFRDBzQ3J3aGx2bUJpX2hocjhPMG9BOUZSS0Q4V2wxdWtwMXlxcEhCTFkaV0NoRUlnUHotblFZUWpZN2h6X2lEdG9QaUFSSXNBRy1oZWlnMGNxeGhOSXlKOUdaa3Y4M2lfMXNVUTFCdExwRjZ2LWdnMVVMZ3JGcmFmYWdEaVBhQW1UTQ&is_vtc=1&ocp_id=elzAY8eaL5fI1waVmb_wAg&cid=CAQSKQDq26N9WH5rvZUmpHYZ5osrNKQmNI3wX33-PxvR7zmJjvWBMB3A-6PlIBM&random=4290339300&ipr=y&prhg=0
Request Chain 50
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&RedC=c.clarity.ms&MXFR=31EFA9DBE52264BD0FCFBB4CE1226A58 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&MUID=0BBD50BA1EA666961C51422D1F0C677C

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request guest&step=2
webapp.besecret.com/auth/
Redirect Chain
  • http://bit.ly/3vuRaiO
  • https://www.besecret.com/app/Chriskr?subid=cartel2
  • https://webapp.besecret.com/auth/guest&step=2
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc0a94ea4b4d9248ca521e2ba70f6db5990d1ff21e10832f97616780fbcb0e18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Thu, 12 Jan 2023 19:16:11 GMT
etag
W/"03211f74d25a6b2d6e8f5c4beb222b05"
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id
rLpKTK_zCeaKUY6h_KCAC3p8UAcs5P1QXLc7rWRGDE36g-QANCYYaQ==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-headers
Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7888399b5bab5c80-FRA
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 19:16:10 GMT
location
https://webapp.besecret.com/auth/guest&step=2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVir%2BPvRMaozwWGK9fHazRXP1gejEHjWKRrxOUyp3ssdxf%2BoC0ZfmF0vBzR9mvSZfXRwg0KDPkfI%2FS%2F9QFxQFAVKL5BxsB6hcicXGMmLeSwwWziymJLAQvLhFeWMjmyhW%2F%2BSG33awndXdvbtoLel"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10827858794
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a156f0be608dccd6dc07f39aa0aef475b3ef40105d2e3ed69f5d7983d7c4ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53740
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 18:56:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 19:16:10 GMT
2.799c978e.chunk.css
webapp.besecret.com/static/css/ 		2 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webapp.besecret.com/static/css/2.799c978e.chunk.css
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f82f6754f6a3d8784ef0700e92c7c2b8acb842ce55b9713f21e11c83c144e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
gzip
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"c10a44b20c284540da4ac4636c7a433c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
toPLXwZUMooNjEh5_l8NO68litBsFQfbeUS86DV-q-H7eZnqoPYOPw==
main.4ababd05.chunk.css
webapp.besecret.com/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webapp.besecret.com/static/css/main.4ababd05.chunk.css
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4469659f622e72b70d065573fbbb7ca8635c37dff6e003745ded22bc1b8865e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
gzip
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"4e562108cce150d4b05982514c87e9f8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
ZILzHOYzo7SxdIBfzXahEBXBkyhgvi-wzc-3day-uOaqmHShwt8QuA==
2.2c2bf4c9.chunk.js
webapp.besecret.com/static/js/ 		2 MB
421 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webapp.besecret.com/static/js/2.2c2bf4c9.chunk.js
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da0d86264c9586fc2d5ad0eb28ca4a41b3c8731115bd1d4b9d4215637b28f5bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
gzip
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"8136e78dd747f764723a5754061188ef"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
D-sr83_I66tBJM8MD71jaSgPn7MvF8kadhDTWiD-AYWT87jhNXEciQ==
main.f96737ea.chunk.js
webapp.besecret.com/static/js/ 		513 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webapp.besecret.com/static/js/main.f96737ea.chunk.js
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87f379c70b93587826d8440327d1a6507bbefabed0a4d46f64029c264813bcd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
gzip
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"b1b86628b5dbc7072bbb9dc222c71321"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
sCvbLv4XJpga6KcL_mMcektdsNBkKvCbMyreCS0IIxU7zictP2o8eA==
hotjar-3304268.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3304268.js?sv=6
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
/
Resource Hash
89eb782b401e04ebb0ccbeb6f565f7dc91054f65bb7bdccbd8d5242369b231a3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 19:15:24 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
46
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/679884dceedf3dc13397475c20054a70
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
TmTJbG8px06gfFt_45Gfwu7j92Qy534x3m9CPUY8683MkFjQ1TRABw==
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 12 Jan 2023 19:16:10 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F67F286BF116408F9F06CA0C0F1C63D1 Ref B: DUS30EDGE0911 Ref C: 2023-01-12T19:16:10Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 19:16:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27815
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zORtThRBYSUUEwynNpYw+kdRYRKWyyvrE404An0KmZz4aXxAfbur4owFo1qzht78pY0a235zlkw3Kq0XhcTGcA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1082173055776753
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1082173055776753?v=2.9.92&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e324dc291c95a214d0d044ebb5c32719a429aa3740d41b24ab182c617d3f6a3e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 12 Jan 2023 19:16:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110097
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
9crZWwhv4hj96ib9z2SBVEt1DfsMLy5bWkmLsrcUAsVZr8Wo+qsnRmFicDjh6/io8eBYUg4ZAubOib/uNhY/Sw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.0a5831f9446624640839.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0a5831f9446624640839.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3304268.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-74.vie50.r.cloudfront.net
Software
/
Resource Hash
70713cff7a74460b7252af840d785a7d6cb0c63c2b1d44227ecda6601a2264ab
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 12:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
24364
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68992
last-modified
Thu, 12 Jan 2023 12:29:16 GMT
etag
"c190d47cd0259bc45c4cf36c6c1a261a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Hhdqx71xe9qL78rHKgh95YMnt1hyNhdz84TaglBY-ZrDFV4v6GH3aw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/?random=1673550970677&cv=11&fst=1673550970677&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&auid=50658969.1673550971&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10827858794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0c22ac1caa2d641c7cce52c16c6c82a3fc5efe870eadea73a5e05c2b7bdc4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10827858794/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10827858794/?random=1673550970689&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10827858794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9d04424b7aaa3f9065ca79739b203692da8b5d929ba391f77938a4c75dcf3285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1184
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
148026383.js
bat.bing.com/p/action/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/148026383.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
7106f3401b12c447495644d62cc6e21a3528bcd22588281a1ec642f2b9d1ba08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 12 Jan 2023 19:16:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88F7B6ADF41242C0990A9F385E25F88B Ref B: DUS30EDGE0911 Ref C: 2023-01-12T19:16:10Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
1447
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/2.2c2bf4c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
940
age
753178
cdn-cachedat
07/06/2022 16:35:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c2ac29fefd200cd8a80bd09221b23858
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
788839a01dd22c45-FRA
cdn-requestpullsuccess
True
step-background.bf63d92a.png
webapp.besecret.com/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/step-background.bf63d92a.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a2265ab5c0fd02638643e4a57d06b9e15036b0bbffa67b78d4a25e153213890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"bf63d92a5d68a2be9abf6484b7ce229d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
1390001
x-amz-cf-id
V9ENlfP8pKnSLmZDkkVTWWlWKFHwTQfV-uBRERjZDRTYcrWl6mGz8w==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/2.2c2bf4c9.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f7077c7de8380e619a92564617943d39ddeb85f6e149a6d85e167c0d9875e68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 19:16:10 GMT
content-md5
vQS956YN3Mvjh7WKNxtfsQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
4bGOlTPS/knVFkq0gmdj8XjKxt5/s3CEokcWaa9vfDCfs+lcHrDcrAF/eYqW+kUU7bfcosCTNN+QaN88IbHnMw==
x-fb-content-md5
25b8a8ff751299f929afd846d8f632f1
cross-origin-opener-policy
same-origin-allow-popups
etag
"49919d2ea7c1bdb9d620dae9454a8774"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 12 Jan 2023 19:28:00 GMT
json
pro.ip-api.com/ 		274 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=dU5KpOF4ZiQeP8K
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/main.f96737ea.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
4df00c8a36ee2fd31f7bcd6767e5ec227c4489756f2e0bbbd50aebaaeae8d3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 12 Jan 2023 19:16:10 GMT
Content-Length
274
Content-Type
application/json; charset=utf-8
client
accounts.google.com/gsi/ 		192 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/2.2c2bf4c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4da4b3d2eca72b5cf862bd9ceaf7d0418d916137479a2a857d131163ca84fae1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-oD-k5DTDUy68dp6GLx6VtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-oD-k5DTDUy68dp6GLx6VtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 12 Jan 2023 19:16:11 GMT
besecret_dark.47e989ee.png
webapp.besecret.com/static/media/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/besecret_dark.47e989ee.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b0e4218683be8b12e7a717cbf9776ee5e23ba5df4acb4d8971559a10ef1b9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"47e989ee20ce9b3bae7efd684cea0b08"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
85291
x-amz-cf-id
Xj1FOmoM_ENfEpxAN81EEDka89wgL4Y5_qIzI4-Vu6zwC87coJPWCw==
phonesBesecret.77bde64c.png
webapp.besecret.com/static/media/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/phonesBesecret.77bde64c.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d99917bb5152441e071e026804ed0cdd7d496de28e67348d15b1ffb32a2c2902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"77bde64c1c7ce88103b22a76975c2910"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
63490
x-amz-cf-id
pOZZONhGn7rpI8I-hgSPuI_3glV82IzWMWIkfbpLjlkkimFk3R5OWQ==
heimlich1.jpg
heimlich.app/images/besecret.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich1.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
794e854417aa177a7f4d1787198afb032424291e28a6a462c5f53d3a8936ebc6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 10:21:48 GMT
Server
Apache/2.4.25 (Debian)
ETag
"9aa0-5e18e015c8700"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
39584
heimlich2.jpg
heimlich.app/images/besecret.com/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich2.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
66d47b4eee9566a00e3fd80950fe1f333e2e3521edeebdeaaee4b180e9db5788
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 11:47:26 GMT
Server
Apache/2.4.25 (Debian)
ETag
"c403-5e18f339c2f80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
50179
heimlich3.jpg
heimlich.app/images/besecret.com/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich3.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
ba13bf5d127ad7a3eb59e83d2f3be45791ceed1b00f0ea36b6f526282d043875
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 11:48:50 GMT
Server
Apache/2.4.25 (Debian)
ETag
"bdcb-5e18f389dec80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
48587
heimlich4.jpg
heimlich.app/images/besecret.com/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich4.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8856ace2460646e2be466be2b385bb6a1e1a60564e139a1b938599560a3ce97e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 10:36:28 GMT
Server
Apache/2.4.25 (Debian)
ETag
"80f1-5e18e35d04300"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
33009
heimlich5.jpg
heimlich.app/images/besecret.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich5.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
72df2b1e7d91ce922b6087641bdee1605218f9733607f0859c301a0c0846a732
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 10:41:56 GMT
Server
Apache/2.4.25 (Debian)
ETag
"9027-5e18e495d2500"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
36903
heimlich6.jpg
heimlich.app/images/besecret.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich6.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
b91d888114c97c74aa619ff874d046dc7288b091c1cb237c6b807db30c85bf5b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 08:22:42 GMT
Server
Apache/2.4.25 (Debian)
ETag
"a0bd-5e18c576d3880"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
41149
heimlich7.jpg
heimlich.app/images/besecret.com/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich7.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
46f50b144d59e2aac58f97ba4079dc1120a5c6ababcd70c122cea70f13eb6e4d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 10:14:38 GMT
Server
Apache/2.4.25 (Debian)
ETag
"9979-5e18de7bb3f80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
39289
heimlich8.jpg
heimlich.app/images/besecret.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heimlich.app/images/besecret.com/heimlich8.jpg
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
3biene.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e0b0fc423a25e1e1bccaed18ab157385ff9d4f5cbfcfeb3edc3d89f1d6c5ad8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 19:16:11 GMT
Strict-Transport-Security
max-age=0
Last-Modified
Thu, 16 Jun 2022 10:53:02 GMT
Server
Apache/2.4.25 (Debian)
ETag
"c061-5e18e710f7f80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
49249
girl.8758be3b.png
webapp.besecret.com/static/media/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/girl.8758be3b.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c030335f66066d65d442012c6015aedabc9c9279f8683b7988a19b9840650189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"8758be3ba051a5590ae18f98fdf0cc1b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
46573
x-amz-cf-id
XPJYc968pbLBanueBYS1PsObDJgHAk0XX90G3082LPB_c1xejQ5LIw==
man.51e41440.png
webapp.besecret.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/man.51e41440.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ac3f00ba3bcbf945b8c9483ff263d4cd6ce780b20d5e48d6d5e5edf08bf3906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"51e414400576b51a07b82b1406a907b8"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
11233
x-amz-cf-id
SVApbBccHqC3lHZ9rkdbfgrdq3AFl3ummCuZF1_35v3W7Vyni3XavA==
women.8e414a08.png
webapp.besecret.com/static/media/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webapp.besecret.com/static/media/women.8e414a08.png
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:16:8397:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb32b1872b3fa7115e7758e1174f8b46352ebe995d02a96b4ef30b8e0bf0a033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/auth/guest&step=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 15:49:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"8e414a08df960de778358165c2549e54"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
11610
x-amz-cf-id
vHnzunOGkJdQRwL_73XEJ25GAm04gSGpdATmQvXPrtiEoHBbaX_bSg==
publicSettings
prod-api.besecret.com/api/ 		73 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-api.besecret.com/api/publicSettings
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/2.2c2bf4c9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ccbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe4621e6b9114bfa4d75681fba2901bad2b3bfd7db54ae9b74be269afc314be

Request headers

Accept
application/json, text/plain, */*
Referer
https://webapp.besecret.com/
accept-language
de-DE,de;q=0.9
HEIMLICHAPPVERSION
2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
devicetype
web

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb1kvw721e22uuxxWf0ug5huUi%2Fgzjx%2Ba4jXZN1LfNv72v7mMEGv3pZWRt1SLmiDIGdYrS6baYtWIfZ4oInrgMbe8d0OX6DN%2F9tkxdQPs4knoIwYj8gzLRGF%2BNmD7OUFJQpgTOD7QTe%2FczgfqIEQpalh8xo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
no-cache, private
cf-ray
788839a0d9099226-FRA
access-control-allow-headers
Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
publicSettings
prod-api.besecret.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-api.besecret.com/api/publicSettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ccbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
devicetype,heimlichappversion
Access-Control-Request-Method
GET
Origin
https://webapp.besecret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
788839a058459226-FRA
content-encoding
br
content-type
application/json
date
Thu, 12 Jan 2023 19:16:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0TIFeyDsIufzPw43ADs5qFgX72F98VmFza8%2B%2BCWOTW%2FBqhhPqu33ZzQyuBmvJ4qupv08l28rL4uo15DjJCuzWPDbMni1ge8%2FSGNFEn74j%2B5v%2F08f%2BSNOrzNSlnyiFkjX3jShx71tZow57mBGpVlBKqIPEE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=148026383&Ver=2&mid=ac5bebfb-5c3e-4760-816f-d031af8b8204&sid=92d5e43092ad11eda820737e7a91a613&vid=92d61d9092ad11ed9703b1db6479df8a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Besecret&p=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&r=&lt=1004&evt=pageLoad&sv=1&rn=186350
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 12 Jan 2023 19:16:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3230C7CA6F4744EDBE60D29A2ABB5C0F Ref B: DUS30EDGE0911 Ref C: 2023-01-12T19:16:10Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1082173055776753&ev=PageView&dl=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&rl=&if=false&ts=1673550970899&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673550970898.1540023946&it=1673550970654&coo=false&rqm=GET
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 12 Jan 2023 19:16:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.de/pagead/1p-conversion/10827858794/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGk...
  • https://www.google.com/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadse...
  • https://www.google.de/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadser...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ1B6LW5RWVF2YlR6aWQ2WF81WUxFaVFBbW0xMlFFRDBzQ3J3aGx2bUJpX2hocjhPMG9BOUZSS0Q4V2wxdWtwMXlxcEhCTFkaV0NoRUlnUHotblFZUWpZN2h6X2lEdG9QaUFSSXNBRy1oZWlnMGNxeGhOSXlKOUdaa3Y4M2lfMXNVUTFCdExwRjZ2LWdnMVVMZ3JGcmFmYWdEaVBhQW1UTQ&is_vtc=1&ocp_id=elzAY8eaL5fI1waVmb_wAg&cid=CAQSKQDq26N9WH5rvZUmpHYZ5osrNKQmNI3wX33-PxvR7zmJjvWBMB3A-6PlIBM&random=4290339300&ipr=y&prhg=0
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10827858794/?random=414170438&cv=11&fst=1673550970689&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&gtm_ee=1&auid=50658969.1673550971&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ1B6LW5RWVF2YlR6aWQ2WF81WUxFaVFBbW0xMlFFRDBzQ3J3aGx2bUJpX2hocjhPMG9BOUZSS0Q4V2wxdWtwMXlxcEhCTFkaV0NoRUlnUHotblFZUWpZN2h6X2lEdG9QaUFSSXNBRy1oZWlnMGNxeGhOSXlKOUdaa3Y4M2lfMXNVUTFCdExwRjZ2LWdnMVVMZ3JGcmFmYWdEaVBhQW1UTQ&is_vtc=1&ocp_id=elzAY8eaL5fI1waVmb_wAg&cid=CAQSKQDq26N9WH5rvZUmpHYZ5osrNKQmNI3wX33-PxvR7zmJjvWBMB3A-6PlIBM&random=4290339300&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
148026383
www.clarity.ms/tag/uet/ 		900 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/148026383
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/148026383.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
422f835eb2e5e1467ee68d3925682bfcc48c31907fc7d4ec96d696df316baa10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 12 Jan 2023 19:16:11 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0e1zAYwAAAAAjd9SJ364DS6ZEhLTp3d3KRlJBMzFFREdFMDkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=61115bcaa927675461684515d1e38712
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42ad8a4f1a0c221b728bd6d3bc28fbea424a05076d5ed517a16fd8fe0985aeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://webapp.besecret.com/
Origin
https://webapp.besecret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 19:16:10 GMT
content-md5
Z11ALVs0B8MqV1Bg6WOiMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88404
x-fb-rlafr
0
x-fb-debug
qRM6cPB+x9l6J6GF+nUC98GovnBIp746zTnAz653EZAt3IQVd/jxwVmYP2Ai+o5GGcSGF1YpGeY1SQNFfmkVlw==
x-fb-content-md5
7a882d66a09016984e60f613f01505da
cross-origin-opener-policy
same-origin-allow-popups
etag
"e33cbd080d6152ed6ec8f58c16b99e92"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jan 2024 16:34:13 GMT
/
www.google.com/pagead/1p-user-list/10827858794/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10827858794/?random=1673550970677&cv=11&fst=1673550000000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2347259306&rmt_tld=0&ipr=y
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10827858794/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10827858794/?random=1673550970677&cv=11&fst=1673550000000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&tiba=Besecret&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2347259306&rmt_tld=1&ipr=y
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 23A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3304268.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://webapp.besecret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3508449
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 04:42:02 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-id
k2E06hcXaipUzU6Gpe3mmckRzD_2lzFTa5oELu3Kl-56tEfUqlOPgw==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://webapp.besecret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
864
age
8493823
cdn-cachedat
03/12/2022 09:03:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6f02e9304a5904bf88161db57846ca4d
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
788839a0a959bbf1-FRA
cdn-requestpullsuccess
True
json
pro.ip-api.com/ 		274 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=dU5KpOF4ZiQeP8K
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/static/js/main.f96737ea.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
4df00c8a36ee2fd31f7bcd6767e5ec227c4489756f2e0bbbd50aebaaeae8d3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 12 Jan 2023 19:16:11 GMT
Content-Length
274
Content-Type
application/json; charset=utf-8
visit-data
in.hotjar.com/api/v2/client/sites/3304268/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3304268/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0a5831f9446624640839.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.122.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-122-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6

Request headers

Referer
https://webapp.besecret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
3304268
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3304268?s=0.25&r=0.20608553250220019
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0a5831f9446624640839.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-83.vie50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:12 GMT
via
1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
zTPRvhuYT9uPcGPeCQxp-Fs-og125z4-6ASsII6_PCVH8bbRMDiXfg==
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ygsxkHPCPF3PWQcehrD-vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-ygsxkHPCPF3PWQcehrD-vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 12 Jan 2023 19:16:11 GMT
button
accounts.google.com/gsi/ Frame AA85 		105 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=undefined&shape=undefined&logo_alignment=undefined&width=145px&locale=undefined&client_id=254685056907-2ffrmaihncoblevb6rnp2tg8d5b0mh8j.apps.googleusercontent.com&iframe_id=gsi_971162_534150&as=XVjm9BJa5NjMpAgL%2FZCTcw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c647816b63bdffbe5ee3e5d1e4972aa682516ccf523ddded8e8003bc796f085b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-juf3Fkhsg22BkkCauAepbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webapp.besecret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-juf3Fkhsg22BkkCauAepbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:16:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame AA85 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://accounts.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame AA85 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: webapp.besecret.com
URL: https://webapp.besecret.com/auth/guest&step=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 21:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 21:45:36 GMT
clarity.js
www.clarity.ms/eus2-b/s/0.7.1/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148026383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:16:11 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0cFO/YwAAAABBLYwfHHyjTbeapNffNOFiRlJBMjMxMDUwNDE4MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d9162aa06b059e"
x-azure-ref
0e1zAYwAAAAC2x9nQCabaRKX1EOWSlHyORlJBMzFFREdFMDkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&RedC=c.clarity.ms&MXFR=31EFA9DBE52264BD0FCFBB4CE1226A58
  • https://c.clarity.ms/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&MUID=0BBD50BA1EA666961C51422D1F0C677C
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&MUID=0BBD50BA1EA666961C51422D1F0C677C
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
last-modified
Thu, 05 Jan 2023 17:40:42 GMT
server
Microsoft-IIS/10.0
etag
"d59a6ed52c21d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 19:16:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E611A216929A4A4CAEA16EBA13B9E9E5 Ref B: DUS30EDGE0911 Ref C: 2023-01-12T19:16:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=30EF617E7CC24A94BD7967024D4027A5&MUID=0BBD50BA1EA666961C51422D1F0C677C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
e.clarity.ms/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://webapp.besecret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://webapp.besecret.com
date
Thu, 12 Jan 2023 19:16:11 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1082173055776753&ev=Microdata&dl=https%3A%2F%2Fwebapp.besecret.com%2Fauth%2Fguest%26step%3D2&rl=&if=false&ts=1673550972403&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Besecret%22%2C%22meta%3Adescription%22%3A%22beichten%2C%20chatten%2C%20punkten%2C%20daten%E2%80%A6%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673550970898.1540023946&it=1673550970654&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webapp.besecret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 12 Jan 2023 19:16:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://webapp.besecret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://webapp.besecret.com
date
Thu, 12 Jan 2023 19:16:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange boolean| iOS object| OneSignal boolean| bootWithOneSignal function| hj object| _hjSettings function| gtag object| dataLayer object| uetq function| uet_report_conversion function| fbq function| _fbq object| webpackJsonpheimlich-react object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_67049c1c43 number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| fbAsyncInit object| FB object| __buffer object| default_gsi object| google object| closure_lm_910538 object| __G_ID_CLIENT__ function| clarity object| clarityuetq

22 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n0cjg9-430deed83daee9e401-00c
www.besecret.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ildab2F2dnFVRzVJWWFvTEJIa0dlS0E9PSIsInZhbHVlIjoicHpjbTlLMVNKUithZkdMMlpaWUpsMmp6UGhidGJLKzBJalZScXRJbEN6OHdUcW1maXRxS0FNdThyV1E5cVFTajIzcUF5TmR2dmk3UWx0WEdBa2R4RHFMR2ZubXpaU21mQzhaOVFUbEVqY0UyczR6b0dLYUVuUndwZDZkejUrMDUiLCJtYWMiOiJkZGRlMTE4MmJjMWMyNzZkYWM2NTQzODI1YjAwNTA3YzlkYTExNmE4NjRlNDM1OWFkMGNhOTI0YWM5NDhhMWZhIiwidGFnIjoiIn0%3D
www.besecret.com/ Name: besecret_session
Value: eyJpdiI6Ikx2cWdIaXVUZExOVjlsN21nazZtNGc9PSIsInZhbHVlIjoiV3dObmppWnlmQVh1MERibFhwUzg3cWo4NW1meHJ4akVDSHZDa0dwallObzN6Kyt0ZThMaXBEdkVpL0d3TXlPMUpGY2dZRXVPOXlpQm82RVlhclVuRG9QbE5YeFkxV1F4QkJ6TjlDQXZEdnUveXZxWHFCNkIyYUliRHRXelVwRlUiLCJtYWMiOiI2MDU4NDI5YmQ0NmM5NzYzYzU1NzY0ODMzYTM2NTRjYWExOGY1YzM5MTA3YmM5MDFkOGNmNjU4YzY4OTRhMDZjIiwidGFnIjoiIn0%3D
.bing.com/ Name: MUID
Value: 0BBD50BA1EA666961C51422D1F0C677C
.besecret.com/ Name: _gcl_au
Value: 1.1.50658969.1673550971
.besecret.com/ Name: _uetsid
Value: 92d5e43092ad11eda820737e7a91a613
.besecret.com/ Name: _uetvid
Value: 92d61d9092ad11ed9703b1db6479df8a
.besecret.com/ Name: _fbp
Value: fb.1.1673550970898.1540023946
.doubleclick.net/ Name: IDE
Value: AHWqTUmh0W8gvSvFwl3d873awqZxAVazMUfBPzrxoXXG-PMPWuupEKSYqYrS4lJd
.besecret.com/ Name: _hjSessionUser_3304268
Value: eyJpZCI6IjM3NWU2YTlmLWYwNWYtNWFjZC1iNTE1LTQwMGE0MjdkM2FmMyIsImNyZWF0ZWQiOjE2NzM1NTA5NzA5MzIsImV4aXN0aW5nIjpmYWxzZX0=
.besecret.com/ Name: _hjFirstSeen
Value: 1
webapp.besecret.com/ Name: _hjIncludedInSessionSample
Value: 0
.besecret.com/ Name: _hjSession_3304268
Value: eyJpZCI6IjRjNTYzMTM2LTMyODAtNDUzMC04NDQ3LWY2ZjMyZGU0OWZhMSIsImNyZWF0ZWQiOjE2NzM1NTA5NzExMjIsImluU2FtcGxlIjpmYWxzZX0=
webapp.besecret.com/ Name: _hjIncludedInPageviewSample
Value: 1
.besecret.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
www.clarity.ms/ Name: CLID
Value: 9b0419faadd64077969b90ff2febcc52.20230112.20240112
.besecret.com/ Name: _clck
Value: 91zzqs|1|f87|0
.c.bing.com/ Name: SRM_B
Value: 0BBD50BA1EA666961C51422D1F0C677C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0BBD50BA1EA666961C51422D1F0C677C
.c.clarity.ms/ Name: ANONCHK
Value: 0
.besecret.com/ Name: _clsk
Value: 1evtv9w|1673550971971|1|1|e.clarity.ms/collect

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
bat.bing.com
bit.ly
c.bing.com
c.clarity.ms
connect.facebook.net
csp.withgoogle.com
e.clarity.ms
fonts.gstatic.com
googleads.g.doubleclick.net
heimlich.app
in.hotjar.com
maxcdn.bootstrapcdn.com
pro.ip-api.com
prod-api.besecret.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
webapp.besecret.com
www.besecret.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.32.110.74
142.250.185.226
143.204.215.118
195.201.246.85
20.234.93.27
20.62.48.180
2600:9000:211e:2200:16:8397:e300:93a1
2606:4700:3031::ac43:ccbb
2606:4700::6812:bcf
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:806::2011
2a00:1450:4001:813::2003
2a00:1450:400d:803::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200d
2a00:1450:400d:80d::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.77.64.70
54.154.122.88
65.9.66.123
67.199.248.10
99.86.240.83
1a2265ab5c0fd02638643e4a57d06b9e15036b0bbffa67b78d4a25e153213890
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
422f835eb2e5e1467ee68d3925682bfcc48c31907fc7d4ec96d696df316baa10
42ad8a4f1a0c221b728bd6d3bc28fbea424a05076d5ed517a16fd8fe0985aeec
46f50b144d59e2aac58f97ba4079dc1120a5c6ababcd70c122cea70f13eb6e4d
4ac3f00ba3bcbf945b8c9483ff263d4cd6ce780b20d5e48d6d5e5edf08bf3906
4da4b3d2eca72b5cf862bd9ceaf7d0418d916137479a2a857d131163ca84fae1
4df00c8a36ee2fd31f7bcd6767e5ec227c4489756f2e0bbbd50aebaaeae8d3d0
5f7077c7de8380e619a92564617943d39ddeb85f6e149a6d85e167c0d9875e68
66d47b4eee9566a00e3fd80950fe1f333e2e3521edeebdeaaee4b180e9db5788
70713cff7a74460b7252af840d785a7d6cb0c63c2b1d44227ecda6601a2264ab
7106f3401b12c447495644d62cc6e21a3528bcd22588281a1ec642f2b9d1ba08
72df2b1e7d91ce922b6087641bdee1605218f9733607f0859c301a0c0846a732
794e854417aa177a7f4d1787198afb032424291e28a6a462c5f53d3a8936ebc6
87f379c70b93587826d8440327d1a6507bbefabed0a4d46f64029c264813bcd5
8856ace2460646e2be466be2b385bb6a1e1a60564e139a1b938599560a3ce97e
89eb782b401e04ebb0ccbeb6f565f7dc91054f65bb7bdccbd8d5242369b231a3
8a156f0be608dccd6dc07f39aa0aef475b3ef40105d2e3ed69f5d7983d7c4ae5
8b0e4218683be8b12e7a717cbf9776ee5e23ba5df4acb4d8971559a10ef1b9a4
8f82f6754f6a3d8784ef0700e92c7c2b8acb842ce55b9713f21e11c83c144e6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d04424b7aaa3f9065ca79739b203692da8b5d929ba391f77938a4c75dcf3285
b91d888114c97c74aa619ff874d046dc7288b091c1cb237c6b807db30c85bf5b
ba13bf5d127ad7a3eb59e83d2f3be45791ceed1b00f0ea36b6f526282d043875
c030335f66066d65d442012c6015aedabc9c9279f8683b7988a19b9840650189
c0c22ac1caa2d641c7cce52c16c6c82a3fc5efe870eadea73a5e05c2b7bdc4d2
c647816b63bdffbe5ee3e5d1e4972aa682516ccf523ddded8e8003bc796f085b
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6
d99917bb5152441e071e026804ed0cdd7d496de28e67348d15b1ffb32a2c2902
da0d86264c9586fc2d5ad0eb28ca4a41b3c8731115bd1d4b9d4215637b28f5bd
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dc0a94ea4b4d9248ca521e2ba70f6db5990d1ff21e10832f97616780fbcb0e18
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfe4621e6b9114bfa4d75681fba2901bad2b3bfd7db54ae9b74be269afc314be
e0b0fc423a25e1e1bccaed18ab157385ff9d4f5cbfcfeb3edc3d89f1d6c5ad8f
e324dc291c95a214d0d044ebb5c32719a429aa3740d41b24ab182c617d3f6a3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4469659f622e72b70d065573fbbb7ca8635c37dff6e003745ded22bc1b8865e
eb32b1872b3fa7115e7758e1174f8b46352ebe995d02a96b4ef30b8e0bf0a033
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995