webapp.heimlich.com Open in urlscan Pro
2600:9000:2670:5a00:c:c879:6e00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3X86dey
Effective URL:
https://webapp.heimlich.com/auth/guest&step=2
Submission: On March 10 via manual (March 10th 2024, 3:10:31 am UTC) from DE — Scanned from DE

Summary HTTP 44 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2600:9000:2670:5a00:c:c879:6e00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is webapp.heimlich.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 28th 2023. Valid for: a year.

This is the only time webapp.heimlich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:303... 2606:4700:3033::ac43:c6fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2600:9000:267... 2600:9000:2670:5a00:c:c879:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.33.187.92 13.33.187.92	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:303... 2606:4700:3032::6815:3478	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
8	167.235.181.248 167.235.181.248	24940 (HETZNER-AS) (HETZNER-AS)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
44	16

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:c6fb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

heimlich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2670:5a00:c:c879:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

webapp.heimlich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:3478 (United States)

ASN13335 (CLOUDFLARENET, US)

prod-api.heimlich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 167.235.181.248 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server2023.1treff.com

heimlich.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	heimlich.com 1 redirects heimlich.com webapp.heimlich.com prod-api.heimlich.com	2 MB
8	heimlich.app heimlich.app	256 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 f.clarity.ms — Cisco Umbrella Rank: 20115 c.clarity.ms — Cisco Umbrella Rank: 1360	28 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 244	16 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	61 KB
2	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 20 www.google.com — Cisco Umbrella Rank: 2	84 KB
2	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5774	922 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	70 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	273 B
1	google.de www.google.de — Cisco Umbrella Rank: 6744	455 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	75 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7189	300 B
44	14

	Domain	Requested by
13	webapp.heimlich.com	webapp.heimlich.com
8	heimlich.app	webapp.heimlich.com
3	f.clarity.ms	www.clarity.ms
3	bat.bing.com	webapp.heimlich.com bat.bing.com
2	c.clarity.ms	1 redirects
2	pro.ip-api.com	webapp.heimlich.com
2	prod-api.heimlich.com	webapp.heimlich.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	connect.facebook.net	webapp.heimlich.com connect.facebook.net
1	c.bing.com	1 redirects
1	www.facebook.com	webapp.heimlich.com
1	www.google.de	webapp.heimlich.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	accounts.google.com	webapp.heimlich.com
1	static.hotjar.com	webapp.heimlich.com
1	www.googletagmanager.com	webapp.heimlich.com
1	heimlich.com	1 redirects
1	bit.ly	1 redirects
44	21

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.heimlich.com

Subject Issuer	Validity	Valid
*.webapp.heimlich.com Amazon RSA 2048 M01	`2023-07-28` - `2024-08-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
heimlich.com E1	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
heimlich.app R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://webapp.heimlich.com/auth/guest&step=2
Frame ID: 1CB453D887EA74D78350DC239549ECEF
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heimlich

Page URL History Show full URLs

https://bit.ly/3X86dey HTTP 301
https://heimlich.com/app/Fernando96?subid=telegram HTTP 302
https://webapp.heimlich.com/auth/guest&step=2 Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

44
Requests

95 %
HTTPS

60 %
IPv6

14
Domains

21
Subdomains

16
IPs

4
Countries

2904 kB
Transfer

5677 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/de/app/heimlich-com/id1308069339?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.heimlich

Search URL Search Domain Scan URL

URL: https://www.heimlich.com/impressum?app=1
Title: Imprint

Search URL Search Domain Scan URL

URL: https://www.heimlich.com/nutzungsbedingungen?app=1
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.heimlich.com/datenschutz?app=1
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3X86dey HTTP 301
https://heimlich.com/app/Fernando96?subid=telegram HTTP 302
https://webapp.heimlich.com/auth/guest&step=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4aGVGdWJ5VVNXV2xaSkR0WUFxNF9ONUpITzE5TDNuZUlmWENqN25GUkhMaFNFGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWTG9FMzZsUWE4MkdReGZyTkpZX0ZQd2ZVN0tYNzdqMllqSHgzNUlTQmZxd0lINnFEaWhENVl5Y0EiEwjqna2i3OiEAxWWLQYAHbxcANYyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
https://www.google.com/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4aGVGdWJ5VVNXV2xaSkR0WUFxNF9ONUpITzE5TDNuZUlmWENqN25GUkhMaFNFGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWTG9FMzZsUWE4MkdReGZyTkpZX0ZQd2ZVN0tYNzdqMllqSHgzNUlTQmZxd0lINnFEaWhENVl5Y0EiEwjqna2i3OiEAxWWLQYAHbxcANYyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqrcByC67vi4kfhMeIkQQc-njqHk3How&random=1249633217 HTTP 302
https://www.google.de/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4aGVGdWJ5VVNXV2xaSkR0WUFxNF9ONUpITzE5TDNuZUlmWENqN25GUkhMaFNFGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWTG9FMzZsUWE4MkdReGZyTkpZX0ZQd2ZVN0tYNzdqMllqSHgzNUlTQmZxd0lINnFEaWhENVl5Y0EiEwjqna2i3OiEAxWWLQYAHbxcANYyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqrcByC67vi4kfhMeIkQQc-njqHk3How&random=1249633217&ipr=y

Request Chain 40

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&RedC=c.clarity.ms&MXFR=36923C84FFDE6E2A33C428BAFBDE6096 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&MUID=2051C46C34B9661236F5D05235D2676D

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request guest&step=2 Show response
webapp.heimlich.com/auth/
Redirect Chain

https://bit.ly/3X86dey
https://heimlich.com/app/Fernando96?subid=telegram
https://webapp.heimlich.com/auth/guest&step=2

4 KB
2 KB

110ms
55ms

Document
text/html

2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5011824fb00e7928dd8e73f38b012c916407006253c380d43741ad0733785cf3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Sun, 10 Mar 2024 03:10:26 GMT
etag: "00cf00f972ffb9ca0652a6452264e1af"
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
x-amz-cf-id: IK_SPgZz_-pW2-bQZbK0VBCI-0RYSc5loiaB9ryym4t5jTUw2PgVuQ==
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront

Redirect headers

access-control-allow-headers: Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 86201c98ae223a8b-FRA
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 03:10:26 GMT
location: https://webapp.heimlich.com/auth/guest&step=2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2XDjE%2BMA4NMtAbXnZ5cvQe4goO2WpzbYPXkTi20JnOMnmbR2oFiARLMK4IqE0iELm2Y6TO0QqcHf3GTukx8IHr52%2FdLGk2OdoDLL3IyvHrlniT8iS28XLedkukG3uXUgnJWcUfe8%2FDgxwM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 129ms
50ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10827858794

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

588443cbe9327a979b75dc0a5e522a61f6448e90e4b6c727cff6efaa6f9bfda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 03:10:26 GMT

GET
H2 200 2.799c978e.chunk.css
webapp.heimlich.com/static/css/ 2 KB
986 B 38ms
37ms Stylesheet
text/css 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.heimlich.com/static/css/2.799c978e.chunk.css
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f82f6754f6a3d8784ef0700e92c7c2b8acb842ce55b9713f21e11c83c144e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: gzip
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "c10a44b20c284540da4ac4636c7a433c"
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aY8_Oij77kevhreTAtLf0WRc7CXFwTlk9O-fZkA4VoOM1zh_lVzybg==

GET
H2 200 main.4ababd05.chunk.css
webapp.heimlich.com/static/css/ 1 KB
1 KB 41ms
41ms Stylesheet
text/css 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.heimlich.com/static/css/main.4ababd05.chunk.css
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4469659f622e72b70d065573fbbb7ca8635c37dff6e003745ded22bc1b8865e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: gzip
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "4e562108cce150d4b05982514c87e9f8"
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ab_DWIcewdP4vpCTTuEjb9_KB4NEUfQVxTrCxAMOTN03DjCF2Nokfg==

GET
H2 200 2.799587ec.chunk.js Show response
webapp.heimlich.com/static/js/ 2 MB
418 KB 59ms
59ms Script
application/javascript 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.heimlich.com/static/js/2.799587ec.chunk.js
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27cb25a6a41f109b09f7370d03c40d504ee97f8bc89289936fe528b1d392dc90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: gzip
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "3de9dc448369e1b83a48baa5b5c93ef5"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: poR8g3Of2-u95LwaJGR7yKQgvw6ap49v7K7n_q03Y0fhO6qpunzjgA==

GET
H2 200 main.ccc6bfa5.chunk.js Show response
webapp.heimlich.com/static/js/ 511 KB
148 KB 63ms
63ms Script
application/javascript 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.heimlich.com/static/js/main.ccc6bfa5.chunk.js
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8844971321954dd60941df70856a0648446b925585a27296bdb00c0e0fce77c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: gzip
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "5bc5e9cb93d74262458fe3f028a00c57"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: U0CYceC3bz941cVd46jpqlBqoIKFLNwIO5vZK0BvxvlLCSCk6XkWgg==

GET
H2 200 hotjar-3304268.js Show response
static.hotjar.com/c/ 9 KB
4 KB 58ms
37ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3304268.js?sv=6

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

e75bb34bef12f3c0a999b4d5919407e5bda3f8da17381276141a801303a55c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/bfdb910cefe8db5d917978ad4007b7be
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MmSpd61Q7Ne07yWQSE24T9clxybyxXS2t9J8iDupvFA5E90W0GOdjA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 72ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 10 Mar 2024 03:10:26 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0451753A28EB44868470C23165828AB0 Ref B: FRAEDGE1414 Ref C: 2024-03-10T03:10:26Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Mar 2024 03:10:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: lYFLdJLTTU7n9V7RUzUr90ugXEVc75d308K5Y4EPwzKOgGZP84mRi76LUpIV47Vm8EsPqaKxiJ3mHtRvVy8hFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1082173055776753 Show response
connect.facebook.net/signals/config/ 53 KB
12 KB 421ms
420ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1082173055776753?v=2.9.148&r=stable&domain=webapp.heimlich.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ea55a42f533bd87d661a1ced7f7eb67f7bedbc1d4d61d235c8ce7a025941c70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Mar 2024 03:10:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=63, mss=1326, tbw=62451, tp=-1, tpl=-1, uplat=413, ullat=0
pragma: public
x-fb-debug: FgH8QFCp8mPB24cyb6sK3zfLpGIvKGfRsV6WSatpA4NE4Nu8PI7LMtOvTA200m7EV5wm+l3EeNZKPtKOvzZclQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.a4fd7e5489291affcf56.js Show response
script.hotjar.com/ 220 KB
55 KB 27ms
7ms Script
application/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a4fd7e5489291affcf56.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3304268.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-92.fra60.r.cloudfront.net

Software

Resource Hash

c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 148460
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55553
last-modified: Fri, 08 Mar 2024 09:55:51 GMT
etag: "739599f44296537096534936ee9c2d0d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5B-r-ZMVlCFEUXiOMIrcYEQoXf17WY6sGyjAg9XWILHTCGj6sdcmsw==

GET
H2 200 148026383.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148026383.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e63c6f6ff740a472e7f1a9531547a334af09e90960e911c3921179cc338d4159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 10 Mar 2024 03:10:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D257063C2784F4690518551F0199859 Ref B: FRAEDGE1414 Ref C: 2024-03-10T03:10:26Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 148026383 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 217ms
186ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/148026383
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/148026383.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 76b2cab6c41de31547b0cce306a1e499ec18d7379b86445903c37daa79b88fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Sun, 10 Mar 2024 03:10:27 GMT
x-azure-ref: 20240310T031027Z-9zpwt5uew52b56avzvqhgdcn7000000009mg0000000063g8
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 step-background.bf63d92a.png
webapp.heimlich.com/static/media/ 1 MB
1 MB 89ms
89ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/step-background.bf63d92a.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a2265ab5c0fd02638643e4a57d06b9e15036b0bbffa67b78d4a25e153213890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "bf63d92a5d68a2be9abf6484b7ce229d"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1390001
x-amz-cf-id: rNR_mtKm6ZrUOdlKNcqYBadmhJP4HG0alAbn2_DfDXmi2OqYiJb0Pw==

OPTIONS
H2 200 publicSettings
prod-api.heimlich.com/api/ 0
0 94ms
43ms Preflight
application/json 2606:4700:3032::6815:3478
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-api.heimlich.com/api/publicSettings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: devicetoken,devicetype,heimlichappversion
Access-Control-Request-Method: GET
Origin: https://webapp.heimlich.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 86201c9b696bbc03-FRA
content-encoding: br
content-type: application/json
date: Sun, 10 Mar 2024 03:10:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1es9HuSrrP5LtciHF%2F6b%2FiZ2RnzgeJyqmqmUdPfDNEd%2BDHnzwEABAxXfr7qe0I44pf5nPPfli9MeWZDnA8ys8kO56rl8IGeLEzH3tOANNqoDpkJOBMX9XddKTrrtLiGTp6SvVNyjNGZqQQTlYfsPCYskDsw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 305 B
461 B 43ms
7ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=dU5KpOF4ZiQeP8K
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/static/js/main.ccc6bfa5.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: dd0b24daec81b7c28c8cdcfe6ee23970e7b1af9cd7d7ad14cb6413c0b85f9f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 10 Mar 2024 03:10:27 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

GET
H2 200 client Show response
accounts.google.com/gsi/ 215 KB
83 KB 64ms
28ms Script
application/javascript 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/static/js/2.799587ec.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

343364f41373bb7fbd4b219315705f1816e720b11defb8a6846a342f476b6495

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V-zIALwCggJJlvZS_9uMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-V-zIALwCggJJlvZS_9uMag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 10 Mar 2024 03:10:27 GMT

GET
H3 200 logoTextTwo.62056d74.png
webapp.heimlich.com/static/media/ 71 KB
71 KB 69ms
68ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/logoTextTwo.62056d74.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f0c7f5164364034128c8d4648187599ece85aee2f836b1b4821059082e4ac0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "62056d74dceb720875b36178b3d145d5"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 72416
x-amz-cf-id: bsDdItRS-MWCCPEIT8_WxlrZLKBRqDRmBWGZDlngFA5N4pXWfj3mKg==

GET
H3 200 phones.e50f0cab.png
webapp.heimlich.com/static/media/ 72 KB
72 KB 93ms
92ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/phones.e50f0cab.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c91043e01652fa63a1d98d71e8c69915ce5ab74b8a81155e9d081d4a880d778c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "e50f0cabd778e6d50f8d0de417c63bb2"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 73702
x-amz-cf-id: _yYJeYtkbos5Iws-SbDwxZ-dtKgYnNRCYSO6Dbn4IJJWpEz9JHJsCg==

GET
H/1.1 200
OK heimlich1.jpg
heimlich.app/images/heimlich.com/ 32 KB
33 KB 65ms
13ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich1.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

8ba89566c4cba8602587b1de124f1c38d19dbae10b966194c5191482e52c523f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:27:36 GMT
Server: Apache
ETag: "81d7-5e18eecae3a00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33239

GET
H/1.1 200
OK heimlich2.jpg
heimlich.app/images/heimlich.com/ 42 KB
42 KB 65ms
14ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich2.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

6e9605a1026425331e52e3ef48befd0416897c7545c2bb1474627aa4076006ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:27:42 GMT
Server: Apache
ETag: "a659-5e18eed09c780"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42585

GET
H/1.1 200
OK heimlich3.jpg
heimlich.app/images/heimlich.com/ 32 KB
32 KB 67ms
15ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich3.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

a0703b640224f37ac287435edd88502102d391df0010e14abb34937ac2ee280b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:27:48 GMT
Server: Apache
ETag: "7f91-5e18eed655500"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32657

GET
H/1.1 200
OK heimlich4.jpg
heimlich.app/images/heimlich.com/ 26 KB
27 KB 87ms
12ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich4.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

2b6190869cdab9760368c00ec474b15de4238713fc95750c3c7292138fafbd46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:27:54 GMT
Server: Apache
ETag: "68e6-5e18eedc0e280"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 26854

GET
H/1.1 200
OK heimlich5.jpg
heimlich.app/images/heimlich.com/ 29 KB
29 KB 64ms
12ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich5.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

0c529eaf79269e68c9ee4dd1ec7daf2ffd6388578f0f0bf6644274cc70da75c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:28:00 GMT
Server: Apache
ETag: "72b8-5e18eee1c7000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29368

GET
H/1.1 200
OK heimlich6.jpg
heimlich.app/images/heimlich.com/ 34 KB
34 KB 66ms
14ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich6.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

fc462ef3c72ea39bb61d254a610fc045c802fb2c2b6636b5d0cbef5eeec53309

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:28:06 GMT
Server: Apache
ETag: "87ea-5e18eee77fd80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 34794

GET
H/1.1 200
OK heimlich7.jpg
heimlich.app/images/heimlich.com/ 31 KB
31 KB 61ms
11ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich7.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

53a9c0f69a5cca144a5ec8baea7483ade40304c866faeb251a260c4576a7ab83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:28:10 GMT
Server: Apache
ETag: "7b5c-5e18eeeb50680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31580

GET
H/1.1 200
OK heimlich8.jpg
heimlich.app/images/heimlich.com/ 28 KB
29 KB 86ms
13ms Image
image/jpeg 167.235.181.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heimlich.app/images/heimlich.com/heimlich8.jpg

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.235.181.248 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server2023.1treff.com

Software

Apache /

Resource Hash

ad4142b5225cc9d0971256509c384f87ed7b58aa3ac7b13e71c64baa8ffd2b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 03:10:27 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Thu, 16 Jun 2022 11:28:14 GMT
Server: Apache
ETag: "70f0-5e18eeef20f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28912

GET
H3 200 girl.8758be3b.png
webapp.heimlich.com/static/media/ 45 KB
46 KB 60ms
59ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/girl.8758be3b.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c030335f66066d65d442012c6015aedabc9c9279f8683b7988a19b9840650189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "8758be3ba051a5590ae18f98fdf0cc1b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 46573
x-amz-cf-id: XTtMTVVtdx7uxBM0S9crBHGGOgelY_YXRIM8u5HQZGfoNvCtSE2Exw==

GET
H3 200 apple-store.8aa52d95.png
webapp.heimlich.com/static/media/ 62 KB
62 KB 56ms
56ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/apple-store.8aa52d95.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef9a5eaf68b632a691d8848115c50e9c078ecec8e16d648fdfc3069e4f91bb58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "8aa52d9568abe72994a0a2bc27b242f9"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 63389
x-amz-cf-id: e6L4c5hgnP3oGJVYs8B6TqSQR9jXj_zz-RcFUYvzfCeqwmBhk-5utw==

GET
H3 200 google-play.3a261364.png
webapp.heimlich.com/static/media/ 110 KB
110 KB 74ms
73ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/google-play.3a261364.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0360bdd09b1a65118392b55607b76e2eea7b1fd40cea6883d05fc6a7686cde43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "3a2613640c939998428a78b64b0ffe19"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 112497
x-amz-cf-id: n2h5CPDigaXVCdEbM4XLfNkEilS4J3eMVgjKLk046epN0Kl8_gn2Cw==

GET
H3 200 man.51e41440.png
webapp.heimlich.com/static/media/ 11 KB
11 KB 58ms
57ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/man.51e41440.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ac3f00ba3bcbf945b8c9483ff263d4cd6ce780b20d5e48d6d5e5edf08bf3906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "51e414400576b51a07b82b1406a907b8"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11233
x-amz-cf-id: 1Eg8ZMafXkI9iuctSfA5CInvCYQTuUSMsvsLdRx7T1bDc7FQkyigIQ==

GET
H3 200 women.8e414a08.png
webapp.heimlich.com/static/media/ 11 KB
12 KB 69ms
69ms Image
image/png 2600:9000:2670:5a00:c:c879:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.heimlich.com/static/media/women.8e414a08.png
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2670:5a00:c:c879:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb32b1872b3fa7115e7758e1174f8b46352ebe995d02a96b4ef30b8e0bf0a033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/auth/guest&step=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
via: 1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 12:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "8e414a08df960de778358165c2549e54"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11610
x-amz-cf-id: IIkiiwGiicYZ3-zxcnL3BEbnovoHCSGIENQvENR6QHlY2cac-KB-kQ==

GET
H2 200 publicSettings Show response
prod-api.heimlich.com/api/ 1 KB
702 B 35ms
34ms XHR
application/json 2606:4700:3032::6815:3478
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-api.heimlich.com/api/publicSettings
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/static/js/2.799587ec.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6913fae5024a6f2e2e2e4189f6fc82cd459adbc572e4ea7bd6bb1b63d3169496

Request headers

Accept: application/json, text/plain, */*
Referer: https://webapp.heimlich.com/
accept-language: de-DE,de;q=0.9
HEIMLICHAPPVERSION: 2.2
devicetoken: a70417b3-ef39-40de-968d-5cf5d2bf187b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
devicetype: web

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i94ZvseVGpxTzSRli8R%2FOVxHwVq4lPaN89tshb2ui5Scfge1OsP0hed9AJA3BPIr%2F5utSZVlVCribG2u4Mo%2FIpkf2wlUKVtRRTfXVv7qDPvV8hI07kUhtSm9HYqxfBYm%2BrwNbt8ye3uHiKBAvZlhNwsXj0c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
cache-control: no-cache, private
cf-ray: 86201c9bb997bc03-FRA
access-control-allow-headers: Authorization, Accept, devicetoken, devicetype, HEIMLICHAPPVERSION, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 7ms
7ms Script
application/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a4fd7e5489291affcf56.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-92.fra60.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 3933500
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZvstqG5m-9FXHI0ZRxgFqOyvsR5bCprIyuDT9Cua827TsosoQIOqcA==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10827858794/ 3 KB
2 KB 156ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10827858794/?random=1710040227085&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10827858794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8c729cc059a10f89f1b1da1fb01b1210602b33af4ab90340dff04fc6088b8298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 03:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
285 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148026383&Ver=2&mid=4af3aa6b-3f99-4254-b4b0-8706e96ee26d&sid=be60f3c0de8b11ee9f356515908fc9a1&vid=be60d4d0de8b11ee8569396683c3eef4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Heimlich&p=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&r=&lt=612&evt=pageLoad&sv=1&rn=673231

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Mar 2024 03:10:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 768E5537BDB34E4095C1FCBA97D9E107 Ref B: FRAEDGE1414 Ref C: 2024-03-10T03:10:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 305 B
461 B 8ms
8ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=dU5KpOF4ZiQeP8K
Requested by: Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/static/js/main.ccc6bfa5.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: dd0b24daec81b7c28c8cdcfe6ee23970e7b1af9cd7d7ad14cb6413c0b85f9f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 10 Mar 2024 03:10:27 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.23/ 60 KB
25 KB 15ms
14ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.23/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148026383
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 03:10:27 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 11:18:26 GMT
etag: W/"0x8DC3E984F270C4F"
vary: Accept-Encoding
x-azure-ref: 20240310T031027Z-9zpwt5uew52b56avzvqhgdcn7000000009mg0000000063gb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b2e661b5-b01e-000e-4584-70076b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

/
www.google.de/pagead/1p-conversion/10827858794/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma...
https://www.google.com/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&...
https://www.google.de/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&u...

42 B
455 B

131ms
52ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4aGVGdWJ5VVNXV2xaSkR0WUFxNF9ONUpITzE5TDNuZUlmWENqN25GUkhMaFNFGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWTG9FMzZsUWE4MkdReGZyTkpZX0ZQd2ZVN0tYNzdqMllqSHgzNUlTQmZxd0lINnFEaWhENVl5Y0EiEwjqna2i3OiEAxWWLQYAHbxcANYyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqrcByC67vi4kfhMeIkQQc-njqHk3How&random=1249633217&ipr=y

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 03:10:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Mar 2024 03:10:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10827858794/?random=1765836925&cv=11&fst=1710040227085&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&label=NHyGCLWHoosDEOqGkKso&hn=www.googleadservices.com&frm=0&tiba=Heimlich&gtm_ee=1&npa=1&pscdl=noapi&auid=1449989890.1710040227&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek9DaEVJZ0s2d3J3WVFzNjZMbDUycjhOMmJBUkltQUJtMzc4aGVGdWJ5VVNXV2xaSkR0WUFxNF9ONUpITzE5TDNuZUlmWENqN25GUkhMaFNFGlpDaEVJZ0s2d3J3WVF0STZQdXFtWHRNV2VBUkl1QUFfV1VWTG9FMzZsUWE4MkdReGZyTkpZX0ZQd2ZVN0tYNzdqMllqSHgzNUlTQmZxd0lINnFEaWhENVl5Y0EiEwjqna2i3OiEAxWWLQYAHbxcANYyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSGwB7FLtqrcByC67vi4kfhMeIkQQc-njqHk3How&random=1249633217&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
299 B 289ms
94ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://webapp.heimlich.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://webapp.heimlich.com
Date: Sun, 10 Mar 2024 03:10:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1082173055776753&ev=PageView&dl=https%3A%2F%2Fwebapp.heimlich.com%2Fauth%2Fguest%26step%3D2&rl=&if=false&ts=1710040227327&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710040227326.1184086663&ler=empty&cdl=API_unavailable&it=1710040226891&coo=false&rqm=GET

Requested by

Host: webapp.heimlich.com
URL: https://webapp.heimlich.com/auth/guest&step=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2760, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Mar 2024 03:10:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&RedC=c.clarity.ms&MXFR=36923C84FFDE6E2A33C428BAFBDE6096
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&MUID=2051C46C34B9661236F5D05235D2676D

42 B
441 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&MUID=2051C46C34B9661236F5D05235D2676D
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webapp.heimlich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 03:10:27 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 10 Mar 2024 03:10:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71E02B3F66504F50B02F234668B30376 Ref B: FRAEDGE1414 Ref C: 2024-03-10T03:10:27Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FAAEADB4219A4BBDBCE565B9980446F6&MUID=2051C46C34B9661236F5D05235D2676D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
299 B 92ms
91ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://webapp.heimlich.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://webapp.heimlich.com
Date: Sun, 10 Mar 2024 03:10:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
299 B 93ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://webapp.heimlich.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://webapp.heimlich.com
Date: Sun, 10 Mar 2024 03:10:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 23:19:52	Name: _bit Value: o2a3aq-e23b4f51e38da93dba-002
heimlich.com/	1970-01-20 19:00:47	Name: XSRF-TOKEN Value: eyJpdiI6InJUcElacnV1dkE4VzVUN1JqQ2NMYlE9PSIsInZhbHVlIjoieXpXRDdLZEF3Ukg4ZXpxUmZpMiswU1FoaUdaM3lxdkoyUnVWWG1hUWpqY1QvUmh2bUpLalZ6ZDNGUDg0YVAvNUJ4U2VrWlV1YVFpQUl4VUhqOHJ3am82NUd2QnZJNDlRVk1mdTA3Q0Rwa3d4aUFGUnRwbWhiLzVrMFNrT3FYd20iLCJtYWMiOiI4ZGE5ZjRhMmI3YzEzZjcyNzQ2NjIwN2I0NjQzMDgwYTJhNjc4ZDRlOTU4YTAxZmE2ZDlmZTQxNjg5NTE3YWNkIiwidGFnIjoiIn0%3D
heimlich.com/	1970-01-20 19:00:47	Name: heimlich_production_session Value: eyJpdiI6Ii9sQ3BCNS9aUGt1UWtLSFMyaDJzRlE9PSIsInZhbHVlIjoiU1lsNi9OeDFQV3Q3aXNWcnhqUWJ3SCttUUJRUWQ4MExKSFIzTFV6VWd3eFdudUZoaHhCZDV5MWpJUll5Q2g4MXRJRmxZT3l2aThZWjFFcDBxZ0ZaSW9YM2J3UmVQSmtibjI5eXJZdkt1ajlUL28vK0VobHJBTHo1aXZOUm1TcUkiLCJtYWMiOiI0ZTc3ZDJkZGY0ZWJjNmU2YWVmNWZlYjM1NThjYjMzNjQzMTA5NGM5N2VjZGY0MDRjMmIzYTcyYjY4ZTg1MmZiIiwidGFnIjoiIn0%3D
.heimlich.com/	1970-01-21 03:46:16	Name: _hjSessionUser_3304268 Value: eyJpZCI6ImQ0ZTg3ZDg0LWQ3YjItNTYyMC1hODFlLTUxODIzYjQwN2Y4ZSIsImNyZWF0ZWQiOjE3MTAwNDAyMjcwNzcsImV4aXN0aW5nIjpmYWxzZX0=
.heimlich.com/	1970-01-20 19:00:42	Name: _hjSession_3304268 Value: eyJpZCI6ImJlNzZmOGY0LWQ0MDMtNGE3NC05Y2IzLWY0MWZiNWE3MzNmMiIsImMiOjE3MTAwNDAyMjcwNzcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.heimlich.com/	1970-01-20 21:10:16	Name: _gcl_au Value: 1.1.1449989890.1710040227
.heimlich.com/	1970-01-20 19:02:06	Name: _uetsid Value: be60f3c0de8b11ee9f356515908fc9a1
.heimlich.com/	1970-01-21 04:22:16	Name: _uetvid Value: be60d4d0de8b11ee8569396683c3eef4
.bing.com/	1970-01-21 04:22:16	Name: MUID Value: 2051C46C34B9661236F5D05235D2676D
www.clarity.ms/	1970-01-21 03:46:16	Name: CLID Value: 1782eeb32ac34db6a3dcb2bf5f816c42.20240310.20250310
.heimlich.com/	1970-01-21 03:46:16	Name: _clck Value: h28dh1%7C2%7Cfjy%7C0%7C1530
.heimlich.com/	1970-01-20 21:10:16	Name: _fbp Value: fb.1.1710040227326.1184086663
.doubleclick.net/	1970-01-20 19:00:41	Name: test_cookie Value: CheckForPermission
.heimlich.com/	1970-01-20 19:02:06	Name: _clsk Value: 18pjrq6%7C1710040227610%7C1%7C1%7Cf.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 19:10:45	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:22:16	Name: SRM_B Value: 2051C46C34B9661236F5D05235D2676D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:22:16	Name: MUID Value: 2051C46C34B9661236F5D05235D2676D
.c.clarity.ms/	1970-01-20 19:10:45	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:00:40	Name: ANONCHK Value: 0

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1082173055776753?v=2.9.148&r=stable&domain=webapp.heimlich.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://webapp.heimlich.com/auth/guest&step=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
bat.bing.com
bit.ly
c.bing.com
c.clarity.ms
connect.facebook.net
f.clarity.ms
googleads.g.doubleclick.net
heimlich.app
heimlich.com
pro.ip-api.com
prod-api.heimlich.com
script.hotjar.com
static.hotjar.com
webapp.heimlich.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.33.187.92
167.235.181.248
18.66.97.37
20.84.22.197
216.58.212.162
2600:9000:2670:5a00:c:c879:6e00:93a1
2606:4700:3032::6815:3478
2606:4700:3033::ac43:c6fb
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c0a::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
51.77.64.70
67.199.248.10
68.219.88.97
0360bdd09b1a65118392b55607b76e2eea7b1fd40cea6883d05fc6a7686cde43
0c529eaf79269e68c9ee4dd1ec7daf2ffd6388578f0f0bf6644274cc70da75c0
0ea55a42f533bd87d661a1ced7f7eb67f7bedbc1d4d61d235c8ce7a025941c70
1a2265ab5c0fd02638643e4a57d06b9e15036b0bbffa67b78d4a25e153213890
1f0c7f5164364034128c8d4648187599ece85aee2f836b1b4821059082e4ac0b
27cb25a6a41f109b09f7370d03c40d504ee97f8bc89289936fe528b1d392dc90
2b6190869cdab9760368c00ec474b15de4238713fc95750c3c7292138fafbd46
343364f41373bb7fbd4b219315705f1816e720b11defb8a6846a342f476b6495
4ac3f00ba3bcbf945b8c9483ff263d4cd6ce780b20d5e48d6d5e5edf08bf3906
5011824fb00e7928dd8e73f38b012c916407006253c380d43741ad0733785cf3
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
53a9c0f69a5cca144a5ec8baea7483ade40304c866faeb251a260c4576a7ab83
588443cbe9327a979b75dc0a5e522a61f6448e90e4b6c727cff6efaa6f9bfda1
6913fae5024a6f2e2e2e4189f6fc82cd459adbc572e4ea7bd6bb1b63d3169496
6e9605a1026425331e52e3ef48befd0416897c7545c2bb1474627aa4076006ee
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
76b2cab6c41de31547b0cce306a1e499ec18d7379b86445903c37daa79b88fb6
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8844971321954dd60941df70856a0648446b925585a27296bdb00c0e0fce77c4
8ba89566c4cba8602587b1de124f1c38d19dbae10b966194c5191482e52c523f
8c729cc059a10f89f1b1da1fb01b1210602b33af4ab90340dff04fc6088b8298
8f82f6754f6a3d8784ef0700e92c7c2b8acb842ce55b9713f21e11c83c144e6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4
a0703b640224f37ac287435edd88502102d391df0010e14abb34937ac2ee280b
ad4142b5225cc9d0971256509c384f87ed7b58aa3ac7b13e71c64baa8ffd2b19
c030335f66066d65d442012c6015aedabc9c9279f8683b7988a19b9840650189
c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea
c91043e01652fa63a1d98d71e8c69915ce5ab74b8a81155e9d081d4a880d778c
dd0b24daec81b7c28c8cdcfe6ee23970e7b1af9cd7d7ad14cb6413c0b85f9f4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4469659f622e72b70d065573fbbb7ca8635c37dff6e003745ded22bc1b8865e
e63c6f6ff740a472e7f1a9531547a334af09e90960e911c3921179cc338d4159
e75bb34bef12f3c0a999b4d5919407e5bda3f8da17381276141a801303a55c87
eb32b1872b3fa7115e7758e1174f8b46352ebe995d02a96b4ef30b8e0bf0a033
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a5eaf68b632a691d8848115c50e9c078ecec8e16d648fdfc3069e4f91bb58
fc462ef3c72ea39bb61d254a610fc045c802fb2c2b6636b5d0cbef5eeec53309

webapp.heimlich.com Open in urlscan Pro 2600:9000:2670:5a00:c:c879:6e00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

60 %IPv6

14 Domains

21 Subdomains

16 IPs

4 Countries

2904 kBTransfer

5677 kBSize

20 Cookies

5 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

webapp.heimlich.com Open in urlscan Pro
2600:9000:2670:5a00:c:c879:6e00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

60 %
IPv6

14
Domains

21
Subdomains

16
IPs

4
Countries

2904 kB
Transfer

5677 kB
Size

20
Cookies

44 HTTP transactions
0 data transactions