Submitted URL: http://qa.helixintel.com/?wp-start-ver
Effective URL: https://qa.helixintel.com/?wp-start-ver
Submission: On February 12 via api from DE — Scanned from DE

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 63 HTTP transactions. The main IP is 18.165.183.31, located in United States and belongs to AMAZON-02, US. The main domain is qa.helixintel.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 12th 2024. Valid for: a year.
This is the only time qa.helixintel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.165.183.52 16509 (AMAZON-02)
10 18.165.183.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
3 99.86.4.122 16509 (AMAZON-02)
3 2a04:4e42:200... 54113 (FASTLY)
8 104.18.70.113 13335 (CLOUDFLAR...)
5 104.16.51.111 13335 (CLOUDFLAR...)
6 44.198.88.101 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
3 2600:1f18:24e... 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 34.214.18.208 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
63 16
Apex Domain
Subdomains
Transfer
17 helixintel.com
qa.helixintel.com
qa-api.helixintel.com
17 MB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2151
ekr.zdassets.com — Cisco Umbrella Rank: 2439
213 KB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1172
q.stripe.com — Cisco Umbrella Rank: 7036
m.stripe.com — Cisco Umbrella Rank: 1150
151 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
448 KB
5 zendesk.com
helixintel.zendesk.com
1 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1431
ka-p.fontawesome.com — Cisco Umbrella Rank: 3198
65 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
36 KB
3 browser-intake-datadoghq.com
browser-intake-datadoghq.com — Cisco Umbrella Rank: 914
1 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4524
135 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1245
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
63 11
Domain Requested by
11 qa.helixintel.com 1 redirects qa.helixintel.com
helix-web
7 static.zdassets.com qa.helixintel.com
static.zdassets.com
6 qa-api.helixintel.com helix-web
5 helixintel.zendesk.com static.zdassets.com
4 www.google.com helix-web
www.gstatic.com
www.google.com
3 www.gstatic.com www.google.com
3 browser-intake-datadoghq.com helix-web
3 q.stripe.com qa.helixintel.com
3 ka-p.fontawesome.com kit.fontawesome.com
3 fast.appcues.com qa.helixintel.com
fast.appcues.com
3 js.stripe.com qa.helixintel.com
js.stripe.com
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com fonts.googleapis.com
2 kit.fontawesome.com qa.helixintel.com
kit.fontawesome.com
1 ekr.zdassets.com static.zdassets.com
1 fonts.googleapis.com qa.helixintel.com
63 17

This site contains links to these domains. Also see Links.

Domain
helixintel.com
www.facebook.com
twitter.com
www.linkedin.com
instagram.com
Subject Issuer Validity Valid
*.qa.helixintel.com
Amazon RSA 2048 M02
2024-02-12 -
2025-03-12
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-04 -
2025-01-03
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-05 -
2024-09-05
a year crt.sh
zdassets.com
E1
2024-01-04 -
2024-04-03
3 months crt.sh
helixintel.zendesk.com
Cloudflare Inc ECC CA-3
2023-04-16 -
2024-04-15
a year crt.sh
qa-api.helixintel.com
Amazon RSA 2048 M02
2023-10-21 -
2024-11-18
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-12-20 -
2024-03-21
3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-17 -
2024-06-18
a year crt.sh
www.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-22 -
2024-03-21
3 months crt.sh
*.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh

This page contains 5 frames:

Primary Page: https://qa.helixintel.com/?wp-start-ver
Frame ID: 1674933EA9284ED3033E19F2F6922954
Requests: 35 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Frame ID: 23C50D1E36C9B0A4633CDCB98BD6152B
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 26642F1478F6E9916FAA3F20A5EE3D60
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 48655D6AFFF8EE7AD2F2E231C2AF2A04
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
Frame ID: B6B607D08D8351A2D2222F6B4CB6FFE5
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Login | HELIXintel

Page URL History Show full URLs

  1. http://qa.helixintel.com/?wp-start-ver HTTP 301
    https://qa.helixintel.com/?wp-start-ver Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

95 %
HTTPS

50 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

18359 kB
Transfer

25855 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qa.helixintel.com/?wp-start-ver HTTP 301
    https://qa.helixintel.com/?wp-start-ver Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
qa.helixintel.com/
Redirect Chain
  • http://qa.helixintel.com/?wp-start-ver
  • https://qa.helixintel.com/?wp-start-ver
3 KB
1 KB
Document
General
Full URL
https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
492de6622e6f7a7b9ce910c104f9259a55dcc8c9661c8e7beedc79592a3db9ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html
date
Mon, 12 Feb 2024 17:42:20 GMT
etag
W/"8e9aa758b8d63b9228891ca20c79098a"
last-modified
Mon, 12 Feb 2024 16:12:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
x-amz-cf-id
IGdkI5jqhTgi1draCSRrjEp3en3Dl1dOQ6zo5c1e6rJg_lRvqomj8w==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 12 Feb 2024 17:42:19 GMT
Location
https://qa.helixintel.com/?wp-start-ver
Server
CloudFront
Via
1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
W6ht_-Xe9BWLrpcDse2ubwdgb26zgmJrbK5GwzcoxLuPz1T9sD5xVw==
X-Amz-Cf-Pop
ZRH55-P1
X-Cache
Redirect from cloudfront
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Feb 2024 17:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 17:27:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Feb 2024 17:42:19 GMT
3a4e9960d4.js
kit.fontawesome.com/
12 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/3a4e9960d4.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00eb970a8f20199622f9dd04c29031c5ef4fc1b3a1259eb725c60e4dad4b0e94

Request headers

Referer
https://qa.helixintel.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8546a0a57f024d59-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F7MpNMxbbmjzJea_fmti
/
js.stripe.com/v3/
592 KB
146 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:06 GMT
content-encoding
br
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
13
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 09 Feb 2024 21:38:10 GMT
server
Cloudfront
etag
W/"5b7820a46133cf63de46954bbcb7c5cb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
sVqmzGeg4DlA1t0MFCrXYLeNR3dlIbZothO5vH0XMfuKYuVEBi70Cg==
106194.js
fast.appcues.com/
20 KB
5 KB
Script
General
Full URL
https://fast.appcues.com/106194.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4541e4e57cb11ecc2274fbb169084da1c10661b3de2a5593bb472de5d3f24e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:19 GMT
content-encoding
gzip
via
1.1 varnish
age
42
x-cache
HIT
content-length
4869
x-request-id
F7MuZY306-wzeWevshYh
x-served-by
cache-sof1510024-SOF
server
Cowboy
x-timer
S1707759740.829241,VS0,VE1
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=94eb0997-a41b-4d0d-b48b-fe47253c2529
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:19 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FP55XB5VFRXR2JJV
age
22
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Bb/sLb3GNygsC2XL8RUYzNHCDmFtTSK9Wp9i9Q7fP2A7lgbVVDGHyXL9Rv1DCP3ZNWR4nJjWZUcfj/t+UuCPtg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55ta%2FuubESJ07JsGejjYOUxZPRM%2FocLySGAli3kIH4Hic6dDomsoq9VKwbiUDOlymv9WKOAQ1zgP3Lt%2BJiB4f1oiL2iZuBlVFa5SvsuraYSVEpRHTipwktfJDwWmLE1Wt6A7umQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8546a0a59c17fbc6-WAW
access-control-allow-headers
*
chunk-vendors.js
qa.helixintel.com/js/
17 MB
17 MB
Script
General
Full URL
https://qa.helixintel.com/js/chunk-vendors.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c330cc8aa69280b31002b737651fb2cada87166c5325afdc7bdd2bb4e45ffed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:44 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
"243f8074e86a0a430724b52f9e2346d1-3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
content-length
17387889
x-amz-cf-id
c3Rla2GSGDdcBXrmbuSuoOICKbb7vGBtM_uvgNJUbTIzGlAC5LFopA==
app.js
qa.helixintel.com/js/
3 MB
235 KB
Script
General
Full URL
https://qa.helixintel.com/js/app.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c25662f5f166f0e714f86422f6afbe1f27f48e41e2129ce9d6927d7d903647f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
content-encoding
br
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:44 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
W/"aa22978492c892d4862e9c5b8b85f87e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
ZMupsNDNC4X7Aji-Ms-CXXijkzqOKnO48KZqLghvg8jV6bu6ExrOcw==
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
315 KB
53 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=3a4e9960d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3a4e9960d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
5750
etag
"610ae215-d3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8546a0a8dbf04d59-FRA
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
26 KB
4 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=3a4e9960d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3a4e9960d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
5750
etag
"610ae215-1062"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8546a0a8dbf34d59-FRA
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/
27 KB
3 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=3a4e9960d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3a4e9960d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
5750
etag
"610ae215-a2b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8546a0a8dbf24d59-FRA
content-length
2603
kit-upload.css
kit.fontawesome.com/3a4e9960d4/8408346/
0
140 B
Fetch
General
Full URL
https://kit.fontawesome.com/3a4e9960d4/8408346/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3a4e9960d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
cf-cache-status
HIT
age
5750
content-length
0
x-request-id
F7MpNNTLCjPRBb2_fnNC
server
cloudflare
etag
54af53b207eef226d6511e0a88e3038e
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges
bytes
cf-ray
8546a0a8dbed4d59-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
appcues.main.bd7dced9f5a1c31b089fe6dee12729a80eddff4e.js
fast.appcues.com/generic/main/4.60.74/
450 KB
128 KB
Script
General
Full URL
https://fast.appcues.com/generic/main/4.60.74/appcues.main.bd7dced9f5a1c31b089fe6dee12729a80eddff4e.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/106194.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abda9e95eaef9d5449398fb0f5777d6c1dada148f3f530b31872c0f0a566184a

Request headers

Referer
https://qa.helixintel.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
NBAGJAAD6NVCQWND
age
869123
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
129996
x-amz-id-2
PkjRkh5iOs3s4nBKDZcpZiyGSItcdGlf7/R3SZn1/jI5K5WWhMRMdkWY9ontSAdIs+1bg8aTe97ObsWxFFtpMA==
x-served-by
cache-sof1510032-SOF
last-modified
Fri, 02 Feb 2024 15:37:12 GMT
server
AmazonS3
x-timer
S1707759741.872393,VS0,VE0
etag
"dacf86d7049da5d0743269bb74650792"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
94434
94eb0997-a41b-4d0d-b48b-fe47253c2529
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/94eb0997-a41b-4d0d-b48b-fe47253c2529
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=94eb0997-a41b-4d0d-b48b-fe47253c2529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7ac626cdbd8f2085c19e79754b35ca160d1bf302368e9d9a5eb6dd6704c561
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
43
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8543138befa83c00-SEA, 8543138befa83c00-SEA
x-runtime
0.004479
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fb7ac626cdbd8f2085c19e79754b35ca"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvbuAK58sN1K4vvRsHC13hG%2FGv8SZZj8wdNexQ1Jx9eSf%2BZmZIZW5E%2B4iSLaClBBorAoB8u8AkGdr12fnSEGEXj6%2FTtmnDzXtVfLsUVI2gOif5uoUUlmE0lYpj7bzJ4gJpo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8546a0a9be1870bf-WAW
web-widget-main-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23C5
426 KB
137 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=94eb0997-a41b-4d0d-b48b-fe47253c2529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
NNS74CRvslANYzFbdSZpAHMXLdB5wZUC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V4BBD2DK0CGF60
age
44880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
H0Ws5wo1tJe8yX9pvW+6jDfNeKDEuI0uiLYsIkD7aWVZXpQhXemj/ny0DQqceKxo7twc8zJE5Fw=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"c41d27ff2113f7e3712955c66c6955e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4R9SYpia8fprrPn2wutol8123OCXaALM1DZ1Jx6PQ4xC2IdL8yDcZ0NMOSLIQpY2%2BCOxNSo4T88FTEYC3vC1JsLP0e6r54QjHkaoPLS4AF2prRTxCWV1ClexmrjYANKpWeGNno%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0aa2bc7fbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:38 GMT
en-us-json-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 23C5
17 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
0Hw4clCIIhZEWLdGpvxII_jTVUODtVUb
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2VFJBXV7HEQRB2F
age
44858
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
FDMXzGuEUamL+GNXwuvdKXqR7jTFgzExJC6qyAdHhrpMdvBGKq984WmHum6QCCUeA5p+FfCMmpI=
last-modified
Thu, 08 Feb 2024 08:29:40 GMT
server
cloudflare
etag
W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiRB1YCVKG6lR6Tax0DO4fYiGtso3tY3QCLSqMkn7mUEIpTckXWvx0l6bu%2BfPK14i6rAoYvw6BLcyOiGtF0uwCgpMNryXdX945ATvU6UPt%2FL0P0e8X5TOhSwDVNBXJ1Gdx1Divw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0ab6e04fbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:39 GMT
web-widget-4852-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23C5
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
VpeJ4ZrAbfClFkk8QBOEwZEjMhUkNJI0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V7HPGSQ4H4FZXG
age
44880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UOGPPTydRIhPlvGwkdwZsKaU1JlczFCqc1oiAmjO1emLufuYdEzdAIbhzvfvKWEbyuHbt2TSbig=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLLDdoYVSRkQMpB%2FAbn6%2F3TKGzQjGBeo8XinFqCdJ91iFniIYUfxWvh5Ab4gzokDW%2FYVJGGD6PNdtERATB3uFjhrSLTfXCamEe4suGjqG9m0uAUU4PdaLhutqyLjhoQHfRDNKGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0ab6e06fbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-1327-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23C5
18 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
IR122uws0ha39p.h7rBxpzxTmOQD7EnC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V2BB27MQ99QJE1
age
44880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
jssM+jhxEfc5syInYxGFMFlSUqmCEKFRSUAjB199KGgIx12gFzm94Z2KM9cK9cBPaKXvGQhGiUY=
last-modified
Thu, 08 Feb 2024 08:29:38 GMT
server
cloudflare
etag
W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp7Dh9ZU4xTD68lMM8atU28nxqTK8veKXRGZHsfJCj7qp5nl%2BN%2FGbuLuxvKAf1749M%2BRe2WjZQpa2jMv3uAzaM5UwXvtKtCbZVPrvjWxt6uBD1mO5etOcZvL96INn2jNb3zUIUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0ab6e08fbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-5178-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23C5
24 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
vvYKpwLde8nzMpq_pV1TQEnoumEiREgn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V3R29JZ4NXM4QS
age
44880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
5uNSb5WmI/2Gy89iHwn3hWQ657TLaWi0pI3eV+NYONJsCJTOw7mclGoYhU+CgDa0LQ75/folzuM=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"931f719f7fd052e7e871e3892529881f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz3NbKApNPNLmqd9iGIdi%2BBSUffJtBmFtqDa20ab2C7wwLgzhVC7PJLtF%2BNemzca1lhWZdtWhHcPOp1oIREuXcah8iiJ8wmfR2E%2B1KS2Q6po3PuFdviAYZ4StqDgw51JVLUcIwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0ab6e0afbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:37 GMT
web-widget-9535-e46caa3.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23C5
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-e46caa3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
x-amz-version-id
IYiVv12Uq6RiRTB17pxmzNq4a6Xbh.BI
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q2V9JEM3EHSJZ265
age
44880
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Y/Yne6/K0dO5cVi9+z1CrbmxhpZcb0l27BBpR+7p3YVQ04+HIjBbyo6B2nA68Wq+/hKn38562/k=
last-modified
Thu, 08 Feb 2024 08:29:39 GMT
server
cloudflare
etag
W/"3807a835073a7f537f2d2f554ad605ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fsg7ZdZ7v%2FAT%2FLsZ8wWe2VCwVyLxHbLh67Lt1kGStHnYkHOZtwk2Mr%2BbV4TG19SKL1syWnhjR9A0kZuLJ4WnfC6ZQ8k8lF9XAFEFRHSchUMtGLPA2DLTJGM7lowLXTKpBH0j3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8546a0ab6e0dfbc6-WAW
access-control-allow-headers
*
expires
Fri, 07 Feb 2025 08:29:38 GMT
pv
helixintel.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://helixintel.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://qa.helixintel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8546a0acd903162a-WAW
date
Mon, 12 Feb 2024 17:42:21 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gikg4WiQ%2Bmr%2B9YITh0vniwYf77uGmkVEqx9jvgXTUkStF%2FMzFIA8vzniXXcyucEBKCa78WM7IrH9DeLdVnC%2BsFW6DP9bit4N%2FFk%2Brl%2BAty3t1UrAPzetnclomF6mrDx8pSF3EehryHM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8546a0acd903162a-WAW
x-zendesk-zorg
yes
pv
helixintel.zendesk.com/frontendevents/ Frame 23C5
0
0
Fetch
General
Full URL
https://helixintel.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIr6fnP2k01%2FAx7%2Bv%2FqMTdzv%2BZVrC5kr%2FxqzLIJqkv96miiYpLVBp12POOSjT7EVhNcZRi9N376mQ5rm5PZqylEroKgatnO71y0u8IfH08ihCrJxH5Db6t9Iw03mxn4air3WKSbTThs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8546a0ae8ae2162a-WAW
content-length
0
x-request-id
8546a0ae8ae2162a-WAW
config
helixintel.zendesk.com/embeddable/ Frame 23C5
742 B
1 KB
Fetch
General
Full URL
https://helixintel.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf18d0f087505c41f8c1eec8fc27c26e049e8619d9d791df1be990b1106ee2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42
x-zendesk-origin-server
embeddable-app-server-777f9484f4-95npn
x-cached
MISS
x-request-id
85469fa28becbf44-WAW
x-runtime
0.001987
last-modified
Mon, 12 Feb 2024 17:41:38 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iaS94PFDGEWX3szH9RI5bn6CA8crfrnB%2FrSVdyJ3BOOwNEIInKjUCRgSPOaG1%2BhVxIXp8SKveY627YMqjxN7Tew0GG8%2FRo9X29hT1S56wCQgPfCUuqTCa6qoPVosdP43EO4RD6w9lY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8546a0acd902162a-WAW
/
qa-api.helixintel.com/dynamic_config_variables/ Frame
0
0
Preflight
General
Full URL
https://qa-api.helixintel.com/dynamic_config_variables/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,helix-timezone
Access-Control-Request-Method
GET
Origin
https://qa.helixintel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, helix-company-id, helix-user-id, filter-affiliate-ids, filter-affiliate-company-ids, helix-correlation-id, helix-pub-sub-session-id, helix-timezone
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 17:42:21 GMT
vary
origin
/
qa-api.helixintel.com/feature_flag_values/ Frame
0
0
Preflight
General
Full URL
https://qa-api.helixintel.com/feature_flag_values/?flags=vendor_hub_v2%2Cpayment_in_advance_manual_complete%2Cequipment_qr_code_pdf%2Csp_dashboard_marketplace_metrics%2Clogin_check_mfa%2Cbusiness_solutions%2Caffiliate_risk_assessment_surveys%2Ccompany_risk_assessment_surveys%2Ctask_notifications_v2%2Cwork_order_management%2Cwork_order_related_items%2Cbulk_update_tasks%2Cbulk_invite_users_to_company%2Carchive_locations%2Cwork_request_reviewers%2Cautomated_workflows%2Csidebar_v2%2Csidebar_v2_eo_rfp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,helix-timezone
Access-Control-Request-Method
GET
Origin
https://qa.helixintel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, helix-company-id, helix-user-id, filter-affiliate-ids, filter-affiliate-company-ids, helix-correlation-id, helix-pub-sub-session-id, helix-timezone
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 17:42:21 GMT
vary
origin
/
qa-api.helixintel.com/feature_flag_values/ Frame
0
0
Preflight
General
Full URL
https://qa-api.helixintel.com/feature_flag_values/?flags=vendor_hub_v2%2Cpayment_in_advance_manual_complete%2Cequipment_qr_code_pdf%2Csp_dashboard_marketplace_metrics%2Clogin_check_mfa%2Cbusiness_solutions%2Caffiliate_risk_assessment_surveys%2Ccompany_risk_assessment_surveys%2Ctask_notifications_v2%2Cwork_order_management%2Cwork_order_related_items%2Cbulk_update_tasks%2Cbulk_invite_users_to_company%2Carchive_locations%2Cwork_request_reviewers%2Cautomated_workflows%2Csidebar_v2%2Csidebar_v2_eo_rfp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,helix-timezone
Access-Control-Request-Method
GET
Origin
https://qa.helixintel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, helix-company-id, helix-user-id, filter-affiliate-ids, filter-affiliate-company-ids, helix-correlation-id, helix-pub-sub-session-id, helix-timezone
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 17:42:21 GMT
vary
origin
version.txt
qa.helixintel.com/
41 B
382 B
XHR
General
Full URL
https://qa.helixintel.com/version.txt?timestamp=1707759741377
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6b37142ec39f9bac27c076ea487b56485623e386889c97f0a0da6fb41850a40

Request headers

Accept
application/json, text/plain, */*
Referer
https://qa.helixintel.com/?wp-start-ver
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:47 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
"eb91a64780bae619bcf1daefa974afba"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/plain
cache-control
max-age=0
content-length
41
x-amz-cf-id
ayolWARygNiJOF-HXIFCDaOXiRfj__1IloCB5Vzlf0967DEC_R13vA==
/
qa-api.helixintel.com/dynamic_config_variables/
420 B
646 B
XHR
General
Full URL
https://qa-api.helixintel.com/dynamic_config_variables/
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash
b79790311c547524ee9a49c68b37207a1ac43eaf214e13a25444b9708c72d563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://qa.helixintel.com/
helix-timezone
Europe/Berlin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
420
/
qa-api.helixintel.com/feature_flag_values/
555 B
781 B
XHR
General
Full URL
https://qa-api.helixintel.com/feature_flag_values/?flags=vendor_hub_v2%2Cpayment_in_advance_manual_complete%2Cequipment_qr_code_pdf%2Csp_dashboard_marketplace_metrics%2Clogin_check_mfa%2Cbusiness_solutions%2Caffiliate_risk_assessment_surveys%2Ccompany_risk_assessment_surveys%2Ctask_notifications_v2%2Cwork_order_management%2Cwork_order_related_items%2Cbulk_update_tasks%2Cbulk_invite_users_to_company%2Carchive_locations%2Cwork_request_reviewers%2Cautomated_workflows%2Csidebar_v2%2Csidebar_v2_eo_rfp
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash
17920ea57db280ac565f4bfc482139037e2be0e97652c569c210d4240fe7273d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://qa.helixintel.com/
helix-timezone
Europe/Berlin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
555
/
qa-api.helixintel.com/feature_flag_values/
555 B
781 B
XHR
General
Full URL
https://qa-api.helixintel.com/feature_flag_values/?flags=vendor_hub_v2%2Cpayment_in_advance_manual_complete%2Cequipment_qr_code_pdf%2Csp_dashboard_marketplace_metrics%2Clogin_check_mfa%2Cbusiness_solutions%2Caffiliate_risk_assessment_surveys%2Ccompany_risk_assessment_surveys%2Ctask_notifications_v2%2Cwork_order_management%2Cwork_order_related_items%2Cbulk_update_tasks%2Cbulk_invite_users_to_company%2Carchive_locations%2Cwork_request_reviewers%2Cautomated_workflows%2Csidebar_v2%2Csidebar_v2_eo_rfp
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.88.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-88-101.compute-1.amazonaws.com
Software
/
Resource Hash
17920ea57db280ac565f4bfc482139037e2be0e97652c569c210d4240fe7273d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://qa.helixintel.com/
helix-timezone
Europe/Berlin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
555
src_views_Home_vue.js
qa.helixintel.com/js/
9 KB
2 KB
Script
General
Full URL
https://qa.helixintel.com/js/src_views_Home_vue.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18bb7d1f996652a0f47ad6d6b65d091c4d37e2fb1cad0e85dbad48839233016e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
br
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:46 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
W/"c88fcb19619a82f974a1d5b6e4e9d793"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
qBZugnhtmhcl5kakrLkMk_NGh4CofpsGFdibSLFXuOMnE7vKSbmvKw==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2664
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.helixintel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3503
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 16:43:59 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 06 Feb 2024 23:12:25 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
WRNB9-or-5dIC3RqHISioFJACH7Sn577ddIVxU14v8BDtH4olbr19A==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 23:49:55 GMT
x-content-type-options
nosniff
age
237146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 23:49:55 GMT
92c83712-4180-44c5-a659-815fef7a9544
https://qa.helixintel.com/
1 MB
0
Other
General
Full URL
blob:https://qa.helixintel.com/92c83712-4180-44c5-a659-815fef7a9544
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
1322663
Content-Type
application/javascript
c2cdd454-e201-4894-a6a3-d65e749fd6c9
https://qa.helixintel.com/
1 MB
0
Other
General
Full URL
blob:https://qa.helixintel.com/c2cdd454-e201-4894-a6a3-d65e749fd6c9
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
1322663
Content-Type
application/javascript
2cbe7576-5e07-4e7b-b2ad-2e87656b8e92
https://qa.helixintel.com/
25 KB
0
Other
General
Full URL
blob:https://qa.helixintel.com/2cbe7576-5e07-4e7b-b2ad-2e87656b8e92
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37f8925899f19859ba81646890bb3c14a84c997664c1d3ad8ab1d28518ef999e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
25813
Content-Type
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 2664
526 B
1017 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 16:46:57 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3325
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Tue, 06 Feb 2024 23:12:23 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7cvyxB6O4dPaDYgairQH3lyHfT9mKljWfjY2mX395Q90Skbgk3WK0A==
container.bd7dced9f5a1c31b089fe6dee12729a80eddff4e.css
fast.appcues.com/generic/main/4.60.74/
16 KB
2 KB
Stylesheet
General
Full URL
https://fast.appcues.com/generic/main/4.60.74/container.bd7dced9f5a1c31b089fe6dee12729a80eddff4e.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.74/appcues.main.bd7dced9f5a1c31b089fe6dee12729a80eddff4e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://qa.helixintel.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:21 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
V0TSPKMPJ412PJ7C
age
869700
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
enkdlzksz6lsoCJN7hGfug5NlapMrwMA4TsD8c3+vo0k8av8EUa8tsZsSsZi1mDoONQ9U2+yEzo=
x-served-by
cache-sof1510032-SOF
last-modified
Fri, 02 Feb 2024 15:37:12 GMT
server
AmazonS3
x-timer
S1707759742.737159,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
23979
csp-report
q.stripe.com/ Frame 2664
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707759742272887
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707759742272330
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2664
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707759742272673
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707759742272292
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
src_components_TaskTimer_vue.js
qa.helixintel.com/js/
27 KB
4 KB
Script
General
Full URL
https://qa.helixintel.com/js/src_components_TaskTimer_vue.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab5a25c36ca19a04b8fc3d31dbf9832f659ee6439b866a890df0e63c925451a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
br
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:45 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
W/"102d1ad83945a060dbd68a082f041910"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
hRtJBunnAAPgu9oz3EEkdHlWukUjjjyaAVfFaEm5TeEg7t9KnImuyQ==
helix-logo-full-white.41f0c696.png
qa.helixintel.com/img/
11 KB
11 KB
Image
General
Full URL
https://qa.helixintel.com/img/helix-logo-full-white.41f0c696.png
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14242666980c87672a5c81b4fe0c7a8f3f1fa4958ef2c472c4525efcf9d8c9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:44 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
"caebbc1e749062d10701409d4446ccb7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=0
content-length
11391
x-amz-cf-id
XW7UJuTx36mCe3bcca5SCZG2EQsLrjYwj2JzBfqEXUDsLoNVqjupzA==
helix-logo-full.8cc9008d.png
qa.helixintel.com/img/
22 KB
22 KB
Image
General
Full URL
https://qa.helixintel.com/img/helix-logo-full.8cc9008d.png
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90cc5679b4a898c0a3c40bb0ca93c32202ff46a256308c7108f9d9b219eb1bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:44 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
"d4e455122d7aa9a465b42568f9694ef7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=0
content-length
22038
x-amz-cf-id
5enhgiiPWH_ZlD3wZCHKjJ7lKhNeQy5WVK-MHkKJkP8-sOlWQZnO3A==
node_modules_vue-recaptcha-v3_dist_ReCaptchaVuePlugin_js.js
qa.helixintel.com/js/
19 KB
4 KB
Script
General
Full URL
https://qa.helixintel.com/js/node_modules_vue-recaptcha-v3_dist_ReCaptchaVuePlugin_js.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbe2246ced8c5a2b78546ec9966162ae502b9bd5ee7daff7a87d477c7e09fcee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
br
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:45 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
W/"0db4506cfc6c5fc19cdf7ed0b181ed50"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
voQUTbMl1_cEDO5WoWLurVdSwBOyTw1Wb05OPnO5QMKORsD3Hp4n5w==
src_views_Login_vue.js
qa.helixintel.com/js/
108 KB
8 KB
Script
General
Full URL
https://qa.helixintel.com/js/src_views_Login_vue.js
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-31.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bb9eafc9783f7f229d9ba6edc30741b6d3031f7041337803cb619cd37a1072a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/?wp-start-ver
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
br
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 16:12:46 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
etag
W/"55ae2fe085607875479e5caa2c6448a2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
ztY6-QEY9qrHyoMMYBBOF4GcJmtjfaM-qB2kuipDwN7pWd8fKECBNg==
inner.html
m.stripe.network/ Frame 4865
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
291
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 17:37:31 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
4-y4NDccdZ8-mVJHrZOVHI98knzjTEYHVMyhsk7ph42Zjc3obqHcPw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 17:56:55 GMT
x-content-type-options
nosniff
age
431126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Feb 2025 17:56:55 GMT
replay
browser-intake-datadoghq.com/api/v2/
53 B
344 B
XHR
General
Full URL
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.6.0%2Capi%3Axhr%2Cenv%3Aqa%2Cservice%3Ahelix-web&dd-api-key=pubbef8a2c8f4edafe5a28569e02cdb6657&dd-evp-origin-version=5.6.0&dd-evp-origin=browser&dd-request-id=b69586f5-ed7b-4b77-844c-aa12286b0b0d
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6e20:cff7:7d31:1ff6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b62f077246e0f22fcbfc02d156e9a81ae19eb6ea55f2409a62b45ed78f1cddd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.helixintel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAkhxaO4UHuUI0ahS

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
b69586f5-ed7b-4b77-844c-aa12286b0b0d
csp-report
q.stripe.com/ Frame 4865
0
491 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: qa.helixintel.com
URL: https://qa.helixintel.com/?wp-start-ver
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707759742272689
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1707759742272389
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 4865
87 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:41:53 GMT
content-encoding
br
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
29
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
wk3XP0-bj_S-bPDRcsRDcAG50MvoBsumnXdMMzdRjKJs3o8IjkAidg==
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/recaptcha-v3/dist/ReCaptchaLoader.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71a05dadb62a7a68a46b74551d7e8ff9020d593dfd0a3a1f5066d26f827fdcc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.helixintel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 12 Feb 2024 17:42:22 GMT
6
m.stripe.com/ Frame 4865
156 B
670 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.18.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-18-208.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2fd0b5c776fec3660c46fa7eb78d59d54690923489af9a1930a7b79c15a59785
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 12 Feb 2024 17:42:22 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707759742598488
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707759742597940
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
recaptcha__de.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/
493 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qa.helixintel.com/
Origin
https://qa.helixintel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200774
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Feb 2025 13:07:17 GMT
anchor
www.google.com/recaptcha/api2/ Frame B6B6
44 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0f929eae6d250e144a8b564b707f10378bdfa5fa2f4beeca8a35f90010c3afc1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PSZtj88H1YkXPB99QToMfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qa.helixintel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PSZtj88H1YkXPB99QToMfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 17:42:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame B6B6
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Feb 2025 17:04:07 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame B6B6
493 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 13:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200774
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Feb 2025 13:07:17 GMT
zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
www.google.com/js/bg/ Frame B6B6
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 00:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
409315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6922
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 00:00:27 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B6B6
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfzo_UcAAAAAIZEZLl6CtbYZjqzHpQwurExbeUN&co=aHR0cHM6Ly9xYS5oZWxpeGludGVsLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=9b707aaxrwvc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 17:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 12 Feb 2024 17:42:22 GMT
pv
helixintel.zendesk.com/frontendevents/ Frame 23C5
0
0
Fetch
General
Full URL
https://helixintel.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Feb 2024 17:42:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv5JHVOHmGhYARwIhMPA%2FfnelihVSviICGWfEp0SrgRNabCfZ615jGoTiSAv3YOs0fWSgcjuGMm00MXAje1KUw%2BfS4uLHTOVmCUQCVkOb01WDFaW9nU6Gm7O%2BEiAPBMN8tEod52vvic%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8546a0ba19ba162a-WAW
content-length
0
x-request-id
8546a0ba19ba162a-WAW
pv
helixintel.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://helixintel.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://qa.helixintel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8546a0b89f73162a-WAW
date
Mon, 12 Feb 2024 17:42:23 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dK6dNvEH4LEsu%2F%2BkLbqtFoXZBeFd%2FDN2gXiRCk3GCty7TKq%2B9388h7%2FxKq3ulu0%2BoXlnQXkOAASafOjeYduadOn42cM5tpeA7RJk2eULSMRMfPXkXQGKK8QqdU0ehWxYYzODIN5hbw0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8546a0b89f73162a-WAW
x-zendesk-zorg
yes
replay
browser-intake-datadoghq.com/api/v2/
53 B
343 B
Fetch
General
Full URL
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.6.0%2Capi%3Afetch%2Cenv%3Aqa%2Cservice%3Ahelix-web&dd-api-key=pubbef8a2c8f4edafe5a28569e02cdb6657&dd-evp-origin-version=5.6.0&dd-evp-origin=browser&dd-request-id=dc2e6f53-6f1e-4e6d-9cfa-ba9af608223f
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/browser/fetchObservable.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6e20:cff7:7d31:1ff6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
bb28dc04ff0d57ccd7368163a5eca90fb071b534df378e5067abff0b23729da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.helixintel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarywtkyBH8kUKASkfVY

Response headers

date
Mon, 12 Feb 2024 17:42:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
dc2e6f53-6f1e-4e6d-9cfa-ba9af608223f
replay
browser-intake-datadoghq.com/api/v2/
53 B
343 B
XHR
General
Full URL
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.6.0%2Capi%3Axhr%2Cenv%3Aqa%2Cservice%3Ahelix-web&dd-api-key=pubbef8a2c8f4edafe5a28569e02cdb6657&dd-evp-origin-version=5.6.0&dd-evp-origin=browser&dd-request-id=2a77d9bc-52a9-4407-8856-709532c3f390
Requested by
Host: helix-web
URL: webpack://helix-web/./node_modules/@datadog/browser-core/esm/tools/instrumentMethod.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6e20:cff7:7d31:1ff6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
0e9dd8aa357de98c243976b0fbd9672bcfe88274673f4db698f44dc2fe848105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.helixintel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarym7CyUadkmmNIKEVb

Response headers

date
Mon, 12 Feb 2024 17:42:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
2a77d9bc-52a9-4407-8856-709532c3f390
6
m.stripe.com/ Frame 4865
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.18.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-18-208.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2fd0b5c776fec3660c46fa7eb78d59d54690923489af9a1930a7b79c15a59785
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 12 Feb 2024 17:42:25 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707759745396119
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707759745394963
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| FontAwesomeKitConfig object| webpackChunkStripeJSouter function| noop function| Stripe object| AppcuesBundleSettings object| Appcues object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded object| webpackChunkhelix_web function| clearImmediate function| setImmediate object| core object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| $cookies object| _ablyjs_jsonp object| DD_RUM object| __heic2any__worker object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_771033

5 Cookies

Domain/Path Name / Value
.helixintel.com/ Name: qa-helix
Value: %7B%7D
m.stripe.com/ Name: m
Value: 38c5b950-812f-4059-89b8-06e3a0153a769dd675
.qa.helixintel.com/ Name: __stripe_mid
Value: e0fbfca7-95fe-4536-b796-4fed64a2240b10a7ff
.qa.helixintel.com/ Name: __stripe_sid
Value: aed8537f-ab56-42f8-98ef-ad324e02f9727c8e59
qa.helixintel.com/ Name: _dd_s
Value: rum=1&id=57254af2-dcd1-4228-aaef-4eeda1039c53&created=1707759741329&expire=1707760641329

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://qa.helixintel.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qa.helixintel.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://qa.helixintel.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-intake-datadoghq.com
ekr.zdassets.com
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
helixintel.zendesk.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
q.stripe.com
qa-api.helixintel.com
qa.helixintel.com
static.zdassets.com
www.google.com
www.gstatic.com
104.16.51.111
104.18.70.113
18.165.183.31
18.165.183.52
2600:1f18:24e6:b901:6e20:cff7:7d31:1ff6
2600:9000:2057:4800:19:7d10:bd80:93a1
2606:4700:4400::6812:2844
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:828::2004
2a00:1450:4001:830::2003
2a04:4e42:200::622
34.214.18.208
44.198.88.101
54.186.23.98
99.86.4.122
00eb970a8f20199622f9dd04c29031c5ef4fc1b3a1259eb725c60e4dad4b0e94
0e9dd8aa357de98c243976b0fbd9672bcfe88274673f4db698f44dc2fe848105
0f929eae6d250e144a8b564b707f10378bdfa5fa2f4beeca8a35f90010c3afc1
14242666980c87672a5c81b4fe0c7a8f3f1fa4958ef2c472c4525efcf9d8c9a2
17920ea57db280ac565f4bfc482139037e2be0e97652c569c210d4240fe7273d
18bb7d1f996652a0f47ad6d6b65d091c4d37e2fb1cad0e85dbad48839233016e
2c330cc8aa69280b31002b737651fb2cada87166c5325afdc7bdd2bb4e45ffed
2fd0b5c776fec3660c46fa7eb78d59d54690923489af9a1930a7b79c15a59785
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
37f8925899f19859ba81646890bb3c14a84c997664c1d3ad8ab1d28518ef999e
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
4541e4e57cb11ecc2274fbb169084da1c10661b3de2a5593bb472de5d3f24e1e
492de6622e6f7a7b9ce910c104f9259a55dcc8c9661c8e7beedc79592a3db9ae
4cf18d0f087505c41f8c1eec8fc27c26e049e8619d9d791df1be990b1106ee2f
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6
71a05dadb62a7a68a46b74551d7e8ff9020d593dfd0a3a1f5066d26f827fdcc6
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
90cc5679b4a898c0a3c40bb0ca93c32202ff46a256308c7108f9d9b219eb1bbc
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab
9bb9eafc9783f7f229d9ba6edc30741b6d3031f7041337803cb619cd37a1072a
a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
ab5a25c36ca19a04b8fc3d31dbf9832f659ee6439b866a890df0e63c925451a7
abda9e95eaef9d5449398fb0f5777d6c1dada148f3f530b31872c0f0a566184a
b62f077246e0f22fcbfc02d156e9a81ae19eb6ea55f2409a62b45ed78f1cddd2
b6b37142ec39f9bac27c076ea487b56485623e386889c97f0a0da6fb41850a40
b79790311c547524ee9a49c68b37207a1ac43eaf214e13a25444b9708c72d563
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb28dc04ff0d57ccd7368163a5eca90fb071b534df378e5067abff0b23729da4
c25662f5f166f0e714f86422f6afbe1f27f48e41e2129ce9d6927d7d903647f3
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
dbe2246ced8c5a2b78546ec9966162ae502b9bd5ee7daff7a87d477c7e09fcee
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7ac626cdbd8f2085c19e79754b35ca160d1bf302368e9d9a5eb6dd6704c561
fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456