www.thehelmsteam.com Open in urlscan Pro
34.214.40.214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thehelmsteam.com/
Effective URL:
https://www.thehelmsteam.com/
Submission: On May 29 via automatic, source certstream-suspicious (May 29th 2020, 6:21:38 am UTC)

Summary HTTP 94 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 94 HTTP transactions. The main IP is 34.214.40.214, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.thehelmsteam.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 28th 2020. Valid for: 3 months.

This is the only time www.thehelmsteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.201.172.103 54.201.172.103	16509 (AMAZON-02) (AMAZON-02)
37	34.214.40.214 34.214.40.214	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.95.92 13.224.95.92	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:219... 2600:9000:2190:2000:1d:4d22:8b40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	216.58.207.70 216.58.207.70	15169 (GOOGLE) (GOOGLE)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.202.78.21 34.202.78.21	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.130.103 52.30.130.103	16509 (AMAZON-02) (AMAZON-02)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1 3	2.16.31.65 2.16.31.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.95.97 13.224.95.97	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
4	35.164.86.206 35.164.86.206	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	52.17.112.187 52.17.112.187	16509 (AMAZON-02) (AMAZON-02)
7	34.66.112.113 34.66.112.113	15169 (GOOGLE) (GOOGLE)
11	52.216.88.69 52.216.88.69	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
94	27

1 54.201.172.103 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-172-103.us-west-2.compute.amazonaws.com

thehelmsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 34.214.40.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-40-214.us-west-2.compute.amazonaws.com

www.thehelmsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-92.zrh50.r.cloudfront.net

papiphotos.remax-im.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2190:2000:1d:4d22:8b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.remax-prod.booj.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.70 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net

9793289.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

8484482.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.78.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-78-21.compute-1.amazonaws.com

pixel.adwerx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.130.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-130-103.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.31.65 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-97.zrh50.r.cloudfront.net

aws-api-gateway-prod.remax.booj.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.164.86.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-86-206.us-west-2.compute.amazonaws.com

public-api-gateway-prod.kube.remax.booj.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
remax-auth-prod.kube.remax.booj.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.112.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-112-187.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.66.112.113 (United States)

ASN15169 (GOOGLE, US)
PTR: 113.112.66.34.bc.googleusercontent.com

remax-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.88.69 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	thehelmsteam.com 1 redirects thehelmsteam.com www.thehelmsteam.com	8 MB
11	amazonaws.com s3.amazonaws.com	242 KB
8	quantummetric.com cdn.quantummetric.com remax-app.quantummetric.com	58 KB
8	booj.io media.remax-prod.booj.io aws-api-gateway-prod.remax.booj.io public-api-gateway-prod.kube.remax.booj.io remax-auth-prod.kube.remax.booj.io	6 MB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	88 KB
5	doubleclick.net 2 redirects 9793289.fls.doubleclick.net 8484482.fls.doubleclick.net googleads.g.doubleclick.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	176 KB
3	google.com www.google.com	748 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	bing.com bat.bing.com	8 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	sentry.io sentry.io	519 B
1	google.de www.google.de	107 B
1	xg4ken.com resources.xg4ken.com	5 KB
1	adwerx.com pixel.adwerx.com
1	googleadservices.com www.googleadservices.com	11 KB
1	remax-im.com papiphotos.remax-im.com	18 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	googleapis.com fonts.googleapis.com	809 B
94	19

	Domain	Requested by
37	www.thehelmsteam.com	www.thehelmsteam.com
11	s3.amazonaws.com
7	remax-app.quantummetric.com	www.thehelmsteam.com
4	fonts.gstatic.com	www.thehelmsteam.com
3	public-api-gateway-prod.kube.remax.booj.io	www.thehelmsteam.com
3	www.google.com	www.thehelmsteam.com www.gstatic.com
3	sb.scorecardresearch.com	1 redirects www.thehelmsteam.com
3	cdn.krxd.net	www.thehelmsteam.com cdn.krxd.net
3	media.remax-prod.booj.io	www.thehelmsteam.com
2	8484482.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	9793289.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.com	www.googletagmanager.com www.thehelmsteam.com
2	www.google-analytics.com	www.googletagmanager.com www.thehelmsteam.com
1	sentry.io	www.thehelmsteam.com
1	beacon.krxd.net	cdn.krxd.net
1	consumer.krxd.net	cdn.krxd.net
1	www.google.de	www.thehelmsteam.com
1	www.gstatic.com	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	remax-auth-prod.kube.remax.booj.io	www.thehelmsteam.com
1	aws-api-gateway-prod.remax.booj.io	www.thehelmsteam.com
1	resources.xg4ken.com	www.thehelmsteam.com
1	pixel.adwerx.com	www.googletagmanager.com
1	cdn.quantummetric.com	www.thehelmsteam.com
1	www.googleadservices.com	www.googletagmanager.com
1	papiphotos.remax-im.com	www.thehelmsteam.com
1	www.googletagmanager.com	www.thehelmsteam.com
1	fonts.googleapis.com	www.thehelmsteam.com
1	thehelmsteam.com	1 redirects
94	29

This site contains links to these domains. Also see Links.

Domain
www.google.com
thehelmsteam.com
booj.com
www.mozilla.org
www.microsoft.com

Subject Issuer	Validity	Valid
www.thehelmsteam.com Let's Encrypt Authority X3	`2020-05-28` - `2020-08-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
remax-im.com Amazon	`2019-12-14` - `2021-01-14`	a year	crt.sh
*.remax-dev.booj.io Amazon	`2019-07-23` - `2020-08-23`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
*.adwerx.com Amazon	`2020-03-23` - `2021-04-23`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2017-12-17` - `2020-12-17`	3 years	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.remax.booj.io Amazon	`2019-12-13` - `2021-01-13`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.booj.io Amazon	`2020-04-23` - `2021-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-28` - `2021-02-13`	2 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
sentry.io Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.thehelmsteam.com/
Frame ID: 35D0D89633FC708A7C6D3F68237F5130
Requests: 91 HTTP requests in this frame

Frame: https://9793289.fls.doubleclick.net/activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F
Frame ID: 79CF7A49512C45D973F91AC1A5D2DE8A
Requests: 1 HTTP requests in this frame

Frame: https://8484482.fls.doubleclick.net/activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F
Frame ID: D9D06294176D100337C1812234B68D71
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 8DE1553FF25548231A3F4DE28974C31D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRebYUAAAAABcj2BI1OCvUWdn80jCZaYz6awM6&co=aHR0cHM6Ly93d3cudGhlaGVsbXN0ZWFtLmNvbTo0NDM.&hl=en&v=HYx6hBAtwYatsD8qzq7tXNTk&size=invisible&cb=3wwlyjz5gz2c
Frame ID: 5008CA395E47E95BBB5111891A4E9519
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://thehelmsteam.com/ HTTP 301
https://www.thehelmsteam.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-v(?:ue)-/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

94
Requests

90 %
HTTPS

41 %
IPv6

19
Domains

29
Subdomains

27
IPs

4
Countries

14837 kB
Transfer

15599 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/dir/?api=1&destination=93%20King%20St%2C%20Saint%20Augustine%2C%20FL%2032084
Title: 93 King St Saint Augustine, FL 32084

Search URL Search Domain Scan URL

URL: http://thehelmsteam.com/
Title: Our Website

Search URL Search Domain Scan URL

URL: https://booj.com/
Title: booj

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thehelmsteam.com/ HTTP 301
https://www.thehelmsteam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://9793289.fls.doubleclick.net/activityi;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F HTTP 302
https://9793289.fls.doubleclick.net/activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F

Request Chain 40

https://8484482.fls.doubleclick.net/activityi;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F HTTP 302
https://8484482.fls.doubleclick.net/activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F

Request Chain 61

https://sb.scorecardresearch.com/b?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9=

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.thehelmsteam.com/
Redirect Chain

https://thehelmsteam.com/
https://www.thehelmsteam.com/

938 KB
938 KB

899ms
375ms

Document
text/html

34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 9f64252defc1bc7bd1351854b92c7d28c3d98dd277884611c2f0b10ccbd6e553

Request headers

Host: www.thehelmsteam.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: openresty/1.15.8.2
Date: Fri, 29 May 2020 06:21:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 960443
Connection: keep-alive
ETag: "ea7bb-68YcNagxgjB3Zt8NLWHCucLqHbU"
Accept-Ranges: none
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SEA19-C2
X-Amz-Cf-Id: 9w4HT3r4Wr3nc3MM5Z7prDGRTMlRMXN8bKPEl8Oq97Dfe3UmVETZrA==
Age: 8

Redirect headers

Server: openresty/1.15.8.2
Date: Fri, 29 May 2020 06:21:03 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.thehelmsteam.com/

GET
H/1.1 200
OK 214826f820d02230d314.js Show response
www.thehelmsteam.com/_nuxt/ 6 KB
6 KB 558ms
206ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: ae8266dfbabd70cf7076f75463920fc99d06e0d0a62b8d946bcf0dc9e5b19a8a

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"166d-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 5741
X-Amz-Cf-Id: 8sgV_GfF0ARRrU72eUDkJh__5qvcafaFxe_Vx9KmpfzzLpmoK3Z-0g==

GET
H/1.1 200
OK b407cd355fb582fee57e.js Show response
www.thehelmsteam.com/_nuxt/ 182 KB
182 KB 705ms
353ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/b407cd355fb582fee57e.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: ff8aec09125437db07681218ff8135fdfd982f3926c529503a9dbf10f7b1ba43

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"2d7c1-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 186305
X-Amz-Cf-Id: MzlZxJaDNXuKAuGqV6rmF6x-pwaY_XPEsf9Xp2QKrPjQQ5g0NzNwSw==

GET
H/1.1 200
OK 58bf43df9d68c3cb98aa.js Show response
www.thehelmsteam.com/_nuxt/ 3 MB
3 MB 719ms
365ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 7ff97e76181fc8c003afdd6fd34e17826c4490f08b12cdbd5667c9435bb133e8

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 814362d7589b223cc8927cc821d97136.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"3016e4-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 3151588
X-Amz-Cf-Id: vG2dGMGLkVNgzYlln9P-VB_-SceMVggJjx-cRkGhNHLG39q_nmB5Vw==

GET
H/1.1 200
OK 4a8f856aa9063d748318.js Show response
www.thehelmsteam.com/_nuxt/ 1 MB
1 MB 714ms
358ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/4a8f856aa9063d748318.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: a7fbf7baf85d04dc697755068dc9ab14d888c00ab605b1a81cc5efd4548fc07e

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"100fc5-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 1052613
X-Amz-Cf-Id: Ldh3WEU8UknhdopXIa8LupDXkWb9Nwd6MkxVPN2dZbLtPMRRe61TiA==

GET
H/1.1 200
OK 30759bed5392f0d65b86.js Show response
www.thehelmsteam.com/_nuxt/ 16 KB
16 KB 718ms
360ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/30759bed5392f0d65b86.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: aecf61cc02a9e608b74e109f8f13ec4880c3e7b70d2782358d7f2fe19cfe6b42

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"3f73-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 16243
X-Amz-Cf-Id: L_8wHuUVIVn_7NWUmkUpTydfA1-vyYXmLl6qEjyJOV-kVokII0FfQQ==

GET
H/1.1 200
OK a384973f7c60e6a16ee3.js Show response
www.thehelmsteam.com/_nuxt/ 40 KB
41 KB 919ms
362ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/a384973f7c60e6a16ee3.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: de1a2274f53b04ff200e972dae443392e73d60c21169fd46fcec1084113c3ab8

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"a173-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 41331
X-Amz-Cf-Id: oLM8GXdlfubGMPxqmsucnuhRXEOWMileqmzPHfC7ts4vWgwKdmTLlQ==

GET
H/1.1 200
OK 326da01352d9b4a1bee8.js Show response
www.thehelmsteam.com/_nuxt/ 5 KB
6 KB 922ms
203ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/326da01352d9b4a1bee8.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 6fbf871e6fbc726133dfac516bc7c7580a0a97aac08e4cc3d018e8f2f3bada75

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 3a6260aec53985f2e6eb8a637c47918d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"1534-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 5428
X-Amz-Cf-Id: 9FOFpSxSEtMWAEtb9fE4NsZk6iWhXT_1kmIkS9H4h69AERHl1e2Jgg==

GET
H/1.1 200
OK a8f9ea79b570016bad00.js Show response
www.thehelmsteam.com/_nuxt/ 5 KB
5 KB 1049ms
215ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/a8f9ea79b570016bad00.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 98e41299ffbb5569065172d7f4383298f74eb165000ab15792073d972b1b6f35

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"132d-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 4909
X-Amz-Cf-Id: gT0lFqzVjFOjeYesmcItFzbYLlui3FKkWA-u1RPHz3B3lcUkwZJUFQ==

GET
H/1.1 200
OK 7261ecca37145a031fa5.js Show response
www.thehelmsteam.com/_nuxt/ 31 KB
32 KB 1124ms
202ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/7261ecca37145a031fa5.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: fed02aa40ff85a2c798117154cd7250d1b854d5c0e4b52f74883d4cf75689e73

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 ec2a2c75c16156e4d43504606c118b91.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"7c28-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 31784
X-Amz-Cf-Id: l1lPmYLO53fyTsMqjuVqRqN1hPjzl8xN5U2V5LP88Y7kZilWJ8NreQ==

GET
H/1.1 200
OK 2d7037af69b25809584b.js Show response
www.thehelmsteam.com/_nuxt/ 23 KB
23 KB 1140ms
213ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/2d7037af69b25809584b.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: a319d7be908be5ac38aa27f9b9ecd1a787ed4b72de703ea930c44ae4c9c797c8

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"5a4a-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 23114
X-Amz-Cf-Id: zOsU-QmYqebGIuzi1ILfKH5ZfE74l4kZQpTiqXFYs6QnVZqqsXzZ8A==

GET
H/1.1 200
OK 8ced443445820c9456af.js Show response
www.thehelmsteam.com/_nuxt/ 19 KB
20 KB 1243ms
207ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/8ced443445820c9456af.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: c8760c0e7d2592a744bd30641f288d9092dc047d10083162d3ea509691bf0e53

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"4c38-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 19512
X-Amz-Cf-Id: N4s0o8MX7Fi02ai7lO7BVxnVFmNg76hgGGXchAFVvaGN1I4kw7lJ-A==

GET
H/1.1 200
OK 11b625e3140798bf99fe.js Show response
www.thehelmsteam.com/_nuxt/ 9 KB
10 KB 1264ms
214ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/11b625e3140798bf99fe.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: ce501b1615df9cb714c9837fc38c4e373ca6079ca6ffa0e745b6968d977364f6

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 be082a2326b7d49643607b097f1e7181.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"24f3-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 9459
X-Amz-Cf-Id: oiSjq6lTzj7kWZZ93Hac76VXPATWZzW8UwuBuUwH-r6PUPU8U0tIAw==

GET
H/1.1 200
OK 5ac0ddfec04a1dbbeec5.js Show response
www.thehelmsteam.com/_nuxt/ 7 KB
7 KB 1351ms
209ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/5ac0ddfec04a1dbbeec5.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 485bfb0cd6a2615d072e9d7649f84d2e500ee0f6cb93ef7ac6aff4085bdcc3fc

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 f9d716a351f14a0ac1fac2449734849b.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"1a59-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 6745
X-Amz-Cf-Id: LJIJf9RAoxW_dfELkRTNsIjY7VpaxcH69ZZTfuh0h6Gtiqn9MXf6PQ==

GET
H/1.1 200
OK 9ade1409c8e99c1ea107.js Show response
www.thehelmsteam.com/_nuxt/ 23 KB
23 KB 1449ms
201ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/9ade1409c8e99c1ea107.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: a4a7011cc05cb0477775e8cc2965417a52b15c71adaea881738e787caeead545

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 ec2a2c75c16156e4d43504606c118b91.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"5ab3-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 23219
X-Amz-Cf-Id: JZ5KuPfsyWOKJyqMZlO7ckgULiJ6nrav9bALKn8zy_e5Fu3F24kAcQ==

GET
H/1.1 200
OK 366de81d8627c45f1d15.js Show response
www.thehelmsteam.com/_nuxt/ 20 KB
21 KB 1480ms
215ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/366de81d8627c45f1d15.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: c10430e97277b338e17d355628165077094deeeb461cbe3f2011bd5961b6d32a

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 3
ETag: W/"5168-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 20840
X-Amz-Cf-Id: e4xzPDRZEqyNykY156qJp7fa2-MeWeNqaQxYIE4UCgM0g0AHVecl0A==

GET
H/1.1 200
OK 63c60a8dfc6b61ea992e.js Show response
www.thehelmsteam.com/_nuxt/ 19 KB
20 KB 1470ms
198ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/63c60a8dfc6b61ea992e.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: c9b0997572e02488cc13402476634f061f76a351fea6ae852bd491bfe4e645c7

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:05 GMT
Via: 1.1 deaaf0548506de20925615eb51a7ea7f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 6
ETag: W/"4d6a-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 19818
X-Amz-Cf-Id: PW5g9wqmD7LfZslL-6QqdVuzp86gxowJFIdoFh2l8XXBgIF9xpiF3A==

GET
H/1.1 200
OK 41a6aaef671ae7a92382.js Show response
www.thehelmsteam.com/_nuxt/ 3 KB
4 KB 1559ms
207ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/41a6aaef671ae7a92382.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 1f2fe9d7d4b5638763c2324746b76d24783896687bc7a42a2c35730eaa4b982a

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 6
ETag: W/"c22-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 3106
X-Amz-Cf-Id: Rv0dIILYl386rR9KV-ADwWjsmnU0mXHwKann0IVRMMhivCH-BhJ-4A==

GET
H/1.1 200
OK 904cc1fc7ff7f9f6019e.js Show response
www.thehelmsteam.com/_nuxt/ 4 KB
4 KB 1647ms
197ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/904cc1fc7ff7f9f6019e.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 47c9c801088f04b20e42b452db853786e8289c8af69040629c0d24ce5f69d6e4

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 ec2a2c75c16156e4d43504606c118b91.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"f23-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 3875
X-Amz-Cf-Id: f_g2TNiXWzCaf2hEgE1U0mlNpjfGnOmmFk30R0KJKyXx33L_alIaXw==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
809 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa03b5dee58c316ca0be1918ac2a62cc89c73fc7833898072eee86bf646c03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 May 2020 06:21:04 GMT
server: ESF
date: Fri, 29 May 2020 06:21:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 May 2020 06:21:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
35 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48a27286943705587389e68c9b1abb9f67ac19bb314c361ad1a3c06bdb53a90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:05 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35806
x-xss-protection: 0
last-modified: Fri, 29 May 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 May 2020 06:21:05 GMT

GET
H/1.1 200
OK REMAX-logo-no-trademark.jpg
www.thehelmsteam.com/ 37 KB
38 KB 924ms
192ms Image
image/jpeg 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/REMAX-logo-no-trademark.jpg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 94070495f25eaa00d1a28abb1ffbce564e1da14bf4f8239cd9638e2029241c87

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 68eedbdfabd017beabf28d04341fec21.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:14:19 GMT
Server: openresty/1.15.8.2
Age: 6
ETag: W/"94a7-17258d821f8"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=0
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 38055
X-Amz-Cf-Id: zF2rXWGOtUrT-F2LLr03vSdkDmFO_VGR4-7Qa-3jKgTnOEoZ8ZhaBw==

GET
H2 200 MainPhoto_orig.jpg
papiphotos.remax-im.com/Team/102023362/MainPhoto/ 17 KB
18 KB 853ms
745ms Image
image/jpeg 13.224.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://papiphotos.remax-im.com/Team/102023362/MainPhoto/MainPhoto_orig.jpg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 164841b0054c829219e2649ab54a4fab532e1a468c04364b66e613817504e881

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:07 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 17:13:36 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "4e4b46fe820d975c500caac1b5e13fc7"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 17645
x-amz-cf-id: DbJAEbOvlsV5kphC_8kurd1TrIzoFE8kH1ICksi_MA1GyCDDxvP3iA==

GET
H/1.1 200
OK 2928664.svg
www.thehelmsteam.com/_nuxt/img/ 11 KB
11 KB 207ms
207ms Image
image/svg+xml 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/_nuxt/img/2928664.svg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"2a34-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 10804
X-Amz-Cf-Id: M2VAilZszQv-sU6Gr2xhmv04PS6hObmlzkJz56qcQ41gk5Hp7hfYSw==

GET
H/1.1 200
OK 56b4468.svg
www.thehelmsteam.com/_nuxt/img/ 22 KB
23 KB 197ms
197ms Image
image/svg+xml 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/_nuxt/img/56b4468.svg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 b4085435efbe95a420f374958bd145bf.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"590b-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 22795
X-Amz-Cf-Id: tnPyJwuTrWxvKLvswSkVbZSv6nrQSTEGZon4GIwh8K7Ac5nth-VNvQ==

GET
H2 200 modern-kitchen.png
media.remax-prod.booj.io/d4a545b7-21f7-3948-bb38-a801b570c13e/ 2 MB
2 MB 342ms
15ms Image
image/png 2600:9000:2190:2000:1d:4d22:8b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.remax-prod.booj.io/d4a545b7-21f7-3948-bb38-a801b570c13e/modern-kitchen.png
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:2000:1d:4d22:8b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0303aee1910dccc6d71ab5d8c1a6c2fe3fa946386ed0a739733dfcd24e88b7e

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 06:40:07 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
last-modified: Mon, 16 Dec 2019 19:17:59 GMT
server: AmazonS3
age: 85259
etag: "933bb303e25f73ab45ad4144c4a7b3bd"
x-cache: Hit from cloudfront
x-amz-version-id: 8JmWi.lBtqr4niESpDxRt6UyztibQ.zT
status: 200
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 2328618
x-amz-cf-id: Wt99afxd1sbis6wipawq9XoGKI2BZxOLdk15I4UNaTLEljJhu3uwaQ==

GET
H2 200 cozy-living-room.jpg
media.remax-prod.booj.io/15153832-6e64-3e17-8957-852abca875b6/ 1 MB
1 MB 397ms
70ms Image
image/jpeg 2600:9000:2190:2000:1d:4d22:8b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.remax-prod.booj.io/15153832-6e64-3e17-8957-852abca875b6/cozy-living-room.jpg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:2000:1d:4d22:8b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3272dff460ad2ac73e9188914462fe159565de2a762392086d9ae264507ce9b5

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 12:33:05 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
last-modified: Mon, 16 Dec 2019 19:08:38 GMT
server: AmazonS3
age: 64080
etag: "7fd073459cc7c6720e0d64c8fe4adfca"
x-cache: Hit from cloudfront
x-amz-version-id: XdU8YtSYGZdoUzKwc9bgK764bcu0xZFW
status: 200
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1463756
x-amz-cf-id: gBYek7AwtXtbWKgTF_PvKDqgjqlb-4tfONhK-vJAs4mxSib2Xxb9Hg==

GET
H2 200 Home-Exterior-with-Backyard-Pool-1.jpg
media.remax-prod.booj.io/3185f354-5439-3abc-907b-80f5c4ec0c12/ 2 MB
2 MB 397ms
71ms Image
image/jpeg 2600:9000:2190:2000:1d:4d22:8b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.remax-prod.booj.io/3185f354-5439-3abc-907b-80f5c4ec0c12/Home-Exterior-with-Backyard-Pool-1.jpg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:2000:1d:4d22:8b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed9c93339a79a3ab42d280f9545ed81be23f5fcfac40d801fb61d8a4e30fb5b5

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 07:40:05 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
last-modified: Mon, 16 Dec 2019 19:17:53 GMT
server: AmazonS3
age: 81661
etag: "96153e28f923101b18c7010e3e9c9492"
x-cache: Hit from cloudfront
x-amz-version-id: Bz5S0XeORKpfb7aVhCWIiiBEl9wZtrIg
status: 200
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2616277
x-amz-cf-id: za7XOHYG1yzLYHGnsXVRH39Fd6K0M8LyK0GiKxKCI3txmnj8rvn3Hw==

GET
H/1.1 200
OK c025e18.jpg
www.thehelmsteam.com/_nuxt/img/ 88 KB
89 KB 214ms
213ms Image
image/jpeg 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/_nuxt/img/c025e18.jpg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 3dc7c48e15ee9e7c747e89d549c228239e8c3cd5b2366474bf9d597b99780208

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"16016-17258dc63d0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 90134
X-Amz-Cf-Id: xO-D43s1sa6sunCWXTOpacQcYFOCYf2Xkl9h5mI-8Oal_9djLrgEvA==

GET
H/1.1 200
OK 1c02dda.png
www.thehelmsteam.com/_nuxt/img/ 2 MB
2 MB 212ms
212ms Image
image/png 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/_nuxt/img/1c02dda.png
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 843bf9ff4d718d8106330e84165fff51f0a67c7ae8e3ba2d2ed373d4ab496e7f

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 adc2002956acc4d61bfbf3b973fdf247.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"1d32dc-17258dc63d0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 1913564
X-Amz-Cf-Id: snUAnS45ipw0wpNI36FTjVaoMpL2CDhWv3Tfg1QKhPk_N0qomZBlZw==

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://www.thehelmsteam.com

Response headers

date: Mon, 18 May 2020 19:27:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 903212
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Tue, 18 May 2021 19:27:33 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://www.thehelmsteam.com

Response headers

date: Sun, 17 May 2020 05:19:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 1040514
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Mon, 17 May 2021 05:19:11 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://www.thehelmsteam.com

Response headers

date: Tue, 19 May 2020 09:44:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 851773
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 19 May 2021 09:44:52 GMT

GET
H/1.1 200
OK chrome.svg
www.thehelmsteam.com/browser-logos/ 6 KB
7 KB 212ms
211ms Image
image/svg+xml 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/browser-logos/chrome.svg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 20712bcf91501ad5ee00979905567714b3f0721b7fa6d8d6dbda431d881990b1

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:14:19 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"17fc-17258d821f8"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 6140
X-Amz-Cf-Id: ZJCM4sUUP1Rw1MZyJ9x9rRjfIrbJDf7WzYM2jFcT4AKYp-5y4-wm9Q==

GET
H/1.1 200
OK firefox.svg
www.thehelmsteam.com/browser-logos/ 17 KB
18 KB 201ms
200ms Image
image/svg+xml 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/browser-logos/firefox.svg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: ce97e4da69da0ff47e76bc4b1e0158ae454cf7f7695c718ff3b7340b771c515e

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 0bb842bd5868b86440983b936bb0adef.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:14:19 GMT
Server: openresty/1.15.8.2
Age: 5
ETag: W/"4455-17258d821f8"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 17493
X-Amz-Cf-Id: wn67jEs-NGOLQYUNPJ-cPeyvZaKkGW3e7UhMbACRcjM1QzlSs-Eagw==

GET
H/1.1 200
OK edge.svg
www.thehelmsteam.com/browser-logos/ 5 KB
5 KB 206ms
206ms Image
image/svg+xml 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehelmsteam.com/browser-logos/edge.svg
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: e96a78e6a00834a2c58288767b9be8123a0b60e04de4f5172cb5bf68f0e73c2f

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:06 GMT
Via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:14:19 GMT
Server: openresty/1.15.8.2
Age: 4
ETag: W/"121f-17258d821f8"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 4639
X-Amz-Cf-Id: 7ubOCEuo8Y5FXSIzIIVvl_QHBhjqn4ZpWyjw2ekeimhPz1Vx708YpA==

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6151
date: Fri, 29 May 2020 04:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 29 May 2020 06:38:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 31ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:06 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 20:59:59 GMT
x-msedge-ref: Ref A: F538AEF65A2B492B92DE9F4A387179F9 Ref B: FRAEDGE1221 Ref C: 2020-05-29T06:21:06Z
status: 200
etag: "80b179766929d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7767

GET
H2

200

activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F
9793289.fls.doubleclick.net/ Frame 79CF
Redirect Chain

https://9793289.fls.doubleclick.net/activityi;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
https://9793289.fls.doubleclick.net/activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.theh...

0
0

32ms
32ms

Document
text/html

216.58.207.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9793289.fls.doubleclick.net/activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9793289.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thehelmsteam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 29 May 2020 06:21:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 385
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-May-2020 06:36:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 29 May 2020 06:21:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9793289.fls.doubleclick.net/activityi;dc_pre=CN2RxJq32OkCFcPFuwgdzQQOIg;src=9793289;type=aud;cat=mains0;ord=481660984391;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 49ms
49ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

65a1850028118c64febbde9b109da293910bfff6ee261caf0087d3d3364359ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10877
x-xss-protection: 0
server: cafe
etag: 12200185889747903800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 May 2020 06:21:07 GMT

GET
H2

200

activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F
8484482.fls.doubleclick.net/ Frame D9D0
Redirect Chain

https://8484482.fls.doubleclick.net/activityi;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
https://8484482.fls.doubleclick.net/activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.the...

0
0

33ms
31ms

Document
text/html

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8484482.fls.doubleclick.net/activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8484482.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thehelmsteam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 29 May 2020 06:21:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-May-2020 06:36:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 29 May 2020 06:21:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8484482.fls.doubleclick.net/activityi;dc_pre=CLqcxJq32OkCFWJU5QodECAAvA;src=8484482;type=aud;cat=integ0;ord=9803904262942;gtm=2wg5k1;auiddc=2022819594.1590733267;~oref=https%3A%2F%2Fwww.thehelmsteam.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 quantum-remax.js Show response
cdn.quantummetric.com/qscripts/ 199 KB
56 KB 44ms
19ms Script
text/javascript 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-remax.js

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344658a5895d3fe261539c76f3899f12aeac9ec7599007d635ab6d660c3cef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5515
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000
cf-ray: 59ae1d070a89c295-FRA
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0300b078610000c2958e8bf200000001

GET
H2 404 awp.js
pixel.adwerx.com/remax/ 0
0 391ms
136ms Script
text/plain 34.202.78.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adwerx.com/remax/awp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7P9LZF&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.78.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-78-21.compute-1.amazonaws.com
Software: nginx/1.17.3 + Phusion Passenger 6.0.4 / Phusion Passenger Enterprise 6.0.4
Resource Hash

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.015225
date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
server: nginx/1.17.3 + Phusion Passenger 6.0.4
x-powered-by: Phusion Passenger Enterprise 6.0.4
content-type: text/plain
status: 404, 404 Not Found
cache-control: no-cache
x-request-id: 81e23112-ed64-4cc6-b0ab-471d3e65a0a5

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 12 KB
5 KB 133ms
33ms Script
text/plain 52.30.130.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2BAB-3ED

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.130.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-130-103.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9197f9c192a78eb54f884fee2ccadfb40c79d875bc8befd1d394b342cd1e5f19

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 May 2020 07:04:37 GMT
Server: nginx
ETag: "5ec4d685-1110"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 4368
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 May 2020 06:21:07 GMT

GET
H2 200 snf8i2uso.js Show response
cdn.krxd.net/controltag/ 27 KB
8 KB 68ms
22ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snf8i2uso.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c792146415ce7382251e0ed0a956f2c83f76e6d6e71ca6b77957b3a306661deb

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
age: 494
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 7384
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5121-BWI, cache-hhn4064-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1590733267.074657,VS0,VE0
etag: "0b8bd54de6ba95f0de2f88032f6299b9304f690a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 1

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 73ms
24ms Script
application/x-javascript 2.16.31.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-31-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 30 May 2020 06:21:07 GMT

GET
H/1.1 200
OK 3c7c43cb7755735b2bb0.js Show response
www.thehelmsteam.com/_nuxt/ 20 KB
20 KB 235ms
234ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/3c7c43cb7755735b2bb0.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: cdc1cfc5d8533a51edccd8ed0d3f29d0bc52fb1f5b0f5b8aa8ffa0a08f48ad82

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 b838ef1ff22a4a994af82d5178c30e1d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"4e68-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 20072
X-Amz-Cf-Id: MApW8nhcHoAUKfvK6Dh3pT349sBhDw8rTxzmNsas4HoWeqgpFEGHow==

GET
H/1.1 200
OK f2cd1e827025d89cb6cf.js Show response
www.thehelmsteam.com/_nuxt/ 18 KB
19 KB 232ms
232ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/f2cd1e827025d89cb6cf.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 033b03f2dabb9231ddf165ce1be4c1870375b9176ca0e4a9b2e986974fa66cfa

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"482a-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 18474
X-Amz-Cf-Id: 3l-hYLAJZa31gY70XmgzfB-d58QWNRbtkBoMQ6DY4bHPd5yHVVS3lw==

GET
H/1.1 200
OK c39b3a90484318a38f98.js Show response
www.thehelmsteam.com/_nuxt/ 1 KB
2 KB 233ms
232ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/c39b3a90484318a38f98.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 91d8d904afc0312cccba41e50a75c753edbe37a246e192bc8188d94b05445b03

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 e36ab1b8726f47aa5adc8e19e66d1bbe.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"4c2-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 1218
X-Amz-Cf-Id: QvCfNkb0NCuxu0ruxbSlyXx2sP4acNCbjr6LOxD1_4wuoYiory6qrw==

GET
H/1.1 200
OK 1a576415030c9c315cbc.js Show response
www.thehelmsteam.com/_nuxt/ 20 KB
20 KB 211ms
210ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/1a576415030c9c315cbc.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: d9d6363bda94c68a47f52d7b4aca1cd5483db2d93ee8e6b4c51288b103ba1b89

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"4e9a-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 20122
X-Amz-Cf-Id: Obr-o3z-SuOiiWuCC3tCTYUwYRu1nhlRfJwscqr1excdhOdPAdA5VQ==

GET
H/1.1 200
OK 0600f81d1f04ac528f17.js Show response
www.thehelmsteam.com/_nuxt/ 6 KB
7 KB 200ms
200ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/0600f81d1f04ac528f17.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: facea9533f957a24e2ec5681c0d9ea6d43706de4c6ca01c222ab98a15b07f78e

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 536063cb28bfc05fcb7a78183dd89b73.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"19f2-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 6642
X-Amz-Cf-Id: WrNGdpncPwiEDUtIOABhL_y9hDha-29ce9uvr8rQmbrMq1od_YR2Hg==

GET
H/1.1 200
OK 515a1f3a49118d2e54f5.js Show response
www.thehelmsteam.com/_nuxt/ 27 KB
27 KB 205ms
201ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/515a1f3a49118d2e54f5.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: bc2782f53d8a6f4abc329a2febdb4b5075ce275fa3b7e6098b8b7f0d512bf2d0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 0cf6c59c77f0fff670ae085179adc459.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"6b1c-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C1
Accept-Ranges: bytes
Content-Length: 27420
X-Amz-Cf-Id: -QJmhrlbAde7ahvTIorutpKGIp8QmQnH1mgXVZcC0iPxZy9X3ocyWw==

GET
H/1.1 200
OK 6da0f4977ea54ded5f23.js Show response
www.thehelmsteam.com/_nuxt/ 60 KB
61 KB 218ms
215ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/6da0f4977ea54ded5f23.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 8e10cc3444421a2e5104b13f55d827ac3d341f8318e6ef2075e8103d18907ec2

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 f9d716a351f14a0ac1fac2449734849b.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"f027-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 61479
X-Amz-Cf-Id: M8zGBH8HqBBy9P7IWJERw2ns_dtB2KUINLeOcrZjdEr4gLPg_igWGg==

GET
H/1.1 200
OK aa185cc8bb0530d8f86c.js Show response
www.thehelmsteam.com/_nuxt/ 173 KB
174 KB 216ms
213ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/aa185cc8bb0530d8f86c.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 89c5268f360b9eab86681a76b17be677ea71521df973c329cab520bba9cc11b8

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 ee8246c5442dace7525c74f6a799bb47.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
Age: 1
ETag: W/"2b474-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: SEA19-C2
Accept-Ranges: bytes
Content-Length: 177268
X-Amz-Cf-Id: TA5GP5tBwsdXgS9mWZKCHgFgR7tjpZYuWO09GQD-ZduPSiFgJ5rNYg==

GET
H2 200 ip-to-geo Show response
aws-api-gateway-prod.remax.booj.io/api/ 118 B
564 B 1065ms
1065ms XHR
application/json 13.224.95.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws-api-gateway-prod.remax.booj.io/api/ip-to-geo
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.95.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-97.zrh50.r.cloudfront.net
Software: /
Resource Hash: ac9b59e428178c656faa32cdf33e22aa83b528bf4c285d983a27e7d9077aa0ff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-api-key: FX7XtIdhTy1cCh6Rh5nKC8LhK4G59z8EasBKb5L5

Response headers

date: Fri, 29 May 2020 06:21:08 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: 2cf89d0f-640b-4d79-be55-a46854237a48
status: 200
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed0a9d4-78cbc6f87f32a5c0a454c7a0;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: NR95KESavHcFetQ=
content-length: 118
x-amz-cf-id: MYFJaI6d5Ecbsm49uCLR9Kl_VD8GzO0QosU7sgcuv0JYY4MiydgsdA==
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
641 B 27ms
26ms Script
text/javascript 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRebYUAAAAABcj2BI1OCvUWdn80jCZaYz6awM6

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/4a8f856aa9063d748318.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99a12e2a5096e6ad3ae0fe8b93e7035d81b84777e3381bd28ec3bbff7650be57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477
x-xss-protection: 1; mode=block
expires: Fri, 29 May 2020 06:21:07 GMT

POST
H/1.1 200
OK / Show response
public-api-gateway-prod.kube.remax.booj.io/listings/search/run/ 92 KB
15 KB 1555ms
1329ms XHR
application/json 35.164.86.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api-gateway-prod.kube.remax.booj.io/listings/search/run/

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.86.206 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-86-206.us-west-2.compute.amazonaws.com

Software

nginx/1.13.8 /

Resource Hash

a55e31b551450eb3fa7728dbf49e5033bc67cc5ff87ef4ba7078035b1fb6d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Accept: application/json
timeout: 10000
Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Max-Age: 600
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 29 May 2020 06:21:09 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: nginx/1.13.8
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thehelmsteam.com
X-XSS-Protection: 1 ; mode=block
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 204
No Content / Show response
remax-auth-prod.kube.remax.booj.io/api/accounts/session/ 0
474 B 674ms
173ms XHR
text/plain 35.164.86.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://remax-auth-prod.kube.remax.booj.io/api/accounts/session/
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.86.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-86-206.us-west-2.compute.amazonaws.com
Software: nginx/1.13.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
timeout: 10000
Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Max-Age: 600

Response headers

Date: Fri, 29 May 2020 06:21:08 GMT
Server: nginx/1.13.8
X-RateLimit-Remaining: 59
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.thehelmsteam.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 204 0
bat.bing.com/action/ 0
115 B 67ms
56ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5222367&Ver=2&mid=8c2287cc-ae9a-0cf6-64d4-dc374d6c971d&sid=6961faea-6139-e60f-9483-da0fd89b9da5&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&p=https%3A%2F%2Fwww.thehelmsteam.com%2F&r=&lt=3942&evt=pageLoad&msclkid=N&sv=1&rn=666309
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 29 May 2020 06:21:07 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6BFAF165642144188606297166DB7608 Ref B: FRAEDGE1221 Ref C: 2020-05-29T06:21:07Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774282812/ 2 KB
1 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774282812/?random=1590733267297&cv=9&fst=1590733267297&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.thehelmsteam.com%2F&tiba=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc37de3d99f2d989d6e4d25736cbd34bb03af0c6fff6040dc60b348689ad5ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 57ms
55ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snf8i2uso.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
age: 6794633
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 1410729
content-length: 81295
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1590733267.314232,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9=

0
248 B

53ms
51ms

Image
text/plain

2.16.31.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9=
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-31-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 May 2020 06:21:07 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=28828588&ns__t=1590733267304&ns_c=UTF-8&cv=3.5&c8=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&c7=https%3A%2F%2Fwww.thehelmsteam.com%2F&c9=
Pragma: no-cache
Date: Fri, 29 May 2020 06:21:07 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=694510751&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thehelmsteam.com%2F&ul=en-us&de=UTF-8&dt=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1688938377&gjid=1915663231&cid=1669444267.1590733267&tid=UA-139930258-3&_gid=91491629.1590733267&_r=1&gtm=2wg5k1W7P9LZF&z=837247582

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 06:21:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/HYx6hBAtwYatsD8qzq7tXNTk/ 310 KB
122 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/HYx6hBAtwYatsD8qzq7tXNTk/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRebYUAAAAABcj2BI1OCvUWdn80jCZaYz6awM6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

249789ae684c69f462f71386c2a920ca5b404c6eeec90dcaeef95e0a5a9a76bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 18:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 May 2020 19:11:25 GMT
server: sffe
age: 216662
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124666
x-xss-protection: 0
expires: Wed, 26 May 2021 18:10:05 GMT

GET
H/1.1 200
OK 460ef2454940bf9e3e0a.js Show response
www.thehelmsteam.com/_nuxt/ 4 KB
5 KB 209ms
207ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/460ef2454940bf9e3e0a.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: af5c0c4b5510067cf60653abd975e60e794acf3cadc564f936e4757762abd81f

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 e5147bed59b539c23be4f2e01cf6f6f5.cloudfront.net (CloudFront)
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
X-Amz-Cf-Pop: SEA19-C1
ETag: W/"10a1-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4257
X-Amz-Cf-Id: qVp1WhERB5hVc72DP5j9mPBvERRrbscxUnqM1Q483--MjHuWmOElYA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/774282812/ 42 B
107 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774282812/?random=1590733267297&cv=9&fst=1590732000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fwww.thehelmsteam.com%2F&tiba=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&async=1&fmt=3&is_vtc=1&random=1673506293&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 06:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/774282812/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/774282812/?random=1590733267297&cv=9&fst=1590732000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fwww.thehelmsteam.com%2F&tiba=The%20Helms%20Team%20%7C%20RE%2FMAX%20Leading%20Edge&async=1&fmt=3&is_vtc=1&random=1673506293&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 May 2020 06:21:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 8DE1 0
0 23ms
23ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thehelmsteam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.thehelmsteam.com/

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 May 2020 06:21:07 GMT
via: 1.1 varnish
age: 29228029
x-served-by: cache-hhn4064-HHN
x-cache: HIT
x-cache-hits: 452161
x-timer: S1590733268.526647,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 5008 0
0 25ms
24ms Document
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRebYUAAAAABcj2BI1OCvUWdn80jCZaYz6awM6&co=aHR0cHM6Ly93d3cudGhlaGVsbXN0ZWFtLmNvbTo0NDM.&hl=en&v=HYx6hBAtwYatsD8qzq7tXNTk&size=invisible&cb=3wwlyjz5gz2c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/HYx6hBAtwYatsD8qzq7tXNTk/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QsT0RS0MJFY8OjxYNeMUWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcRebYUAAAAABcj2BI1OCvUWdn80jCZaYz6awM6&co=aHR0cHM6Ly93d3cudGhlaGVsbXN0ZWFtLmNvbTo0NDM.&hl=en&v=HYx6hBAtwYatsD8qzq7tXNTk&size=invisible&cb=3wwlyjz5gz2c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thehelmsteam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.thehelmsteam.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 29 May 2020 06:21:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-QsT0RS0MJFY8OjxYNeMUWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9443
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK / Show response
public-api-gateway-prod.kube.remax.booj.io/personnel/agent/filters/ 199 B
834 B 348ms
269ms XHR
application/json 35.164.86.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api-gateway-prod.kube.remax.booj.io/personnel/agent/filters/

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.86.206 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-86-206.us-west-2.compute.amazonaws.com

Software

nginx/1.13.8 /

Resource Hash

fa710f07c1d5ab8b1d8416bd63e5ae13843c105ff63868b051139b0a6b77b517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Accept: application/json
timeout: 10000
Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Max-Age: 600
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 29 May 2020 06:21:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: nginx/1.13.8
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thehelmsteam.com
X-XSS-Protection: 1 ; mode=block
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ 219 B
250 B 72ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e5a037ec5199e6e5c57b5ce4d8c0dc7a7382e1608bdaa09bb36a04cb2840d1a

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:07 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-hhn4058-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1590733268.657156,VS0,VE29
content-length: 179
via: 1.1 varnish
x-cache-hits: 0, 1

GET
H/1.1 200
OK / Show response
public-api-gateway-prod.kube.remax.booj.io/cms/testimonial/ 323 B
858 B 236ms
236ms XHR
application/json 35.164.86.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api-gateway-prod.kube.remax.booj.io/cms/testimonial/?filter[hidden]=false&sort=createdAt

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.86.206 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-86-206.us-west-2.compute.amazonaws.com

Software

nginx/1.13.8 /

Resource Hash

00af8164015b3ff07816dfd31d91f6ce4f4e253abe9e7a230fc6ea1f12f66042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Accept: application/json
timeout: 10000
Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Max-Age: 600
x-domain: www.thehelmsteam.com

Response headers

Date: Fri, 29 May 2020 06:21:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: nginx/1.13.8
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thehelmsteam.com
X-XSS-Protection: 1 ; mode=block
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 1b3428567202474d23b3.js Show response
www.thehelmsteam.com/_nuxt/ 32 KB
33 KB 244ms
244ms Script
application/javascript 34.214.40.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehelmsteam.com/_nuxt/1b3428567202474d23b3.js
Requested by: Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/214826f820d02230d314.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-214.us-west-2.compute.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: f1376b5393c000f01164efe0612f75aa8a1d513ac03c9811e40fdcb7ff2d7539

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:07 GMT
Via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront)
Last-Modified: Thu, 28 May 2020 01:18:58 GMT
Server: openresty/1.15.8.2
X-Amz-Cf-Pop: SEA19-C1
ETag: W/"812b-17258dc63d0"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33067
X-Amz-Cf-Id: 4HzkJqlpq2rztlXpDs5gh7EUPpV9mp1z1ZGQGwBzhhLH3p9Xg4QiZg==

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
238 B 100ms
33ms Script
text/javascript 52.17.112.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.112.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-112-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fb979a8ba0309ed01d635409a9bcd78b93ad0cba96b1b608cd3d75c0830a9db7

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 29 May 2020 06:21:08 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=27 t=1590733268
content-type: text/javascript
x-served-by: beacon-n012-dub-prod.krxd.net

POST
H2 200 / Show response
remax-app.quantummetric.com/ 90 B
431 B 349ms
113ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733268012&z=1&S=0&N=0&P=0

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4c6b50d208909bdff110dcdf34a74f876af3dbbd3f35587d770bcc258680b1bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:08 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
remax-app.quantummetric.com/ 0
167 B 907ms
541ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733268024&z=2&Q=1&Y=1&X=d0d0c2649ee1406204a8333ac3bec06d

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:08 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
remax-app.quantummetric.com/ 28 B
253 B 398ms
385ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?s=a69bf500abab2a49efdf64ee4879327c&H=bcec63737f0c5fc6d24b632c&Q=3

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 May 2020 06:21:08 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000

POST
H2 200 / Show response
remax-app.quantummetric.com/ 0
167 B 163ms
163ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733268776&H=bcec63737f0c5fc6d24b632c&s=a69bf500abab2a49efdf64ee4879327c&U=13287386ef3a36c62025d96a698fabc3&z=1&Q=2&S=0&N=0

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:08 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
remax-app.quantummetric.com/ 0
167 B 114ms
113ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733268948&H=bcec63737f0c5fc6d24b632c&s=a69bf500abab2a49efdf64ee4879327c&z=1&S=1678&N=3&P=1

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:09 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://www.thehelmsteam.com

Response headers

date: Mon, 25 May 2020 21:53:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 289680
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 25 May 2021 21:53:09 GMT

GET
H/1.1 200
OK 7336898673052c00b53b1f8c9295eeff9c5b87b3-1-medium.jpeg
s3.amazonaws.com/writeback-images/ 20 KB
20 KB 490ms
170ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/writeback-images/7336898673052c00b53b1f8c9295eeff9c5b87b3-1-medium.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13cfdf4af92d95c23e8efdd36d0205eb324beda289896a6762e2a6707a9dfc7a

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:11 GMT
Last-Modified: Thu, 30 Apr 2020 20:13:41 GMT
Server: AmazonS3
x-amz-request-id: DB7CD69636C4B691
ETag: "695cd5fb606c8b10dafcc17781b43b0a"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 20349
x-amz-id-2: 7BU9la7w3R4YEA2D8eKV7LIcauQeNUlCKoUQu+a/7BEnMGrktCQh8sy/kDCCp8nflqSyEBwTpik=

GET
H/1.1 200
OK 9ebb9b03770ce52ff5a4fbeec0f6231b0dc5f04d-2-medium.jpeg
s3.amazonaws.com/writeback-images/ 22 KB
22 KB 638ms
296ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/writeback-images/9ebb9b03770ce52ff5a4fbeec0f6231b0dc5f04d-2-medium.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c4f0f8ec055ad508446c05a99cbcdc65af5afa54daaed4d7aaa7a91fff205ed3

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:11 GMT
Last-Modified: Thu, 30 Apr 2020 20:13:41 GMT
Server: AmazonS3
x-amz-request-id: 55AA0C14BE321E7C
ETag: "b3dba35edb822f39b56363c2da1d8c2a"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22144
x-amz-id-2: AiVMyGCUA0jV9uZU//zsyeinPEX2H2/TZPeRm11eCPeALcUzjG8uRJjytoS2pu11jySDl+MElw8=

GET
H/1.1 200
OK 4befe4ccf25537112f9ea238798276a4294b029f-1-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 29 KB
30 KB 265ms
247ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/4befe4ccf25537112f9ea238798276a4294b029f-1-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4a36d3e879d4ee5b4cb629a15a0cbab7fc91e93f4f9588d95874ba3020f99315

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Thu, 28 May 2020 16:42:11 GMT
Server: AmazonS3
x-amz-request-id: CC23F58BF049AE53
ETag: "3130a39cd354d766e16fa8664488e8d6"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 30121
x-amz-id-2: hHTfCRTs6galofQBHmK+zqUSQSjbPHTjsApfLO33iq8XGZncmuNh/6pQHQTaj/lZljK19VtPpmE=

GET
H/1.1 200
OK 0f7cd6234a524792b2394dbf0e8288503e6c7543-2-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 23 KB
24 KB 252ms
234ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/0f7cd6234a524792b2394dbf0e8288503e6c7543-2-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc77135954b2d634f2456dccc46702c050ed37608d03b150608f934960293cb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Thu, 28 May 2020 16:42:12 GMT
Server: AmazonS3
x-amz-request-id: 657D1FBA47AEDA7B
ETag: "7a6dbfea99c4d7f5729de3a76887e8d7"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 23911
x-amz-id-2: 24d+RRtXIJM4A5TZwvALGr1m5gV3LGcip2m1WOS11EtDzoakkD+M4G+Cm/NtMU/HfbnfpqjHgEg=

GET
H/1.1 200
OK 4c6a61e12ecadc98daaf1a9d0b074758d1f0b5ca-1-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 21 KB
22 KB 268ms
251ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/4c6a61e12ecadc98daaf1a9d0b074758d1f0b5ca-1-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5626ae63195a2c902d60d9286e1a52690fb79128f6361cbce8217f7c18d6c34e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Mon, 25 May 2020 18:22:40 GMT
Server: AmazonS3
x-amz-request-id: DE510330AE955523
ETag: "7cfff1b6374bac80382d23ffa70f9f58"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 21738
x-amz-id-2: IY+6fZ1fvS3Kat3B+P9XYySEl9oVrlGu3PMS+FnUXGfPmp5mObqMUfQ5tUIgYbzaX4lBFqEP3Rw=

GET
H/1.1 200
OK d3e800851e9397d65e2b0f3f656fc867a4ce6d33-2-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 21 KB
22 KB 278ms
261ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/d3e800851e9397d65e2b0f3f656fc867a4ce6d33-2-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91431ed68daeb4951faa4dab0ad40e2dc5ee610636763c9576ee3c8246c747bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Mon, 25 May 2020 18:22:38 GMT
Server: AmazonS3
x-amz-request-id: A4AD993657B64B03
ETag: "9d9955eedd4121e29d47a407630d940a"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 21967
x-amz-id-2: gaWCqG6USi5TmDkhZIUXDFZ67z+AMX6hpOqhYCFAJxJsXQvk0mMcr9mfF9R0R4VBeIo8ngVFIW4=

GET
H/1.1 200
OK 63e7a069357488829acfde997ad81fe234141277-1-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 25 KB
25 KB 271ms
254ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/63e7a069357488829acfde997ad81fe234141277-1-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e5abf554443661c2d107a2fe61eaeedd250510c4f2d27d9d546d069ff6adedb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Mon, 25 May 2020 18:20:48 GMT
Server: AmazonS3
x-amz-request-id: 388B90A4DEEDDB85
ETag: "9fc081c5327defe3d7e3c804ca417f36"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 25217
x-amz-id-2: TD5BycqY2S2Nf2NmRpp4pZIyJiQFjLxj8Kl6dTQNuAxYkqpPedy/7AfOCnHoEAq/9ENm/y6H+PU=

GET
H/1.1 200
OK c1e2dadff1ff4c01ed7d1f62e8b4cdad2ec46416-2-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 16 KB
16 KB 265ms
248ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/c1e2dadff1ff4c01ed7d1f62e8b4cdad2ec46416-2-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed56f7637d5dbf7400ec7cf69087f3cf2ca683932e18aa726d58409c0384972e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:10 GMT
Last-Modified: Mon, 25 May 2020 18:20:55 GMT
Server: AmazonS3
x-amz-request-id: 0D6CA414E745AB4F
ETag: "8d00c1d6501ecb076c9071b36b586791"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 16401
x-amz-id-2: WK/ysrUfRlx6nq4WytimpjwhLooFfybwM0OWrIobybJnysecJSaRslBcmAdtEzbInrolZuASrrs=

GET
H/1.1 200
OK a168f097f51ac32940b6041e47f69b7a5133a5ce-1-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 23 KB
23 KB 140ms
140ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/a168f097f51ac32940b6041e47f69b7a5133a5ce-1-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 249a4d730ebdb54640c399b3859a4a6db1f4245252cf9e86ed20f750d3ae3f4a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:11 GMT
Last-Modified: Mon, 25 May 2020 18:23:11 GMT
Server: AmazonS3
x-amz-request-id: 16DAB7B3273A7828
ETag: "da74d301a254f4d5a3eb9f2cad422370"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 23230
x-amz-id-2: JoeXXqX5QqBaLKbnQXGDax7TL1R/JCJ3q5MhP0S0krPROxYLEbjfbYAvoPnAUNbR3znEhymkgLo=

GET
H/1.1 200
OK 8d6d57be13fbd6f20e72e91569c9123830201a2f-2-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 14 KB
14 KB 131ms
131ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/8d6d57be13fbd6f20e72e91569c9123830201a2f-2-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b1f9da5d2a832d56847d6b8b371b2415682443f4f4132b7ea0599744b1494680

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:11 GMT
Last-Modified: Mon, 25 May 2020 18:22:41 GMT
Server: AmazonS3
x-amz-request-id: 1E5162964020F62C
ETag: "180e6284c75e317b3a43e6aadca6388f"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 14304
x-amz-id-2: RQ4Whvq1BvIvM2QJ6mtaLFVEUjBZlKKuo9IQjZnJrZsyP7p7R5RikepMce7DhbUwoz7UzBrHKjw=

GET
H/1.1 200
OK 929689cfe0e1d001a647792c1eae68d0cf175e93-1-medium.jpeg
s3.amazonaws.com/rets-images-bormls/ 24 KB
24 KB 126ms
125ms Image
image/jpeg 52.216.88.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/rets-images-bormls/929689cfe0e1d001a647792c1eae68d0cf175e93-1-medium.jpeg
Protocol: HTTP/1.1
Server: 52.216.88.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13839d82f639f70572523a815a0d5f1bccbce89d20fd9071fcddaf38cc1df6ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 May 2020 06:21:11 GMT
Last-Modified: Mon, 25 May 2020 17:24:48 GMT
Server: AmazonS3
x-amz-request-id: B387821FD99D27EF
ETag: "0cbe343bc5088ac898be20c960d89575"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 24385
x-amz-id-2: o1P3Pq9fMIkliPhvcZV+U/q6ISwjbikSTmexRUWKSWKbZhRnAenJfEy+mtThnmu+/3hAHXXyvek=

POST
H2 200 / Show response
remax-app.quantummetric.com/ 0
167 B 114ms
113ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733273023&H=bcec63737f0c5fc6d24b632c&s=a69bf500abab2a49efdf64ee4879327c&z=1&S=1984&N=7&P=2

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:13 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
remax-app.quantummetric.com/ 0
167 B 113ms
113ms XHR
application/json 34.66.112.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://remax-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.thehelmsteam.com%2F&t=1590733267981&v=1590733273165&H=bcec63737f0c5fc6d24b632c&s=a69bf500abab2a49efdf64ee4879327c&z=1&Q=2&S=421&N=1

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.66.112.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

113.112.66.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 May 2020 06:21:13 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 429
Too Many Requests / Show response
sentry.io/api/1728689/store/ 45 B
519 B 467ms
123ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1728689/store/?sentry_key=34f8956f62f7480a8bf481287b74a508&sentry_version=7

Requested by

Host: www.thehelmsteam.com
URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.thehelmsteam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 29 May 2020 06:21:18 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.thehelmsteam.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 45
x-sentry-rate-limits: 220::key
retry-after: 220

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://www.thehelmsteam.com/_nuxt/58bf43df9d68c3cb98aa.js(Line 2) Message: failed to detect user location [object GeolocationPositionError]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8484482.fls.doubleclick.net
9793289.fls.doubleclick.net
aws-api-gateway-prod.remax.booj.io
bat.bing.com
beacon.krxd.net
cdn.krxd.net
cdn.quantummetric.com
consumer.krxd.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.remax-prod.booj.io
papiphotos.remax-im.com
pixel.adwerx.com
public-api-gateway-prod.kube.remax.booj.io
remax-app.quantummetric.com
remax-auth-prod.kube.remax.booj.io
resources.xg4ken.com
s3.amazonaws.com
sb.scorecardresearch.com
sentry.io
thehelmsteam.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.thehelmsteam.com
13.224.95.92
13.224.95.97
151.101.114.133
172.217.22.6
172.217.23.162
2.16.31.65
216.58.207.70
2600:9000:2190:2000:1d:4d22:8b40:93a1
2606:4700:10::6816:35fc
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a00:1450:4001:814::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::2004
34.202.78.21
34.214.40.214
34.66.112.113
35.164.86.206
35.188.42.15
52.17.112.187
52.216.88.69
52.30.130.103
54.201.172.103
00af8164015b3ff07816dfd31d91f6ce4f4e253abe9e7a230fc6ea1f12f66042
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
033b03f2dabb9231ddf165ce1be4c1870375b9176ca0e4a9b2e986974fa66cfa
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
13839d82f639f70572523a815a0d5f1bccbce89d20fd9071fcddaf38cc1df6ba
13cfdf4af92d95c23e8efdd36d0205eb324beda289896a6762e2a6707a9dfc7a
164841b0054c829219e2649ab54a4fab532e1a468c04364b66e613817504e881
1f2fe9d7d4b5638763c2324746b76d24783896687bc7a42a2c35730eaa4b982a
20712bcf91501ad5ee00979905567714b3f0721b7fa6d8d6dbda431d881990b1
249789ae684c69f462f71386c2a920ca5b404c6eeec90dcaeef95e0a5a9a76bf
249a4d730ebdb54640c399b3859a4a6db1f4245252cf9e86ed20f750d3ae3f4a
2e5abf554443661c2d107a2fe61eaeedd250510c4f2d27d9d546d069ff6adedb
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3272dff460ad2ac73e9188914462fe159565de2a762392086d9ae264507ce9b5
344658a5895d3fe261539c76f3899f12aeac9ec7599007d635ab6d660c3cef3f
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3dc7c48e15ee9e7c747e89d549c228239e8c3cd5b2366474bf9d597b99780208
3e5a037ec5199e6e5c57b5ce4d8c0dc7a7382e1608bdaa09bb36a04cb2840d1a
47c9c801088f04b20e42b452db853786e8289c8af69040629c0d24ce5f69d6e4
485bfb0cd6a2615d072e9d7649f84d2e500ee0f6cb93ef7ac6aff4085bdcc3fc
48a27286943705587389e68c9b1abb9f67ac19bb314c361ad1a3c06bdb53a90b
4a36d3e879d4ee5b4cb629a15a0cbab7fc91e93f4f9588d95874ba3020f99315
4c6b50d208909bdff110dcdf34a74f876af3dbbd3f35587d770bcc258680b1bb
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5626ae63195a2c902d60d9286e1a52690fb79128f6361cbce8217f7c18d6c34e
65a1850028118c64febbde9b109da293910bfff6ee261caf0087d3d3364359ba
6fbf871e6fbc726133dfac516bc7c7580a0a97aac08e4cc3d018e8f2f3bada75
77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
7ff97e76181fc8c003afdd6fd34e17826c4490f08b12cdbd5667c9435bb133e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843bf9ff4d718d8106330e84165fff51f0a67c7ae8e3ba2d2ed373d4ab496e7f
89c5268f360b9eab86681a76b17be677ea71521df973c329cab520bba9cc11b8
8e10cc3444421a2e5104b13f55d827ac3d341f8318e6ef2075e8103d18907ec2
91431ed68daeb4951faa4dab0ad40e2dc5ee610636763c9576ee3c8246c747bd
9197f9c192a78eb54f884fee2ccadfb40c79d875bc8befd1d394b342cd1e5f19
91d8d904afc0312cccba41e50a75c753edbe37a246e192bc8188d94b05445b03
94070495f25eaa00d1a28abb1ffbce564e1da14bf4f8239cd9638e2029241c87
98e41299ffbb5569065172d7f4383298f74eb165000ab15792073d972b1b6f35
99a12e2a5096e6ad3ae0fe8b93e7035d81b84777e3381bd28ec3bbff7650be57
9f64252defc1bc7bd1351854b92c7d28c3d98dd277884611c2f0b10ccbd6e553
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a319d7be908be5ac38aa27f9b9ecd1a787ed4b72de703ea930c44ae4c9c797c8
a4a7011cc05cb0477775e8cc2965417a52b15c71adaea881738e787caeead545
a55e31b551450eb3fa7728dbf49e5033bc67cc5ff87ef4ba7078035b1fb6d99b
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a7fbf7baf85d04dc697755068dc9ab14d888c00ab605b1a81cc5efd4548fc07e
ac9b59e428178c656faa32cdf33e22aa83b528bf4c285d983a27e7d9077aa0ff
ae8266dfbabd70cf7076f75463920fc99d06e0d0a62b8d946bcf0dc9e5b19a8a
aecf61cc02a9e608b74e109f8f13ec4880c3e7b70d2782358d7f2fe19cfe6b42
af5c0c4b5510067cf60653abd975e60e794acf3cadc564f936e4757762abd81f
b0303aee1910dccc6d71ab5d8c1a6c2fe3fa946386ed0a739733dfcd24e88b7e
b1f9da5d2a832d56847d6b8b371b2415682443f4f4132b7ea0599744b1494680
bc2782f53d8a6f4abc329a2febdb4b5075ce275fa3b7e6098b8b7f0d512bf2d0
bc77135954b2d634f2456dccc46702c050ed37608d03b150608f934960293cb3
c10430e97277b338e17d355628165077094deeeb461cbe3f2011bd5961b6d32a
c4f0f8ec055ad508446c05a99cbcdc65af5afa54daaed4d7aaa7a91fff205ed3
c792146415ce7382251e0ed0a956f2c83f76e6d6e71ca6b77957b3a306661deb
c8760c0e7d2592a744bd30641f288d9092dc047d10083162d3ea509691bf0e53
c9b0997572e02488cc13402476634f061f76a351fea6ae852bd491bfe4e645c7
cc37de3d99f2d989d6e4d25736cbd34bb03af0c6fff6040dc60b348689ad5ffd
cdc1cfc5d8533a51edccd8ed0d3f29d0bc52fb1f5b0f5b8aa8ffa0a08f48ad82
ce501b1615df9cb714c9837fc38c4e373ca6079ca6ffa0e745b6968d977364f6
ce97e4da69da0ff47e76bc4b1e0158ae454cf7f7695c718ff3b7340b771c515e
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d9d6363bda94c68a47f52d7b4aca1cd5483db2d93ee8e6b4c51288b103ba1b89
de1a2274f53b04ff200e972dae443392e73d60c21169fd46fcec1084113c3ab8
dfa03b5dee58c316ca0be1918ac2a62cc89c73fc7833898072eee86bf646c03c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96a78e6a00834a2c58288767b9be8123a0b60e04de4f5172cb5bf68f0e73c2f
ed56f7637d5dbf7400ec7cf69087f3cf2ca683932e18aa726d58409c0384972e
ed9c93339a79a3ab42d280f9545ed81be23f5fcfac40d801fb61d8a4e30fb5b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1376b5393c000f01164efe0612f75aa8a1d513ac03c9811e40fdcb7ff2d7539
fa710f07c1d5ab8b1d8416bd63e5ae13843c105ff63868b051139b0a6b77b517
facea9533f957a24e2ec5681c0d9ea6d43706de4c6ca01c222ab98a15b07f78e
fb979a8ba0309ed01d635409a9bcd78b93ad0cba96b1b608cd3d75c0830a9db7
fed02aa40ff85a2c798117154cd7250d1b854d5c0e4b52f74883d4cf75689e73
ff8aec09125437db07681218ff8135fdfd982f3926c529503a9dbf10f7b1ba43

www.thehelmsteam.com Open in urlscan Pro 34.214.40.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

90 %HTTPS

41 %IPv6

19 Domains

29 Subdomains

27 IPs

4 Countries

14837 kBTransfer

15599 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thehelmsteam.com Open in urlscan Pro
34.214.40.214 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

90 %
HTTPS

41 %
IPv6

19
Domains

29
Subdomains

27
IPs

4
Countries

14837 kB
Transfer

15599 kB
Size

0
Cookies

94 HTTP transactions
1 data transactions