a.helm.life Open in urlscan Pro
54.148.202.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3101?te=W3R5hFj4cm2zw...
Effective URL:
https://a.helm.life/holiday-parties/
Submission: On November 23 via api (November 23rd 2020, 8:31:46 pm UTC) from US

Summary HTTP 62 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 62 HTTP transactions. The main IP is 54.148.202.27, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is a.helm.life.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on January 7th 2019. Valid for: 2 years.

This is the only time a.helm.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:9c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	54.148.202.27 54.148.202.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.201.16.89 54.201.16.89	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
3	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
62	11

1 2606:4700::6812:9c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen80.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eventtracking.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 54.148.202.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-202-27.us-west-2.compute.amazonaws.com

a.helm.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.16.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-16-89.us-west-2.compute.amazonaws.com

babysitter.weneeddatenight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	helm.life a.helm.life	10 MB
14	cloudflare.com cdnjs.cloudflare.com	168 KB
9	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	179 KB
3	gstatic.com fonts.gstatic.com	38 KB
3	wikimedia.org upload.wikimedia.org	7 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	youtube.com www.youtube.com
1	weneeddatenight.com babysitter.weneeddatenight.com	51 KB
1	hubspot.com 1 redirects eventtracking.hubspot.com	633 B
1	sidekickopen80.com 1 redirects t.sidekickopen80.com	534 B
62	11

	Domain	Requested by
27	a.helm.life	a.helm.life
14	cdnjs.cloudflare.com	a.helm.life cdnjs.cloudflare.com
8	ka-f.fontawesome.com	kit.fontawesome.com a.helm.life
3	fonts.gstatic.com	fonts.googleapis.com
3	upload.wikimedia.org	a.helm.life
2	www.google-analytics.com	a.helm.life www.google-analytics.com
2	fonts.googleapis.com	a.helm.life
1	www.youtube.com	a.helm.life
1	babysitter.weneeddatenight.com	a.helm.life
1	kit.fontawesome.com	a.helm.life
1	eventtracking.hubspot.com	1 redirects
1	t.sidekickopen80.com	1 redirects
62	12

This site contains links to these domains. Also see Links.

Domain
helm.life
globalnews.ca
www.bloomberg.com
toronto.citynews.ca
www.forbes.com
torontolife.com
www.thestar.com
www.cbc.ca
ottawacitizen.com
www.theglobeandmail.com
www.iubenda.com

Subject Issuer	Validity	Valid
www.helmapp.com COMODO RSA Domain Validation Secure Server CA	`2019-01-07` - `2021-01-06`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.weneeddatenight.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-06-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2020-11-09` - `2021-11-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://a.helm.life/holiday-parties/
Frame ID: 75CBFA32FBA98668AD1B74E5F842ACE8
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/29f5_R70JGk?rel=0&autoplay=1&loop=1&playlist=29f5_R70JGk&mute=1
Frame ID: 4D7C253E0FF44F7D28879053FBD45238
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3... HTTP 301
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3... HTTP 307
https://a.helm.life/holiday-parties/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Amazon EC2 (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /$Amazon$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /$Amazon$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

62
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

10238 kB
Transfer

10676 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://helm.life/online-activities/?id=signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://helm.life/online-activities
Title: Sign In

Search URL Search Domain Scan URL

URL: https://globalnews.ca/news/7225896/coronavirus-social-distant-families-virtual-babysitting/
Title:

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2020-03-19/working-from-home-u-s-parents-manage-both-kids-and-co-workers
Title:

Search URL Search Domain Scan URL

URL: https://toronto.citynews.ca/2020/08/11/virtual-babysitting-helps-parents-juggle-double-responsibilities-during-pandemic/
Title:

Search URL Search Domain Scan URL

URL: https://www.forbes.com/sites/geristengel/2019/03/08/canada-invests-2-billion-in-women-entrepreneurs-to-grow-the-economy-by-150-billion/
Title:

Search URL Search Domain Scan URL

URL: https://torontolife.com/city/business/toronto-smartphone-apps/
Title:

Search URL Search Domain Scan URL

URL: https://www.thestar.com/news/gta/2015/02/05/uber-like-babysitting-app-available-for-toronto-parents.html
Title:

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/player/play/1132788291999
Title:

Search URL Search Domain Scan URL

URL: https://ottawacitizen.com/news/local-news/app-matching-babysitters-and-busy-parents-comes-to-ottawa
Title:

Search URL Search Domain Scan URL

URL: https://www.theglobeandmail.com/report-on-business/small-business/sb-growth/the-challenge/startup-links-babysitters-parents/article30648852/
Title:

Search URL Search Domain Scan URL

URL: https://www.theglobeandmail.com/report-on-business/small-business/sb-growth/the-challenge/vote-for-the-winner-of-the-100000-small-business-challenge/article30648990/
Title:

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/news/canada/toronto/toronto-entrepreneur-babysitting-app-1.5040472
Title:

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/terms-and-conditions/8069768
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/8069768/full-legal
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3101?te=W3R5hFj4cm2zwW3yMjRS3ZYs9KW3SZ_8m3R3bz5W3H3c1345LMtqf3SZBX504&si=8000000004273960&pi=54615d78bd4bc8d97362df794fab1ca8 HTTP 301
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3101?te=W3R5hFj4cm2zwW3yMjRS3ZYs9KW3SZ_8m3R3bz5W3H3c1345LMtqf3SZBX504&si=8000000004273960&pi=54615d78bd4bc8d97362df794fab1ca8 HTTP 307
https://a.helm.life/holiday-parties/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
a.helm.life/holiday-parties/
Redirect Chain

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3101?te=W3R5hFj4cm2zwW3yMjRS3ZYs9KW3SZ_8m3R3bz5W3H3c1345LMtqf3SZBX504&si=8000000004273960&pi=...
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7kF8bWHbHW5Km-Xv2zGCwVN8Jbw_8QsRtKVn1phW7fRNRPW16gGC25prLd3101?te=W3R5hFj4cm2zwW3yMjRS3ZYs9KW3SZ_8m3R3bz5W3H3c1345LMtqf3SZBX504&si=800000000427396...
https://a.helm.life/holiday-parties/

61 KB
61 KB

766ms
360ms

Document
text/html

54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 4b62219687d12979790f609f91b193b7eb9ff43354d2d8cf3232264de081ea40

Request headers

:method: GET
:authority: a.helm.life
:scheme: https
:path: /holiday-parties/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:23 GMT
content-type: text/html; charset=UTF-8
content-length: 62281
set-cookie: AWSALB=BZQk61yQgToT75ny2mWKKfG0e1KU9eCudeVXgBGfj8iph1wrF/fKZnigkZCRNtwKL+PddAMczUpjCy1tY2Cef0P4xCfl5C37gFLFbs38mF1uaAEaPFEgr+l3BqJH; Expires=Mon, 30 Nov 2020 20:31:23 GMT; Path=/ AWSALBCORS=BZQk61yQgToT75ny2mWKKfG0e1KU9eCudeVXgBGfj8iph1wrF/fKZnigkZCRNtwKL+PddAMczUpjCy1tY2Cef0P4xCfl5C37gFLFbs38mF1uaAEaPFEgr+l3BqJH; Expires=Mon, 30 Nov 2020 20:31:23 GMT; Path=/; SameSite=None; Secure
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
last-modified: Thu, 19 Nov 2020 18:42:10 GMT
etag: "f349-5b47a15f394fb"
accept-ranges: bytes

Redirect headers

date: Mon, 23 Nov 2020 20:31:23 GMT
set-cookie: __cfduid=d6fc975e19b67b000a784385ad6db50e71606163483; expires=Wed, 23-Dec-20 20:31:23 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax _hetc=2473ce58-c37b-42fc-a7f4-6589134a04e6|1606163483225|ACOD57cwLAIUQJtlUBCf15Yq35kPNWnVslsCJ/gCFD+bS4xGdHnecg2Gno2u4THptHNy;Version=1;Comment=;Domain=eventtracking.hubspot.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://a.helm.life/holiday-parties/>; rel="canonical"
location: https://a.helm.life/holiday-parties/
referrer-policy: no-referrer
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 069866e1860000969e7dac9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5f6da748da96969e-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
718 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e283470991caf05010dfd55fa9ac5f2d00c4c5e3281f5af45521440495ea724d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 20:31:24 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 23 Nov 2020 20:31:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 23 Nov 2020 20:31:24 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/ 137 KB
16 KB 29ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293569
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 15749
cf-request-id: 069866e57300001f4d7e2e6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
etag: "5eb04010-22485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PJa%2F2swID2gJSn0%2FGp5fcdIWhMK%2FDW41%2BRaSlVBQO3pconHWaVXE0gNq2sxL9cS2b8QG0U4pvD%2FNfo9UyaSxYXOljASYmV81%2FKMi56RH1NNgqxQDvg2oghN%2BxL50cd6XRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da74f18691f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 venobox.css
cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/ 11 KB
2 KB 33ms
20ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/venobox.css

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668f42e0d474e55967b3175602a720703b6bbcda1f00d9897aad830269956938

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 286381
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 1884
cf-request-id: 069866e57300001f4d93365000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
etag: "5eb0401a-2cbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ng5u0yY2aUQD9qy%2BOidE2QFAr92VLFU5I0T1hGD8VUN%2BcyH3R9o6tSGInQtq%2BtSNv2A0L1NqKV0pbY9Q9KsZ51fQSRXfEM3JqOSHnyPQnXC9VSAmImBKA9pu41UFcrFOsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da74f186b1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 25ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293598
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 3279
cf-request-id: 069866e57400001f4d9e367000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1mJy8bSqXjOYc%2F00XWoiOzcUCzsXN20Zcp5%2Fx6YMuKAh7e4NJecQJ%2FZV5rse19FrP%2BBefr%2FSn38%2FrbEUGhT5%2FkD95R0Ona8IAP0%2BnxhGuZTkUOEavIZ0tySuRYKIxpLnVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da74f18711f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 27ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293599
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 5631
cf-request-id: 069866e57300001f4def237000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B6VYLT5aU22e8Jhdb%2FnuoguRNyO5J2rMjKcs9f0u6gJn1SZ6frpvHKVXkIE1tpcKyxeB%2BGE3UncY00217niUux41Ag9sUuBmV3LYjlP4P5hnrKIFy5aa0VVrxVN9TKXbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da74f186e1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 67b2a101ab.js Show response
kit.fontawesome.com/ 10 KB
4 KB 58ms
41ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/67b2a101ab.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3b6ec8ba3bb68ebc771b1315f54704bb4bac2006c7ac6a789670f049f94648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: gzip
vary: origin, accept-encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 069866e5780000d70d1cb5b000000001
x-request-id: Fko9Lc4sCCkSxuo0YF_C
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
cf-ray: 5f6da74f2ee8d70d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 style.css
a.helm.life/holiday-parties/css/ 20 KB
20 KB 191ms
190ms Stylesheet
text/css 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.helm.life/holiday-parties/css/style.css?v1.4
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 79a88acd5ceeb704906223af6ad424d54a8aadc2760aeac3005bcde3668b8f4c

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Thu, 19 Nov 2020 18:34:21 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "4ea1-5b479fa004c9e"
content-length: 20129
content-type: text/css

GET
H/1.1 200
OK HELMdotLife_bigger_transp.png
babysitter.weneeddatenight.com/roster/s/images/ 50 KB
51 KB 915ms
192ms Image
image/png 54.201.16.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://babysitter.weneeddatenight.com/roster/s/images/HELMdotLife_bigger_transp.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.16.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-16-89.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: f4f00816cba425a15af1023b5fdb83da58074bc5c29c608254789f59db7da65a

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 20:31:24 GMT
Last-Modified: Fri, 23 Aug 2019 15:57:58 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "c9e8-590cadebbfd2a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51688

GET
H2 200 holiday-p-escape-room-scribble-2.png
a.helm.life/holiday-parties/img/sessions/ 689 KB
690 KB 263ms
260ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/holiday-p-escape-room-scribble-2.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 212eadc620387208b74b6703bafdf86e90c3fef9f27ec7a164da1f5322a1a04b

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Thu, 19 Nov 2020 17:27:36 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "ac38e-5b4790b3e709b"
content-length: 705422
content-type: image/png

GET
H2 200 holiday-p-scribble-trivia.png
a.helm.life/holiday-parties/img/sessions/ 219 KB
220 KB 275ms
272ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/holiday-p-scribble-trivia.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: b7f47f8fe0dc45118862b94c1fbee1600d8b70ebfbc5f14e7013bb4e7362d08f

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Thu, 19 Nov 2020 17:27:36 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "36c97-5b4790b3f3bbe"
content-length: 224407
content-type: image/png

GET
H2 200 holiday-p-scribble-illusionist.png
a.helm.life/holiday-parties/img/sessions/ 401 KB
401 KB 275ms
273ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/holiday-p-scribble-illusionist.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 5feac257336e613d3099856c5aff8ec2949770678c0d409d1cd3c862ff82e953

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Thu, 19 Nov 2020 17:27:36 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "6422d-5b4790b3efd3d"
content-length: 410157
content-type: image/png

GET
H2 200 holiday-p-scribble-pets.png
a.helm.life/holiday-parties/img/sessions/ 479 KB
480 KB 275ms
272ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/holiday-p-scribble-pets.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 3a1ff564dc73e52dd4bccd796063e1387b9f090d34923c1113178cd12603283f

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Thu, 19 Nov 2020 17:27:36 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "77ce0-5b4790b3f2c1e"
content-length: 490720
content-type: image/png

GET
H2 200 in-escape-room-image-holiday-transp.png
a.helm.life/holiday-parties/img/work/ 539 KB
540 KB 274ms
271ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/in-escape-room-image-holiday-transp.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 49313123ccc9a86d7e9b2ce3cc66b1a3c75a640fa26628e9d3a1c272d4ed0280

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Mon, 19 Oct 2020 17:41:09 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "86a2d-5b2099e9f5930"
content-length: 551469
content-type: image/png

GET
H2 200 holiday-party-all-acts.png
a.helm.life/holiday-parties/img/work/ 588 KB
589 KB 273ms
271ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/holiday-party-all-acts.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: d14bb24efc326eb5054bfa4fd6340ce8f7b622a8a3327d4ed413b3f5fb35591b

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Tue, 20 Oct 2020 13:46:51 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "92f19-5b21a76949269"
content-length: 601881
content-type: image/png

GET
H2 200 kids_holiday_screen_transp.png
a.helm.life/holiday-parties/img/work/ 662 KB
663 KB 274ms
272ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/kids_holiday_screen_transp.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 7cf545ee3de5e8d3e1ab8072970b81c2a627697211587e8c834b8e39a160ba91

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Tue, 20 Oct 2020 13:46:51 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "a5830-5b21a7694c14a"
content-length: 677936
content-type: image/png

GET
H2 200 virtual_blank_wide_200_holiday_cozy.png
a.helm.life/holiday-parties/img/work/ 92 KB
93 KB 273ms
271ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/virtual_blank_wide_200_holiday_cozy.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: d64ab6d3b315e69d12f53b3a5a4edae17a34ad7aad80ed4375e4c13414a8072a

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Mon, 19 Oct 2020 17:10:01 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "17096-5b2092f4f65ec"
content-length: 94358
content-type: image/png

GET
H2 200 virtual_blank_wide_200_holiday_northpole_.png
a.helm.life/holiday-parties/img/work/ 79 KB
80 KB 272ms
270ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/virtual_blank_wide_200_holiday_northpole_.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 29dfa93cf14e116cddbf5935bc0fe272412f993526632259978f56e9bd47be2e

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Mon, 19 Oct 2020 17:10:01 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "13d16-5b2092f4f758c"
content-length: 81174
content-type: image/png

GET
H2 200 virtual_blank_wide_200_holiday_jack_frost.png
a.helm.life/holiday-parties/img/work/ 150 KB
151 KB 272ms
271ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/virtual_blank_wide_200_holiday_jack_frost.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 7654efcc08795d3f93933cb612beab97edd12724656f493358a07efe7a8a7dd5

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Mon, 19 Oct 2020 17:10:01 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "25917-5b2092f4f758c"
content-length: 153879
content-type: image/png

GET
H2 200 virtual_blank_wide_200_holiday_gifts.png
a.helm.life/holiday-parties/img/work/ 125 KB
125 KB 951ms
949ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/virtual_blank_wide_200_holiday_gifts.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 7a7434dee70a77f2e4609a7c51edf7963c9d7f3a937006746ff1c206909bd2f1

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
last-modified: Mon, 19 Oct 2020 17:10:01 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "1f2a7-5b2092f4f65ec"
content-length: 127655
content-type: image/png

GET
H2 200 virtual_blank_game_time_v2_200.png
a.helm.life/holiday-parties/img/sessions/ 58 KB
58 KB 1974ms
1973ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/virtual_blank_game_time_v2_200.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: e4242a8f4a281f25abd5e7e317c57641b3c94858e1316b968876a56299dae340

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:25 GMT
last-modified: Mon, 19 Oct 2020 16:51:05 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "e69d-5b208eb93fb49"
content-length: 59037
content-type: image/png

OPTIONS
H2 200 free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ Frame 0
0 69ms
53ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://a.helm.life
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 bd29d18ddcad5397b0dff22184078bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: OKAOKwRoTFjzpBFqZJwrARzs2o2A7Zo5hGgmhEFbKyEUSsD81jX-Xg==
age: 83872
cf-cache-status: DYNAMIC
cf-request-id: 069866e5b700001f2d2f8c8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmpQOYlpCbwS6HQTzA82bOpSqDiqt90LOTAsoYRkdQAHqSXxTHIf2%2F86YZrs8tTWT3b8fhSD9IkeUmCNn908pwucdVk3ilPqVNwuPUsbknqy794M%2BDYpFKGYI005TbufDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f6da74f8a781f2d-FRA

OPTIONS
H2 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ Frame 0
0 62ms
46ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://a.helm.life
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: Mflvxfv8iBgpk8jGoNXsay7AB7mp-bi6Vb2IOvwZbMnjGf3RTMC2tA==
age: 83871
cf-cache-status: DYNAMIC
cf-request-id: 069866e5b700001f2d1d3cc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BJRI8mj6uCIH1i%2BQm0oWbY5rw%2FNjIU5oG%2Bg2T%2FEU5WBcXi1vK10KzUg0kfRyKliN%2FOjgHmbpWGQUY1eNnCbygnTxrs8viMPIpBIHEiBUDmOtTKbXQidWCk4rOEmHknr1Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f6da74f8a7a1f2d-FRA

OPTIONS
H2 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ Frame 0
0 70ms
53ms Other 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://a.helm.life
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 033ed92c09627372dcaf2c27f57f2f77.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: 3OOrzeIVxUVv-4NnraR28u-q-ZaaD_KClIuqby6c3gFZNwYct-HdpA==
age: 83871
cf-cache-status: DYNAMIC
cf-request-id: 069866e5b700001f2d27929000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zoBbehB1pArOVgL31xgzZu3NpLvQz3mzqBEaVL1tjwgf5l1MD11JG5IWOhjDoWvKZKILKLtOzsY9IfVaJHhh1fTQcb8EzJw%2Btgva0yvWOAEDtl5y133jGqVIVlkUUbDPog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f6da74f8a7c1f2d-FRA

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 59 KB
13 KB 123ms
122ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 67b2a101ab

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 069866e5ed00001f2d0e02e000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"319d424ba89a84bbd230a3b5f7024193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D8Vx1pbi7MLjNIx2PJAcIdvPb1UfqeWvzhJmwRDmGYy6eYtBHDU7%2FMWF5LwEJaqYOFR6vBlW5is1yM7Bh692Vg9ZHbTY4C0GCcaHa8TNLBzc9%2F5EB2GPheWkfqf7L9T8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 5f6da74fdb101f2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xkcWQjeC1JlZHQGwxKUUc3faFBgnxN3XU-hBno23lJJ_0aGsTTj-vg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 26 KB
4 KB 101ms
100ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 67b2a101ab

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
via: 1.1 13214b1e40e019e123fb158c1d658050.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 069866e5e500001f2d2792c000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"2e4c3da4eae1c876a281d6ca5a7a5b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ybGn40yTjnmieD83STxyvam%2F%2F09%2FhSTjDGIqQbMzUnJsPEX83jZ00W77%2FQxkVBRQyxFpF44xd7K2PTnvLbfAKKe08VEZeHwP5CI6M1g1yL%2FIdsMy0YxEPnkzVeGwHhhbDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 5f6da74fdafb1f2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: y5ZsSn3FRtqEHgPNni0AcEy8ZB1jwnOTE5kk3dtBuD7Dky9ogp92NA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 3 KB
1 KB 111ms
111ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 67b2a101ab

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
via: 1.1 20e9cd7a84a4b4e0dce285f587c43f9b.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 069866e5ec00001f2d3a18e000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"a59d3f1e8fae455f68a6cafb35ac4838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QdJV0Mm4TgpG60QubfvwN5LhHTDuXiGWD5KOMhiu0pkw30xLlHHho1ZxRTnDaXUgHCTQYPHGRCADvgZ6wI5ot8kCp3RwrIWACFHVRXTTapdGZZPmdo3DSqYofeMiYukwow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 5f6da74fdb131f2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9ARmj03guY3-WlITY4MXGMQUp-BL7fYFwb93_fK57aVkEENPkHbYuw==

GET
H2 200 29f5_R70JGk
www.youtube.com/embed/ Frame 4D7C 0
0 126ms
106ms Document
text/html 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/29f5_R70JGk?rel=0&autoplay=1&loop=1&playlist=29f5_R70JGk&mute=1

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/29f5_R70JGk?rel=0&autoplay=1&loop=1&playlist=29f5_R70JGk&mute=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a.helm.life/holiday-parties/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://a.helm.life/holiday-parties/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 20017
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 23 Nov 2020 20:31:24 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=jdzPA5g7gJE; path=/; domain=.youtube.com; secure; expires=Sat, 22-May-2021 20:31:24 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 23-Nov-2020 21:01:24 GMT VISITOR_INFO1_LIVE=jdzPA5g7gJE; path=/; domain=.youtube.com; secure; expires=Sat, 22-May-2021 20:31:24 GMT; httponly; samesite=None YSC=YqDzw3j_fR4; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 virtual_blank_silly_ad_agency_200.png
a.helm.life/holiday-parties/img/sessions/ 28 KB
29 KB 1878ms
1875ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/virtual_blank_silly_ad_agency_200.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 04d5d22713d5e139682dda9123e5f1e55b26308a6582a2ab469b62f07a9acc60

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:25 GMT
last-modified: Mon, 19 Oct 2020 16:51:05 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "71c4-5b208eb94c66c"
content-length: 29124
content-type: image/png

GET
H2 200 virtual_blank_financial_disaster.png
a.helm.life/holiday-parties/img/sessions/ 76 KB
77 KB 2925ms
2922ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/virtual_blank_financial_disaster.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: d0d3cac138e83e7f94ab11cedc2836c0096bed2bf073ad03b064450220da7e74

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:26 GMT
last-modified: Mon, 19 Oct 2020 16:51:05 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "13129-5b208eb93fb49"
content-length: 78121
content-type: image/png

GET
H2 200 virtual_blank_international_spy.png
a.helm.life/holiday-parties/img/sessions/ 69 KB
70 KB 2977ms
2974ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/sessions/virtual_blank_international_spy.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: a1de714e058b1d2db0bff0de995b05ec924d548804a4eb19e1107c5dd7eab323

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:27 GMT
last-modified: Mon, 19 Oct 2020 16:51:05 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "11486-5b208eb94496a"
content-length: 70790
content-type: image/png

GET
H2 200 Global_News.svg
upload.wikimedia.org/wikipedia/commons/d/d1/ 8 KB
4 KB 179ms
144ms Image
image/svg+xml 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/d/d1/Global_News.svg

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

b42ef54c1cff8fc089cc5bc7640c30c5cbddf1c80546b519d9b4e813cd31c271

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 0
x-cache-status: miss
x-cache: cp3061 miss, cp3061 miss
server-timing: cache;desc="miss"
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: mq7nfbu8oeov1idb3i2s87lwdgztwot
last-modified: Mon, 07 Oct 2013 06:58:12 GMT
server: ATS/8.0.8
etag: W/903d693697528984f3989641a1cea1c4
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1381129091.25243
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 New_Bloomberg_Logo.svg
upload.wikimedia.org/wikipedia/commons/5/5d/ 3 KB
1 KB 51ms
15ms Image
image/svg+xml 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/5/5d/New_Bloomberg_Logo.svg

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

f0b47416265be96363b6ad26bf18d1ce6c43892ae16b54a816d3376568939c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 17:52:44 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 9521
x-cache-status: hit-local
x-cache: cp3051 hit, cp3061 miss
server-timing: cache;desc="hit-local"
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: lgxtk02gf22wekv9ya7dj6ucrcf46xw
last-modified: Sat, 06 May 2017 04:39:37 GMT
server: ATS/8.0.8
etag: W/dbba445042420230e6a2cd1b401ca9b0
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1494045576.05026
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 Citytv_logo.svg
upload.wikimedia.org/wikipedia/commons/9/9e/ 3 KB
2 KB 50ms
14ms Image
image/svg+xml 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/9/9e/Citytv_logo.svg

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

af7459d3b84edda302330cef10c9e303000fcbb2d2c29cb75ff434fe37aa19e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:02:18 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 1746
x-cache-status: hit-local
x-cache: cp3055 hit, cp3061 miss
server-timing: cache;desc="hit-local"
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: f8htc7weraq3kbe1o7c24qt3s7s7d71
last-modified: Wed, 18 Oct 2017 23:59:38 GMT
server: ATS/8.0.8
etag: W/56e18ab0b2ebfeed3677e3232325e1f4
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/svg+xml
access-control-allow-origin: *
x-timestamp: 1508371177.50442
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 forbes_logo.png
a.helm.life/holiday-parties/img/work/ 15 KB
16 KB 2977ms
2973ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/forbes_logo.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 22a703f8f33b15daa7e14f96655430ec8f3d51f839b2b110260e8882371cf1a0

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:27 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "3cc4-5929d03192cce"
content-length: 15556
content-type: image/png

GET
H2 200 toronto_life_grey.png
a.helm.life/holiday-parties/img/work/ 15 KB
16 KB 2992ms
2988ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/toronto_life_grey.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: ba2ac70946294621032da3fb2dd69323927d5e2fa85b8eafdfd8edec3a131e2b

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:27 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "3c0a-5929d03194c0e"
content-length: 15370
content-type: image/png

GET
H2 200 the_star_logo.png
a.helm.life/holiday-parties/img/work/ 12 KB
13 KB 4285ms
4281ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/the_star_logo.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 3be9f266fe9e111a4dd8bbd047dfcbb937b9265a4e583ae2721253a399279dbd

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "303e-5929d03194c0e"
content-length: 12350
content-type: image/png

GET
H2 200 dd_logo.png
a.helm.life/holiday-parties/img/work/ 28 KB
28 KB 4286ms
4282ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/dd_logo.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 96a97363dca8913b012db9864a55d2260947348bd73d015f0277642731679455

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "6e9e-5929d03192cce"
content-length: 28318
content-type: image/png

GET
H2 200 citizen_logo.png
a.helm.life/holiday-parties/img/work/ 24 KB
24 KB 4297ms
4293ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/citizen_logo.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 6a858d6b3ec63d818bfc24ad4b19dc376adc21935c8b40cad8e7c389686931e3

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "5ea1-5929d03192cce"
content-length: 24225
content-type: image/png

GET
H2 200 globe.png
a.helm.life/holiday-parties/img/work/ 26 KB
27 KB 4283ms
4279ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/globe.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 3e92c54107cc048338506149177e318ce036e81cda7c4c4532772172fee7fb69

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "6862-5929d03192cce"
content-length: 26722
content-type: image/png

GET
H2 200 telus_smb_challenge.png
a.helm.life/holiday-parties/img/work/ 37 KB
38 KB 4287ms
4283ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/telus_smb_challenge.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 557013fc9a5d0796a8b40b75a75bd6e490846eb6e74587b80e58df34bf5b04e2

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "9444-5929d03194c0e"
content-length: 37956
content-type: image/png

GET
H2 200 cbc_logo.png
a.helm.life/holiday-parties/img/work/ 17 KB
17 KB 4284ms
4281ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/work/cbc_logo.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 416028af263067fb45e4537d070788b00a59220487057091a16d76b1a0a2fa0e

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Sun, 15 Sep 2019 20:05:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "433b-5929d03192cce"
content-length: 17211
content-type: image/png

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 16ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293599
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 27277
cf-request-id: 069866e60d00001f4df3a8f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: "5eb03ec4-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MhJ0OslE4NF5O3Bn7ShejfQBHUU6wtHVATCgceF%2FQ6yXGPuEmN%2BqIByr6XaBDI9WCxEOdCwt8m9eamtOXsHpDZBNTOv5igQR5%2F%2Bhqysj9ReRFTsjJtQhWx3yH72Tki0Axw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501ae91f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 19ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293596
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 6714
cf-request-id: 069866e60d00001f4dd9b01000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
etag: "5eb03ffc-619d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iHvFBPlmh9BFUn3nRH5GKEq8DEjraNCyIoUOxGOFuGJvPpdFXeSVG%2Fpzxi6krT7TxABlQ%2BrkuZNEgqfItcaQdlDsdaqpCGHqCXKGl0f6Prw2%2BPB00iKGjaWXzthd6uAgog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501aea1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/ 49 KB
13 KB 14ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293585
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 12230
cf-request-id: 069866e60e00001f4de6844000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
etag: "5eb04010-c5f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82sIOqJPkqkHjfF5i2f54dWW3lHqwQSz9HdZw%2FWzvd%2BQ6%2FulJEAvrueZzZZoPOvbIzIixquO%2Fld3GkLITkumBeHAuJF1PaoBw8zoOH9lGzYYfGFEy4LAwSSlPY9ZgRiIhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501aec1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.4/ 34 KB
9 KB 13ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.4/isotope.pkgd.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293562
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 8852
cf-request-id: 069866e60e00001f4dcf917000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-89f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RZwjTEnHzmQWHjOYkWz%2B7%2Ba1LONEsLQYFTB5KgW2gAr6nwauCLiM7KKdLZOy91tqbyi6Kn06sSk1fhOfyH7GuFLa2K%2FMuAC4JrtVc06OilkP6Ql%2B67A3xMHtgBdPpBHihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501aed1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 imagesloaded.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.3/ 4 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.3/imagesloaded.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96aaaa52a09f732bf412087a74fc996f527a730cd2d62eb9630483a179beaac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293579
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 1260
cf-request-id: 069866e61200001f4daa015000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-1157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zBsp8NXwRPNj9FhwiuZwjeTJP31nkML9Erppx21lp2HC2k5ODSFYmxGquqQbVViRHW7OkZA7exG1%2BdPFMWHk9bn6ucW%2BRKbYhtU5VG%2BfLz%2B2HTH3ppyinJ1Pvj6g%2FS2dIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501aee1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 jquery.scrollTo.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.2/ 2 KB
1 KB 15ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.2/jquery.scrollTo.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293594
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 1162
cf-request-id: 069866e60e00001f4de9b4d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-98f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2B3mIXRgNRi1rMQ6%2B1H3Re465KD%2F0srh3tEfII8AjkpydBPiJz5ae2FTwey8XQwSQveB4j6evmR0g8kXTrUPU8ByCYBLQZTL4Mfa4IG7yCfFyE%2Fgi2CPRMcyD6I0rsnKOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501aef1f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 jquery.nav.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-one-page-nav/3.0.0/ 2 KB
1 KB 17ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-one-page-nav/3.0.0/jquery.nav.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb22aade2f8cbfc096c09da285e2cd541e5f256b3a0890090c8a043eb6d4b147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293531
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 874
cf-request-id: 069866e60e00001f4dcd28b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vRN4Z8es6vvkm1P4%2Byd3TQz2QqodwIweW2yDTPM8LXWr%2FlOx8Fzx%2BoRqiRLcKCyjhxBHzCxJOO%2FITz6IwZwbvylLUxZwJOxmxmncPe%2FVEGP%2BlrPEw%2FF9qhyPOVLNufG79g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501af11f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 jquery.appear.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.appear/0.3.3/ 865 B
736 B 17ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.appear/0.3.3/jquery.appear.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5636dc6e0365d1aee575140d3e19a41295b41b10879ebe76a46564563a677d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293592
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 414
cf-request-id: 069866e60f00001f4d9194f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0lwqxROXVMWjRIWdNV3cjcuCP7iIuaZV%2FbR31CWVZH7iRrcHiBYCVOsAxsXoUhkVOw0EBuvAneP8dX2fvDHZbzPyz%2FZ4Irey5qOblIA6RbV0p%2Be8oQWmiRZy4CPV3I9o7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501af21f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 venobox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/ 10 KB
3 KB 90ms
89ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/venobox.min.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc8ab51796237ffaf77fe0d6f9a68d0d9653f396fb740f925ed3a778390f6457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292951
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 3052
cf-request-id: 069866e60f00001f4dbd91f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
etag: "5eb0401a-263a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bhhcXKv7vzpWz6yLXCfIBEYKtWqFnzriVc%2FsRBd%2FCN7BpNOs9LrAOBuSLsXGfqXefDc5eY6Y9VnTrQZMSbKghITbR7J0MXFSwt7kKwhASv%2F1bB%2BQYLpBe4KERbg6Bq5O5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7501af31f4d-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 script.js Show response
a.helm.life/holiday-parties/js/ 3 KB
3 KB 4284ms
4283ms Script
text/javascript 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.helm.life/holiday-parties/js/script.js?v=1.0
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 247cbd411c06a43d997e83209d3e56322e57541be449ab69538fd1da3f88e2cc

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Mon, 19 Oct 2020 16:51:05 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "b4b-5b208eb96d9b3"
content-length: 2891
content-type: text/javascript

GET
H3-Q050 200 css
fonts.googleapis.com/ 711 B
779 B 36ms
21ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Doppio+One

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/css/style.css?v1.4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86e2117a2ca75be53eea5956ad06c4b44f74ca36e9e9c1ad8fd8490ebe5d0605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.helm.life/holiday-parties/css/style.css?v1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 20:31:24 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 23 Nov 2020 20:31:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 23 Nov 2020 20:31:24 GMT

GET
H2 200 holiday-hero-3.png
a.helm.life/holiday-parties/img/cover/ 5 MB
5 MB 4229ms
4228ms Image
image/png 54.148.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.helm.life/holiday-parties/img/cover/holiday-hero-3.png
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/css/style.css?v1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.202.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-202-27.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 2d32e8493b9c21af95b6d266dc9c2b312b583d8f324a03689e12ae07d8393778

Request headers

Referer: https://a.helm.life/holiday-parties/css/style.css?v1.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:28 GMT
last-modified: Mon, 02 Nov 2020 19:01:21 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
accept-ranges: bytes
etag: "51e577-5b3245f39e08f"
content-length: 5367159
content-type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://a.helm.life
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:33:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 7088
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Tue, 23 Nov 2021 18:33:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://a.helm.life
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 00:50:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:08 GMT
server: sffe
age: 589232
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13224
x-xss-protection: 0
expires: Wed, 17 Nov 2021 00:50:52 GMT

GET
H2 200 Gg8wN5gSaBfyBw2MqCh-pgwrKUhd9Fk.woff2
fonts.gstatic.com/s/doppioone/v8/ 12 KB
12 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/doppioone/v8/Gg8wN5gSaBfyBw2MqCh-pgwrKUhd9Fk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Doppio+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bddc00a61f91de5f533a5a565d1fb1aec6fea39cb519362034fe13a8fb16179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://a.helm.life
Referer: https://fonts.googleapis.com/css?family=Doppio+One
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 22:34:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 19:42:58 GMT
server: sffe
age: 165424
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11848
x-xss-protection: 0
expires: Sun, 21 Nov 2021 22:34:20 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 40ms
27ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Origin: https://a.helm.life
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293597
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 77160
cf-request-id: 069866e660000097045132e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ur%2BOJqt1%2FouplFpI0BRL%2BHDT%2Fs%2FYaRerpJ9kve4O2eF7UoMroqYvK0NsWKl6UNjRqBO4Wz6DgZoAyRQUxdzvRV1PgsQ9cMjraYybd2dScdfbnzKua4kPXs9YM4FP5UFitA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f6da7509f039704-FRA
expires: Sat, 13 Nov 2021 20:31:24 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 137ms
136ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-solid-900.woff2
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d

Request headers

Origin: https://a.helm.life
Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80284
cf-request-id: 069866e6dc00001f2d4400a000000001
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "5bc7518675e40f7be7ce3704db73b1c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLhlnm8sifwAjMN7rUnxydJDFl0GZ%2FqpTBKiIPQcrGC0rgP5h5sguBDhqFmUqv1ZFN9w3cJEDQc8IGteETOxipBGs%2FA4zx9MYUaMXQstc1%2Bm%2BrzroqTyobSz2Z9v3nqQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 5f6da7515ddd1f2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sSWh_bxr5TRbH09XAyrkLD1xIYSXxS23ZK_TSCX5IKKrgD8gdgU8cw==

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 53ms
53ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-brands-400.woff2
Requested by: Host: a.helm.life
URL: https://a.helm.life/holiday-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9f8f6016e85df96481c714a732c64f3b82281c46a5a6f4044a4a62d8276078

Request headers

Origin: https://a.helm.life
Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:31:24 GMT
via: 1.1 8822a8093b840a9d17780dab53d8eee1.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 78524
cf-request-id: 069866e6e200001f2d2122e000000001
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "9875115c0a4706e6431b8ddc45afd3c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c27vZhkJjzkf58PLDbqueRMcFXMpm78EesQsRriAxwxskXWucnJ%2B30Eh1BR3F2%2FIpoj%2B3ZO%2F8ZwKt5KOxfNbJTdjA6yr48laqgM3Qndprb%2FTicUQbYrNGnX2ojHU%2FxSQwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 5f6da7516ded1f2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -s6YL6F1MT2QspQSc7xjeLg3Ra45Jt5PV6P5Tg7g3SR7SK7w7yzkBw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.helm.life
URL: https://a.helm.life/holiday-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2524
date: Mon, 23 Nov 2020 19:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 23 Nov 2020 21:49:24 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=926555623&t=pageview&_s=1&dl=https%3A%2F%2Fa.helm.life%2Fholiday-parties%2F&ul=en-us&de=UTF-8&dt=HELM%20Life%20-%20Virtual%20Holiday%20Parties!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=264973552&gjid=1271415014&cid=28160069.1606163488&tid=UA-47217208-4&_gid=1158141029.1606163488&_r=1&_slc=1&z=1947522300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://a.helm.life/holiday-parties/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 20:31:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://a.helm.life
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a.helm.life/	1970-01-19 14:09:23	Name: _gat Value: 1
.a.helm.life/	1970-01-19 14:10:49	Name: _gid Value: GA1.3.1158141029.1606163488
a.helm.life/	1970-01-19 14:19:28	Name: AWSALBCORS Value: 42rov+yUThL8VME4uVQKvQUJzpkH6FEbcdI6+9ECFtHtYz+QIgpSpQc7OzCgj73TM7dFiFMlDqIa9fq6Mr3IXhL5gC5hSLYQha3lq4UYc7TZZBzw5fgdGwtAVGtL
.a.helm.life/	1970-01-20 07:40:35	Name: _ga Value: GA1.3.28160069.1606163488
a.helm.life/	1970-01-19 14:19:28	Name: AWSALB Value: 42rov+yUThL8VME4uVQKvQUJzpkH6FEbcdI6+9ECFtHtYz+QIgpSpQc7OzCgj73TM7dFiFMlDqIa9fq6Mr3IXhL5gC5hSLYQha3lq4UYc7TZZBzw5fgdGwtAVGtL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.helm.life
babysitter.weneeddatenight.com
cdnjs.cloudflare.com
eventtracking.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
t.sidekickopen80.com
upload.wikimedia.org
www.google-analytics.com
www.youtube.com
2606:4700::6810:135e
2606:4700::6812:1734
2606:4700::6812:9c2
2606:4700::6813:9b53
2606:4700:e6::ac40:ca1c
2620:0:862:ed1a::2:b
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::200e
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
54.148.202.27
54.201.16.89
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
04d5d22713d5e139682dda9123e5f1e55b26308a6582a2ab469b62f07a9acc60
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
212eadc620387208b74b6703bafdf86e90c3fef9f27ec7a164da1f5322a1a04b
22a703f8f33b15daa7e14f96655430ec8f3d51f839b2b110260e8882371cf1a0
247cbd411c06a43d997e83209d3e56322e57541be449ab69538fd1da3f88e2cc
29dfa93cf14e116cddbf5935bc0fe272412f993526632259978f56e9bd47be2e
2d32e8493b9c21af95b6d266dc9c2b312b583d8f324a03689e12ae07d8393778
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3a1ff564dc73e52dd4bccd796063e1387b9f090d34923c1113178cd12603283f
3bddc00a61f91de5f533a5a565d1fb1aec6fea39cb519362034fe13a8fb16179
3be9f266fe9e111a4dd8bbd047dfcbb937b9265a4e583ae2721253a399279dbd
3e92c54107cc048338506149177e318ce036e81cda7c4c4532772172fee7fb69
416028af263067fb45e4537d070788b00a59220487057091a16d76b1a0a2fa0e
49313123ccc9a86d7e9b2ce3cc66b1a3c75a640fa26628e9d3a1c272d4ed0280
4b62219687d12979790f609f91b193b7eb9ff43354d2d8cf3232264de081ea40
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
557013fc9a5d0796a8b40b75a75bd6e490846eb6e74587b80e58df34bf5b04e2
5636dc6e0365d1aee575140d3e19a41295b41b10879ebe76a46564563a677d23
5a9f8f6016e85df96481c714a732c64f3b82281c46a5a6f4044a4a62d8276078
5feac257336e613d3099856c5aff8ec2949770678c0d409d1cd3c862ff82e953
668f42e0d474e55967b3175602a720703b6bbcda1f00d9897aad830269956938
6a858d6b3ec63d818bfc24ad4b19dc376adc21935c8b40cad8e7c389686931e3
7654efcc08795d3f93933cb612beab97edd12724656f493358a07efe7a8a7dd5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a88acd5ceeb704906223af6ad424d54a8aadc2760aeac3005bcde3668b8f4c
7a7434dee70a77f2e4609a7c51edf7963c9d7f3a937006746ff1c206909bd2f1
7cf545ee3de5e8d3e1ab8072970b81c2a627697211587e8c834b8e39a160ba91
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
86e2117a2ca75be53eea5956ad06c4b44f74ca36e9e9c1ad8fd8490ebe5d0605
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
96a97363dca8913b012db9864a55d2260947348bd73d015f0277642731679455
96aaaa52a09f732bf412087a74fc996f527a730cd2d62eb9630483a179beaac3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1de714e058b1d2db0bff0de995b05ec924d548804a4eb19e1107c5dd7eab323
af7459d3b84edda302330cef10c9e303000fcbb2d2c29cb75ff434fe37aa19e2
b42ef54c1cff8fc089cc5bc7640c30c5cbddf1c80546b519d9b4e813cd31c271
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b
b7f47f8fe0dc45118862b94c1fbee1600d8b70ebfbc5f14e7013bb4e7362d08f
ba2ac70946294621032da3fb2dd69323927d5e2fa85b8eafdfd8edec3a131e2b
bb22aade2f8cbfc096c09da285e2cd541e5f256b3a0890090c8a043eb6d4b147
bc8ab51796237ffaf77fe0d6f9a68d0d9653f396fb740f925ed3a778390f6457
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
d0d3cac138e83e7f94ab11cedc2836c0096bed2bf073ad03b064450220da7e74
d14bb24efc326eb5054bfa4fd6340ce8f7b622a8a3327d4ed413b3f5fb35591b
d64ab6d3b315e69d12f53b3a5a4edae17a34ad7aad80ed4375e4c13414a8072a
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e283470991caf05010dfd55fa9ac5f2d00c4c5e3281f5af45521440495ea724d
e4242a8f4a281f25abd5e7e317c57641b3c94858e1316b968876a56299dae340
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd
f0b47416265be96363b6ad26bf18d1ce6c43892ae16b54a816d3376568939c2e
f4f00816cba425a15af1023b5fdb83da58074bc5c29c608254789f59db7da65a
f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fe3b6ec8ba3bb68ebc771b1315f54704bb4bac2006c7ac6a789670f049f94648

a.helm.life Open in urlscan Pro 54.148.202.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

85 %IPv6

11 Domains

12 Subdomains

11 IPs

2 Countries

10238 kBTransfer

10676 kBSize

5 Cookies

15 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a.helm.life Open in urlscan Pro
54.148.202.27 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

10238 kB
Transfer

10676 kB
Size

5
Cookies

62 HTTP transactions
0 data transactions