urlscan.io logo urlscan.io
SecurityTrails logo

bearyein.com Open in urlscan Pro
34.117.223.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bearyein.com/
Effective URL: https://bearyein.com/password
Submission: On August 04 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 45 HTTP transactions. The main IP is 34.117.223.165, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is bearyein.com.
TLS certificate: Issued by WR3 on August 1st 2024. Valid for: 3 months.
This is the only time bearyein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 34.117.223.165 396982 (GOOGLE-CL...)
8 34.107.179.111 396982 (GOOGLE-CL...)
2 52.222.214.61 16509 (AMAZON-02)
1 2a02:2350:5:1... 51468 (ONECOM)
2 34.102.183.68 396982 (GOOGLE-CL...)
4 5.9.97.43 24940 (HETZNER-AS)
2 2a04:4e42:200... 54113 (FASTLY)
2 2620:1ec:bdf::44 8075 (MICROSOFT...)
8 2a05:d018:1cf... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.152.143.207 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
45 16
7    34.117.223.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.223.117.34.bc.googleusercontent.com
bearyein.com
8    34.107.179.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.179.107.34.bc.googleusercontent.com
themes.fourthwall.com
cdn.fourthwall.com
2    52.222.214.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-61.fra56.r.cloudfront.net
js.stripe.com
1    2a02:2350:5:102:a7:c33d:c80d:cd1f (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
sparklecat.eu
2    34.102.183.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.183.102.34.bc.googleusercontent.com
imgproxy.fourthwall.com
4    5.9.97.43 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn.claspo.io
scripts.claspo.io
cdn.claspo.io
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
8    2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
script.claspo.io
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
12 claspo.io
scripts.claspo.io — Cisco Umbrella Rank: 171051
script.claspo.io — Cisco Umbrella Rank: 150017
cdn.claspo.io — Cisco Umbrella Rank: 372959
3 MB
10 fourthwall.com
themes.fourthwall.com — Cisco Umbrella Rank: 305459
cdn.fourthwall.com — Cisco Umbrella Rank: 329961
imgproxy.fourthwall.com — Cisco Umbrella Rank: 302658
154 KB
7 bearyein.com
bearyein.com
205 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
o.clarity.ms — Cisco Umbrella Rank: 12757
c.clarity.ms — Cisco Umbrella Rank: 1838
28 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6716
126 B
2 gstatic.com
fonts.gstatic.com
136 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
12 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
155 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
210 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
210 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
773 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 sparklecat.eu
sparklecat.eu
509 B
45 13
Domain Requested by
8 script.claspo.io cdn.fourthwall.com
scripts.claspo.io
7 bearyein.com 1 redirects bearyein.com
freestyle
cdn.fourthwall.com
6 themes.fourthwall.com bearyein.com
themes.fourthwall.com
3 cdn.claspo.io scripts.claspo.io
bearyein.com
2 www.google.de
2 c.clarity.ms 1 redirects
2 o.clarity.ms cdn.fourthwall.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms bearyein.com
www.clarity.ms
2 cdn.jsdelivr.net bearyein.com
2 imgproxy.fourthwall.com bearyein.com
2 cdn.fourthwall.com bearyein.com
2 js.stripe.com bearyein.com
js.stripe.com
1 stats.g.doubleclick.net
1 region1.analytics.google.com
1 c.bing.com 1 redirects
1 fonts.googleapis.com scripts.claspo.io
1 scripts.claspo.io bearyein.com
1 sparklecat.eu bearyein.com
45 19

This site contains links to these domains. Also see Links.

Domain
youtube.com
x.com
fourthwall.com
Subject Issuer Validity Valid
bearyein.com
WR3		 2024-08-01 -
2024-10-30		 3 months crt.sh
fourthwall.com
WR3		 2024-07-16 -
2024-10-14		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
*.sparklecat.eu
E6		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.claspo.io
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bearyein.com/password
Frame ID: 843B6E8FA51207C755DC133E62ED9F6F
Requests: 40 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 21303036BCCF3F24B94D52179A38B7E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coming soon | BearyEin

Page URL History Show full URLs

  1. https://bearyein.com/ HTTP 302
    https://bearyein.com/password Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

45
Requests

98 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

16
IPs

5
Countries

3498 kB
Transfer

5258 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bearyein.com/ HTTP 302
    https://bearyein.com/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&RedC=c.clarity.ms&MXFR=01DD2447A5C16C4D1F713096A1C16264 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&MUID=1D9F2CE135CF6FFA389E3830341D6EEF

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
bearyein.com/
Redirect Chain
  • https://bearyein.com/
  • https://bearyein.com/password
35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
56868d59f5c1f259bb6b6fabf8fb5676ee474ded4c4d823d3d89d389e967d6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=6,public,s-maxage=30,stale-while-revalidate=30
content-encoding
br
content-security-policy-report-only
report-uri https://o276638.ingest.sentry.io/api/3755835/security/?sentry_key=3ca837c4b889463d8ab50e4ebb014331
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 04:09:41 GMT
link
<https://imgproxy.fourthwall.com>; rel=preconnect; crossorigin, Link: <https://themes.fourthwall.com>; rel="preconnect"; crossorigin
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
9b739aea-90b8-401a-9532-7ded87336852
x-robots-tag
noindex
x-runtime
0.007575
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy-report-only
report-uri https://o276638.ingest.sentry.io/api/3755835/security/?sentry_key=3ca837c4b889463d8ab50e4ebb014331
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 04:09:41 GMT
link
<https://imgproxy.fourthwall.com>; rel=preconnect; crossorigin, Link: <https://themes.fourthwall.com>; rel="preconnect"; crossorigin
location
https://bearyein.com/password
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ffb2d95d-01e0-4d10-abf2-f06d1c7e58c0
x-runtime
0.006382
x-xss-protection
0
vendor.css
themes.fourthwall.com/themes-library/assets/0ce952ba-2603-4e96-881d-62a9b95daf00/assets/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes-library/assets/0ce952ba-2603-4e96-881d-62a9b95daf00/assets/vendor.css?v=b7fdac61a90ad1e625b76fc6f1342182af70842cac88754be5a33627c4de548e
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b7fdac61a90ad1e625b76fc6f1342182af70842cac88754be5a33627c4de548e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1
x-guploader-uploadid
AHxI1nO2nefB29WrBPlip6U2NrQ3GIRTWIgHwX4XkVkwanEo8huwfEgwKgwpoqgz2KHB8tQWIqtXk93T1A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2298
last-modified
Mon, 15 Jul 2024 17:18:03 GMT
server
UploadServer
etag
"696693f4c6986c9194cf55c9388bef03"
vary
Accept-Encoding
x-goog-generation
1721063883047489
x-goog-hash
crc32c=W7p4nA==, md5=aWaT9MaYbJGUz1XJOIvvAw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, Content-Disposition, Cache-Control, x-newrelic-id
cache-control
public, s-maxage=60
x-goog-stored-content-length
2298
accept-ranges
bytes
content-type
text/css
expires
Sun, 04 Aug 2024 04:10:41 GMT
css-variables.scss.css
themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/ 		2 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/css-variables.scss.css?v=369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-guploader-uploadid
AHxI1nMZfZtEHyj5paQepTki0jy_hnenAk8TKWhhg_TanI4zxsYv8u2ANFDjREL24_Y-RdtabGECTR2bww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
525
last-modified
Thu, 01 Aug 2024 09:19:39 GMT
server
UploadServer
etag
"da8532b3f96d2f4d2fa579fceea8c8e2"
vary
Accept-Encoding
x-goog-generation
1722503979804494
x-goog-hash
crc32c=rXyZbA==, md5=2oUys/ltL00vpXn87qjI4g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, Content-Disposition, Cache-Control, x-newrelic-id
cache-control
public, s-maxage=60
x-goog-stored-content-length
525
accept-ranges
bytes
content-type
text/css
expires
Sun, 04 Aug 2024 04:10:42 GMT
password.scss.css
themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/password.scss.css?v=f9586b170d9c24f2d4c3557ddde37cfc32d8ec09e8e5d6cc8a8604af1cd1d7fb
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f9586b170d9c24f2d4c3557ddde37cfc32d8ec09e8e5d6cc8a8604af1cd1d7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-guploader-uploadid
AHxI1nNjWyUVkyatwSskAdtyLUKVE8BGTd3cV9hKaI7ACumm-Orga4fifaUxRqc_85LIyLSuxyaQZ09wzQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5932
last-modified
Thu, 01 Aug 2024 04:25:00 GMT
server
UploadServer
etag
"404c7ed61c46a7286691dff0696a3c50"
vary
Accept-Encoding
x-goog-generation
1722486300710069
x-goog-hash
crc32c=IjoTxQ==, md5=QEx+1hxGpyhmkd/waWo8UA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, Content-Disposition, Cache-Control, x-newrelic-id
cache-control
public, s-maxage=60
x-goog-stored-content-length
5932
accept-ranges
bytes
content-type
text/css
expires
Sun, 04 Aug 2024 04:10:42 GMT
/
js.stripe.com/v3/ 		634 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-61.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:43 GMT
content-encoding
br
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Aug 2024 21:58:40 GMT
server
Cloudfront
etag
W/"377b7b7410510b02a0911f1ca8793557"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
trUetfdHGgILVyjx_-1eq65dgaqxYRfnrIeC7Oa19ZUBnRykSmLvxg==
instant.js
cdn.fourthwall.com/web-perf/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fourthwall.com/web-perf/instant.js
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:01:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
478
x-guploader-uploadid
AHxI1nO2RPEP74pS5jZcoajvpXM3CCf_ZhgyRmwCopU09bCaIVOviPkEiPHUnEVzZTT2tF-9puyvxHjRYw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1081
last-modified
Tue, 26 Apr 2022 21:26:51 GMT
server
UploadServer
etag
W/"27fe8bb81ec7ba25db0990a5d51f64ba"
vary
Accept-Encoding
x-goog-generation
1651008411120643
x-goog-hash
crc32c=CdEVyQ==, md5=J/6LuB7HuiXbCZCl1R9kug==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, access-control-allow-origin, Content-Disposition, Cache-Control
cache-control
public, max-age=3600
x-goog-stored-content-length
2841
accept-ranges
none
content-type
text/javascript
expires
Sun, 04 Aug 2024 05:01:44 GMT
scrollbar.css
sparklecat.eu/fw/addons/ 		535 B
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sparklecat.eu/fw/addons/scrollbar.css
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:5:102:a7:c33d:c80d:cd1f Copenhagen, Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
c8660d42d7570e898c71ad7891e1cbf9d7a84b5dec7878870adfa36304aa082e

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
via
1.1 webcache1 (Varnish/trunk)
x-onecom-cluster-name
last-modified
Tue, 16 Jul 2024 14:07:46 GMT
server
Apache
age
0
etag
"217-61d5ddec1180f-gzip"
vary
Accept-Encoding
content-type
text/css
x-varnish
3030465330
accept-ranges
bytes
content-length
249
-x7tcSnQ5lo.webp
imgproxy.fourthwall.com/MTBBAnkknnl6rsN9VP-sZYgZLSosx1Y5TXBxbTER980/w:151/sm:1/enc/ODYxNjVjMTcwNTRj/N2FiZeiRYBqciIsa/Kj1ACIkl7HOjSNLh/fiy0-lxi8nLPBQsj/W1B2oc6lZC9zBgkE/sv930Jv2R0zCHT0Y/_MboEk57E8jn... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgproxy.fourthwall.com/MTBBAnkknnl6rsN9VP-sZYgZLSosx1Y5TXBxbTER980/w:151/sm:1/enc/ODYxNjVjMTcwNTRj/N2FiZeiRYBqciIsa/Kj1ACIkl7HOjSNLh/fiy0-lxi8nLPBQsj/W1B2oc6lZC9zBgkE/sv930Jv2R0zCHT0Y/_MboEk57E8jnbtZm/kFAb14EGTTXG4o8b/X7ZlOs84v15_x-Aq/R7clCKsAFel_r1O5/tU5b4Kc2zjenBFVJ/I9_BpkLyvcsTFMD5/Ruf9jIKKtPj-A4pN/T0VaRLJSja4YN9PW/-x7tcSnQ5lo.webp
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.183.102.34.bc.googleusercontent.com
Software
/
Resource Hash
ae9380f04f56f2fa460bb18c093ba7e8cf4c5a3f211b423b1fa9ce4d8b491590
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-security-policy
script-src 'none'
via
1.1 google
strict-transport-security
max-age=31536000
etag
"TlrxrOKEVhq3K20wkWxv1XWJmgMO5kOs0p80Gc9Yw2g/RIjRiNGMwNGU2NmVmMDcyYTBkMWZjYzAyNjBlMjM4YTA2Ig"
vary
Accept
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600,public
content-disposition
inline; filename="95ab5af9-0810-4598-98b6-44adb562b400_logo.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5192
x-request-id
dc01d547-091b-4ddf-b6ce-0ab9e7c09937
theme.js
themes.fourthwall.com/themes-library/assets/0ce952ba-2603-4e96-881d-62a9b95daf00/assets/ 		479 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes-library/assets/0ce952ba-2603-4e96-881d-62a9b95daf00/assets/theme.js?v=10d263ff23b1a5021041dcb4c5ef853f0d79884df630b789476de1fe05dda51c
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10d263ff23b1a5021041dcb4c5ef853f0d79884df630b789476de1fe05dda51c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1
x-guploader-uploadid
AHxI1nM8wqfYJliMPx2DwWEaD8W5ox7ITxibwi2g3MxXQSlVR_y2dYyuRALMIQaHjOLOSC5giACYxwg-5g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91953
last-modified
Mon, 15 Jul 2024 17:18:00 GMT
server
UploadServer
etag
"80852eef87db44c500c0e2518e3548d6"
vary
Accept-Encoding
x-goog-generation
1721063880506661
x-goog-hash
crc32c=cnipOA==, md5=gIUu74fbRMUAwOJRjjVI1g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, Content-Disposition, Cache-Control, x-newrelic-id
cache-control
public, s-maxage=60
x-goog-stored-content-length
91953
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Aug 2024 04:10:41 GMT
mtg.js
bearyein.com/_c/ 		267 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/_c/mtg.js?id=GTM-PV2BBNN
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e360c390fa1712efd21dc232e4376c055f5abd24d4bddb45b5c8f89d89333145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bearyein.com/password
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 04:24:34 GMT
shop-events-listener.js
cdn.fourthwall.com/shop-event-listener/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9686ef7a0cf727f8c5e93ef63d91cba17838ba20cf9fa303e76ff70de4e99cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 03:10:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3537
x-guploader-uploadid
AHxI1nOwVe5T_jQKFUKVeHMV9OoQ-UmT9KvqymwcuOnsxFjwwjxaINdoCha6GQ_eiRkcANQ9vv6ymhJwRA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1448
x-goog-meta-commit-sha
724459c5
last-modified
Mon, 04 Mar 2024 11:29:25 GMT
server
UploadServer
etag
"40b218d24aca4c3fd44eb8ab2b7e06b4"
x-goog-generation
1709551765256796
x-goog-hash
crc32c=ACMZhg==, md5=QLIY0krKTD/UTrirK34GtA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, x-goog-content-length-range, Origin, Content-Type, Content-MD5, access-control-allow-origin, Content-Disposition, Cache-Control
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
1448
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Aug 2024 04:10:45 GMT
cabin_n7.woff2
themes.fourthwall.com/themes/fonts/woff2/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes/fonts/woff2/cabin_n7.woff2
Requested by
Host: themes.fourthwall.com
URL: https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/css-variables.scss.css?v=369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2e1fbd7e48f9a62315f363850007c59862721ec0fe7885b5a70f5614142d254e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/css-variables.scss.css?v=369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Origin
https://bearyein.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 00:17:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
100353
x-guploader-uploadid
AHxI1nOKkp85IpJpVSw0suZ2ntb6ur1ao7BpHHKKPPmvGThsKKl2JYpQo-B7iDRSgsPbXY3BL8LbhQW9jA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22516
last-modified
Mon, 15 Jun 2020 17:26:03 GMT
server
UploadServer
etag
"7b6954b0ebc824a34193936d7001a89a"
x-goog-generation
1592241963490956
x-goog-hash
crc32c=zGaTAA==, md5=e2lUsOvIJKNBk5NtcAGomg==
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Disposition, Content-Length, Content-MD5, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-content-length-range, x-newrelic-id
cache-control
max-age=86400, public
x-goog-stored-content-length
22516
accept-ranges
bytes
content-type
font/woff2
expires
Sun, 04 Aug 2024 00:17:09 GMT
cabin_n4.woff2
themes.fourthwall.com/themes/fonts/woff2/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.fourthwall.com/themes/fonts/woff2/cabin_n4.woff2
Requested by
Host: themes.fourthwall.com
URL: https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/css-variables.scss.css?v=369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.179.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.179.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d10915a9f649491d7ae0785d1563051632e9ec57b48ffd27f8e116b9df364aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://themes.fourthwall.com/themes/assets/95ab5af9-0810-4598-98b6-44adb562b400/assets/styles/css-variables.scss.css?v=369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
Origin
https://bearyein.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 17:53:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36953
x-guploader-uploadid
AHxI1nM3-di4xH3QKdza86bCrd9I6uqn_xy5uEBEcEAEQ9i29QzUIPvfcpMXpT7_DzMXB8BKQ9Q-l7f4Hg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22876
last-modified
Mon, 15 Jun 2020 17:25:51 GMT
server
UploadServer
etag
"cb7a2d188dfbc0cdf7128f6ca0535164"
x-goog-generation
1592241951374950
x-goog-hash
crc32c=H4ltUA==, md5=y3otGI37wM33Eo9soFNRZA==
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Disposition, Content-Length, Content-MD5, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-content-length-range, x-newrelic-id
cache-control
max-age=86400, public
x-goog-stored-content-length
22876
accept-ranges
bytes
content-type
font/woff2
expires
Sun, 04 Aug 2024 17:53:49 GMT
cart.js
bearyein.com/ 		205 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/cart.js
Requested by
Host: freestyle
URL: webpack://freestyle/./node_modules/axios/lib/adapters/xhr.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
8dbaa2dd0feee58b8f73ed487194008213ee40d27e40e1c4bb0a42bd7fc1cb42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://bearyein.com/password
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
x-permitted-cross-domain-policies
none
content-security-policy-report-only
report-uri https://o276638.ingest.sentry.io/api/3755835/security/?sentry_key=3ca837c4b889463d8ab50e4ebb014331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-request-id
5559f4be-7d4e-4c2d-83ca-32da03a9f39c
pragma
no-cache
x-runtime
0.004766
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
no-store
link
<https://imgproxy.fourthwall.com>; rel=preconnect; crossorigin, Link: <https://themes.fourthwall.com>; rel="preconnect"; crossorigin
expires
Mon, 01 Jan 1990 00:00:00 GMT
3F44D1A4295C4973ACEAF75CD2138629.js
scripts.claspo.io/scripts/ 		385 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.97.43 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn.claspo.io
Software
nginx /
Resource Hash
37f7d21294c8e4503da2d2358ccc58864a8da79250b23966b82a0875131686eb

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 09:07:33 GMT
server
nginx
x-amz-server-side-encryption
AES256
x-proxy-host
cdn1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=30, public, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
x-proxy-cache
MISS
cookieconsent.js
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/cookieconsent.js
Requested by
Host: bearyein.com
URL: https://bearyein.com/_c/mtg.js?id=GTM-PV2BBNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85e254496474a23adf0e3000a780a2231b010e96351d83bbbd9358c50434965c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 04 Aug 2024 04:09:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
2689829
x-jsd-version
2.9.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6996
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
etag
W/"4718-zLUyFqVOqByb5JUVWSfgPbZAfVE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
bearyein.com/_c/gtag/ 		312 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/_c/gtag/js?id=G-DTMZKSKYTE&l=dataLayer&cx=c&sign=6d915da0b8c50c85c5178faa59ea6756d420b876e60ba6a002932f5632bdf234_20240804
Requested by
Host: bearyein.com
URL: https://bearyein.com/_c/mtg.js?id=GTM-PV2BBNN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2a8a0705a6ab8d15459b0137955f7537e3531d2e59d9343040c81e7d6abe6af6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bearyein.com/password
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 04:24:36 GMT
hu09awrg24
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hu09awrg24
Requested by
Host: bearyein.com
URL: https://bearyein.com/_c/mtg.js?id=GTM-PV2BBNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d01249db1ba8655999935f27fea5033eefaffa09252063504e862e5db7ee540

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date
Sun, 04 Aug 2024 04:09:42 GMT
x-azure-ref
20240804T040942Z-16b8f8f97cfd9jpfmzkx7z2zy00000000c8g000000008dmw
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
expires
-1
cookieconsent.css
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/cookieconsent.css
Requested by
Host: bearyein.com
URL: https://bearyein.com/_c/mtg.js?id=GTM-PV2BBNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 04 Aug 2024 04:09:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
2055207
x-jsd-version
2.9.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4880
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
etag
W/"4b71-tpMM2efa30o9bLmmNz/miPVXklM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
event
script.claspo.io/site-script/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/site-script/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bearyein.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Type,Accept,X-Requested-With,Access-Control-Allow-Headers,cl-customer-id,Access-Control-Allow-Origin,*
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
*
date
Sun, 04 Aug 2024 04:09:42 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
event
script.claspo.io/forms/v1/page/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v1/page/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cl-customer-id
Access-Control-Request-Method
POST
Origin
https://bearyein.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 04 Aug 2024 04:09:42 GMT
server
nginx
eyJmb3JtSWQiOjI4ODAwLCJ2YXJpYW50SWQiOjI4ODAwLCJsYW5nIjoiZW4iLCJicm93c2VyTGFuZ3VhZ2UiOiJlbiIsImFjY291bnRJZCI6MTc5OTcsInJldmlzaW9uIjoiNDk0YTVkMjAtYjhkNy00NzQyLWIzZTMtZjNhZWQyYjMxMzBkIiwiY2hlY2tUaGlzV...
script.claspo.io/forms/v3/page/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v3/page/eyJmb3JtSWQiOjI4ODAwLCJ2YXJpYW50SWQiOjI4ODAwLCJsYW5nIjoiZW4iLCJicm93c2VyTGFuZ3VhZ2UiOiJlbiIsImFjY291bnRJZCI6MTc5OTcsInJldmlzaW9uIjoiNDk0YTVkMjAtYjhkNy00NzQyLWIzZTMtZjNhZWQyYjMxMzBkIiwiY2hlY2tUaGlzV2lkZ2V0T25seSI6ZmFsc2UsInRyaWdnZXJlZEJ5IjoiUnVsZXMifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cl-customer-id
Access-Control-Request-Method
GET
Origin
https://bearyein.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
max-age=7200
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 04 Aug 2024 04:09:42 GMT
expires
Sun, 04 Aug 2024 06:09:42 GMT
server
nginx
event
script.claspo.io/site-script/v1/ 		34 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/site-script/v1/event
Requested by
Host: cdn.fourthwall.com
URL: https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 04:09:42 GMT
content-length
34
content-type
application/json
event
script.claspo.io/forms/v1/page/ 		0
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v1/page/event
Requested by
Host: scripts.claspo.io
URL: https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
cl-customer-id
949ABE86-7B76-555F-9031-F6AE64B5E5C0
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 04:09:42 GMT
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
eyJmb3JtSWQiOjI4ODAwLCJ2YXJpYW50SWQiOjI4ODAwLCJsYW5nIjoiZW4iLCJicm93c2VyTGFuZ3VhZ2UiOiJlbiIsImFjY291bnRJZCI6MTc5OTcsInJldmlzaW9uIjoiNDk0YTVkMjAtYjhkNy00NzQyLWIzZTMtZjNhZWQyYjMxMzBkIiwiY2hlY2tUaGlzV...
script.claspo.io/forms/v3/page/ 		24 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v3/page/eyJmb3JtSWQiOjI4ODAwLCJ2YXJpYW50SWQiOjI4ODAwLCJsYW5nIjoiZW4iLCJicm93c2VyTGFuZ3VhZ2UiOiJlbiIsImFjY291bnRJZCI6MTc5OTcsInJldmlzaW9uIjoiNDk0YTVkMjAtYjhkNy00NzQyLWIzZTMtZjNhZWQyYjMxMzBkIiwiY2hlY2tUaGlzV2lkZ2V0T25seSI6ZmFsc2UsInRyaWdnZXJlZEJ5IjoiUnVsZXMifQ==
Requested by
Host: scripts.claspo.io
URL: https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d207fd41424fb9f2eb0c05bac60dad77ca2f0627c9118da70f80bc366816202d

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
cl-customer-id
949ABE86-7B76-555F-9031-F6AE64B5E5C0
Content-Type
text/plain

Response headers

x-proxy-cache
EXPIRED
date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=7200
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
expires
Sun, 04 Aug 2024 06:09:42 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hu09awrg24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 19:54:07 GMT
etag
W/"0x8DCB263B4239D88"
vary
Accept-Encoding
x-azure-ref
20240804T040942Z-16b8f8f97cfd9jpfmzkx7z2zy00000000c8g000000008dn4
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1128b0f4-701e-0001-5760-e47107000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
f8d58475-a0fe-4169-b6c2-08ce334fa082.svg
cdn.claspo.io/img/77/forms/1043/ 		155 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.claspo.io/img/77/forms/1043/f8d58475-a0fe-4169-b6c2-08ce334fa082.svg
Requested by
Host: scripts.claspo.io
URL: https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.97.43 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn.claspo.io
Software
nginx /
Resource Hash
6c0130f75174217b9941bc74d1e80f6ae79b7c5aa9c3b242362501508e09b0fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sun, 04 Aug 2024 04:09:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Thu, 14 Jul 2022 20:38:31 GMT
server
nginx
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length
155
alt-svc
h3=":443"; ma=86400
expires
Mon, 05 Aug 2024 04:09:42 GMT
7a4d2f52-b5a8-4eb5-b2b7-1423e8121002.png
cdn.claspo.io/img/17669/forms/28800/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.claspo.io/img/17669/forms/28800/7a4d2f52-b5a8-4eb5-b2b7-1423e8121002.png
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.97.43 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn.claspo.io
Software
nginx /
Resource Hash
e845d6e658103b21fdc702965f8905d87f655f3c5e85c676f8ae5c003f6a6fbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sun, 04 Aug 2024 04:09:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Thu, 01 Aug 2024 06:28:43 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length
2768649
alt-svc
h3=":443"; ma=86400
expires
Mon, 05 Aug 2024 04:09:42 GMT
css2
fonts.googleapis.com/ 		78 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Open+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Noto+Sans+Arabic:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900
Requested by
Host: scripts.claspo.io
URL: https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
652d41a6866f8f7becc7de472c181840c10644c1c6a4bd6b352dfafad60816eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 04:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Aug 2024 04:09:42 GMT
f8d58475-a0fe-4169-b6c2-08ce334fa082.svg
cdn.claspo.io/img/77/forms/1043/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.claspo.io/img/77/forms/1043/f8d58475-a0fe-4169-b6c2-08ce334fa082.svg
Requested by
Host: bearyein.com
URL: https://bearyein.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.97.43 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn.claspo.io
Software
nginx /
Resource Hash
6c0130f75174217b9941bc74d1e80f6ae79b7c5aa9c3b242362501508e09b0fa

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sun, 04 Aug 2024 04:09:42 GMT
last-modified
Thu, 14 Jul 2022 20:38:31 GMT
server
nginx
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length
155
alt-svc
h3=":443"; ma=86400
expires
Mon, 05 Aug 2024 04:09:42 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2130 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-61.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2475
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 03:28:31 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 29 Jul 2024 20:02:37 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
x-amz-cf-id
1fvEarSa7rrsbHDafPD4fWFbbpEPvAuSNuTQTECX35nmUm5dKfBL3A==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
event
script.claspo.io/forms/v1/ 		0
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v1/event
Requested by
Host: scripts.claspo.io
URL: https://scripts.claspo.io/scripts/3F44D1A4295C4973ACEAF75CD2138629.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
cl-customer-id
949ABE86-7B76-555F-9031-F6AE64B5E5C0
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 04:09:42 GMT
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
event
script.claspo.io/forms/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://script.claspo.io/forms/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cl-customer-id
Access-Control-Request-Method
POST
Origin
https://bearyein.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 04 Aug 2024 04:09:42 GMT
server
nginx
nwpCtLGrOAZMl5nJ_wfgRg3DrWFZWsnVBJ_sS6tlqHHFlj4wv4o.woff2
fonts.gstatic.com/s/notosansarabic/v18/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansarabic/v18/nwpCtLGrOAZMl5nJ_wfgRg3DrWFZWsnVBJ_sS6tlqHHFlj4wv4o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Open+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Noto+Sans+Arabic:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e6e9a42ac38977b815f096c1a24bac7e7be292fc9691107263b9241aaee531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bearyein.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:56:52 GMT
x-content-type-options
nosniff
age
403970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90532
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 11:56:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Open+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Noto+Sans+Arabic:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bearyein.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options
nosniff
age
393183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 14:56:39 GMT
collect
o.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: cdn.fourthwall.com
URL: https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bearyein.com
Date
Sun, 04 Aug 2024 04:09:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
bearyein.com/_c/g/ 		872 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/_c/g/collect?v=2&tid=G-DTMZKSKYTE&gtm=45he47v0v9115863754z89115035226za200zb9115035226&_p=1722744582082&gcs=G111&gcd=13r3rPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1785703041.1722744583&ecid=2007693506&ul=de-de&sr=1600x1200&_fplc=0&ur=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=629035377.1722744583&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13r3rPl2l5&sst.tft=1722744582082&sst.ude=0&_s=1&sid=1722744582&sct=1&seg=0&dl=https%3A%2F%2Fbearyein.com%2Fpassword&dt=Coming%20soon%20%7C%20BearyEin&en=page_view&_fv=1&_nsi=1&_ss=1&up.application=browser&tfd=1350&richsstsse
Requested by
Host: cdn.fourthwall.com
URL: https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
23f05b3d76ec6c87add6b8e9da3b0c4a4f538ccdcc8ada8c94b12ff57900914e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/password
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&RedC=c.clarity.ms&MXFR=01DD2447A5C16C4D1F713096A1C16264
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&MUID=1D9F2CE135CF6FFA389E3830341D6EEF
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&MUID=1D9F2CE135CF6FFA389E3830341D6EEF
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:42 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1BA895C74B8C4C8589530A70C34233B3 Ref B: FRAEDGE2017 Ref C: 2024-08-04T04:09:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3CA6112CF8214494ABBEEA53F0DE4A8A&MUID=1D9F2CE135CF6FFA389E3830341D6EEF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
BJzIvJ2YGr4.webp
imgproxy.fourthwall.com/g1RQg3OFmDig_T6Mi_iryEPx2GoCMhyegaSPjUmWzxM/s:48:48/sm:1/enc/NDQ1NjhlYjczZDJh/Njg5No-lO8yxpsY6/kZmT0PAkNtck2mMR/Oytx-bb9oPX_PCrn/7s0-FV7AT0udxOMJ/ZjepcmgghfnfhG-v/NBNP7UxFDZ... 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imgproxy.fourthwall.com/g1RQg3OFmDig_T6Mi_iryEPx2GoCMhyegaSPjUmWzxM/s:48:48/sm:1/enc/NDQ1NjhlYjczZDJh/Njg5No-lO8yxpsY6/kZmT0PAkNtck2mMR/Oytx-bb9oPX_PCrn/7s0-FV7AT0udxOMJ/ZjepcmgghfnfhG-v/NBNP7UxFDZIhub0r/jIYheX93CQi2cltp/f4BH9pzcLcjDBDxS/yg-tWoyZsQ8qEJD2/juGVtysD3E6Qa5P2/FZpAAyZmGP70qMVu/IsMhM0ur6_UTmDzE/rlWnL28uMi0wPx7v/BJzIvJ2YGr4.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.183.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7a847d0ce8155f71e8af64109b0c4267b1f6a413c6b345b3d942319d11487a26
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:43 GMT
content-security-policy
script-src 'none'
via
1.1 google
strict-transport-security
max-age=31536000
etag
"KmFCEeLoIxv1zGn57K7GWmqmknT4HWjbp2XyGTnoSUY/RIjQzYTUyZTVjZDAyNjU2ZTk5YjU4YjU0MTIxNDkwZTYwIg"
vary
Accept
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600,public
content-disposition
inline; filename="95ab5af9-0810-4598-98b6-44adb562b400_favicon.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1504
x-request-id
b9c1f29f-4d94-4288-bbd9-a809bad918c8
collect
region1.analytics.google.com/g/s/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&gtm=45h91e47v1v9115863754z89115035226z99164800067za200zb9115035226&_gsid=DTMZKSKYTEg8FcmSFU8fakQ9AY_0EF-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&tid=G-DTMZKSKYTE&cid=KBF3cB731xnHpYInABXVWQHe9iGA5nd25WPRJ2TVxgw%3D.1722744583&gtm=45h91e47v1v9115863754z89115035226z99164800067za200zb9115035226&aip=1&z=798783865
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&tid=G-DTMZKSKYTE&cid=KBF3cB731xnHpYInABXVWQHe9iGA5nd25WPRJ2TVxgw%3D.1722744583&gtm=45h91e47v1v9115863754z89115035226z99164800067za200zb9115035226&aip=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
bearyein.com/_c/g/ 		355 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bearyein.com/_c/g/collect?v=2&tid=G-DTMZKSKYTE&gtm=45he47v0v9115863754za200zb9115035226&_p=1722744582082&gcs=G111&gcd=13r3rPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1785703041.1722744583&ecid=2007693506&ul=de-de&sr=1600x1200&_fplc=0&ur=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sst.rnd=629035377.1722744583&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13r3rPl2l5&sst.tft=1722744582082&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1722744582&sct=1&seg=0&dl=https%3A%2F%2Fbearyein.com%2Fpassword&dt=Coming%20soon%20%7C%20BearyEin&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1857&richsstsse
Requested by
Host: cdn.fourthwall.com
URL: https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.223.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.223.117.34.bc.googleusercontent.com
Software
/
Resource Hash
cc359e3b9011871c02a3962dbb9dadf7b16c36ebfb6f7bcf32b864848c3b1a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bearyein.com/password
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 04:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering
no
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&tid=G-DTMZKSKYTE&cid=KBF3cB731xnHpYInABXVWQHe9iGA5nd25WPRJ2TVxgw%3D.1722744583&gtm=45h91e47v1v9115863754z99164800067za200zb9115035226&aip=1&z=744557890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
o.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: cdn.fourthwall.com
URL: https://cdn.fourthwall.com/shop-event-listener/shop-events-listener.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://bearyein.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bearyein.com
Date
Sun, 04 Aug 2024 04:09:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| shopName string| shopId string| cookie_policy object| dataLayer object| eventsListenerScript object| fourthwallTheme function| claspo function| require object| google_tag_manager object| google_tag_data function| gtag function| clarity function| initCookieConsent object| _clConfig function| scriptLog09u8y9 number| globalHistoryLength object| webpackChunkStripeJSouter function| noop function| Stripe function| p function| h function| v function| onYouTubeIframeAPIReady object| gaGlobal

17 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: bdd0e2edc57345069072e5a5304ac1ba.20240804.20250804
.bearyein.com/ Name: _ga
Value: GA1.1.1785703041.1722744583
.bearyein.com/ Name: _ga_DTMZKSKYTE
Value: GS1.1.1722744582.1.0.1722744582.0.0.2007693506
.bearyein.com/ Name: FPID
Value: FPID2.2.KBF3cB731xnHpYInABXVWQHe9iGA5nd25WPRJ2TVxgw%3D.1722744583
.bearyein.com/ Name: FPAU
Value: 1.2.1358272978.1722744583
.bearyein.com/ Name: FPGSID
Value: 1.1722744582.1722744582.G-DTMZKSKYTE.g8FcmSFU8fakQ9AY_0EF-Q
.bing.com/ Name: MUID
Value: 1D9F2CE135CF6FFA389E3830341D6EEF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1D9F2CE135CF6FFA389E3830341D6EEF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1D9F2CE135CF6FFA389E3830341D6EEF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
m.stripe.com/ Name: m
Value: bbda09f8-28b5-4ae4-a0cd-f2aacdc1148e82f585
.bearyein.com/ Name: __stripe_mid
Value: 69de327f-fb2f-415f-a0a7-00e80f086ae548cda6
.bearyein.com/ Name: __stripe_sid
Value: 359fd371-f4b2-4470-a164-8c3643cc5d8b8821e6
.bearyein.com/ Name: FPLC
Value: TRtezd7eK%2FZ%2F%2Bj%2BQWyV8ejTNc8Hii%2Bne%2ByqduwOjvm0Mr%2B2RHpveS8dthFBB2pSVvoftFRQLTxu8pdg9RpWz1ek50G%2BAeXqih9vO%2Fs4byLvJq7NChLb0AHycdckotg%3D%3D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://bearyein.com/password
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bearyein.com
c.bing.com
c.clarity.ms
cdn.claspo.io
cdn.fourthwall.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
imgproxy.fourthwall.com
js.stripe.com
o.clarity.ms
region1.analytics.google.com
script.claspo.io
scripts.claspo.io
sparklecat.eu
stats.g.doubleclick.net
themes.fourthwall.com
www.clarity.ms
www.google.de
13.74.129.1
2001:4860:4802:34::36
2620:1ec:bdf::44
2620:1ec:c11::237
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a02:2350:5:102:a7:c33d:c80d:cd1f
2a04:4e42:200::485
2a05:d018:1cfb:1f20:6293:ebb5:d9b1:3ad7
34.102.183.68
34.107.179.111
34.117.223.165
5.9.97.43
52.152.143.207
52.222.214.61
0d01249db1ba8655999935f27fea5033eefaffa09252063504e862e5db7ee540
10d263ff23b1a5021041dcb4c5ef853f0d79884df630b789476de1fe05dda51c
23f05b3d76ec6c87add6b8e9da3b0c4a4f538ccdcc8ada8c94b12ff57900914e
2a8a0705a6ab8d15459b0137955f7537e3531d2e59d9343040c81e7d6abe6af6
2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
2e1fbd7e48f9a62315f363850007c59862721ec0fe7885b5a70f5614142d254e
369ed5b8536dcfe06f5a09d4ab253f4b63ec0112e02e7bd4acf5a84ea13417b8
37f7d21294c8e4503da2d2358ccc58864a8da79250b23966b82a0875131686eb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
56868d59f5c1f259bb6b6fabf8fb5676ee474ded4c4d823d3d89d389e967d6ca
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
652d41a6866f8f7becc7de472c181840c10644c1c6a4bd6b352dfafad60816eb
6c0130f75174217b9941bc74d1e80f6ae79b7c5aa9c3b242362501508e09b0fa
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241
7a847d0ce8155f71e8af64109b0c4267b1f6a413c6b345b3d942319d11487a26
85e254496474a23adf0e3000a780a2231b010e96351d83bbbd9358c50434965c
8dbaa2dd0feee58b8f73ed487194008213ee40d27e40e1c4bb0a42bd7fc1cb42
9686ef7a0cf727f8c5e93ef63d91cba17838ba20cf9fa303e76ff70de4e99cc8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ae9380f04f56f2fa460bb18c093ba7e8cf4c5a3f211b423b1fa9ce4d8b491590
b7fdac61a90ad1e625b76fc6f1342182af70842cac88754be5a33627c4de548e
c8660d42d7570e898c71ad7891e1cbf9d7a84b5dec7878870adfa36304aa082e
cc359e3b9011871c02a3962dbb9dadf7b16c36ebfb6f7bcf32b864848c3b1a64
d10915a9f649491d7ae0785d1563051632e9ec57b48ffd27f8e116b9df364aae
d207fd41424fb9f2eb0c05bac60dad77ca2f0627c9118da70f80bc366816202d
e360c390fa1712efd21dc232e4376c055f5abd24d4bddb45b5c8f89d89333145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e845d6e658103b21fdc702965f8905d87f655f3c5e85c676f8ae5c003f6a6fbb
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e6e9a42ac38977b815f096c1a24bac7e7be292fc9691107263b9241aaee531
f9586b170d9c24f2d4c3557ddde37cfc32d8ec09e8e5d6cc8a8604af1cd1d7fb
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f