helenair.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0iLCJocmVmIjoiaHR0cHM6...
Effective URL:
https://helenair.com/
Submission: On September 20 via api (September 20th 2023, 8:41:58 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 97 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is helenair.com.
TLS certificate: Issued by GTS CA 1P5 on September 7th 2023. Valid for: 3 months.

This is the only time helenair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:214... 2600:9000:214f:1400:6:4d4d:1ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
42	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:211... 2600:9000:211e:b000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	35.155.246.37 35.155.246.37	16509 (AMAZON-02) (AMAZON-02)
97	16

1 2600:9000:214f:1400:6:4d4d:1ec0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

email.mail.helenair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

helenair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:b000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 36410	667 KB
10	helenair.com 1 redirects email.mail.helenair.com helenair.com	104 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	607 KB
6	osano.com cmp.osano.com — Cisco Umbrella Rank: 7860	110 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 2933	34 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 3415	80 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	22 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 964	408 B
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	158 KB
2	gstatic.com www.gstatic.com	13 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1561	171 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 63889	365 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 3173	436 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	667 B
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404	61 KB
97	15

	Domain	Requested by
42	bloximages.chicago2.vip.townnews.com	helenair.com bloximages.chicago2.vip.townnews.com
9	helenair.com	helenair.com
7	www.googletagmanager.com	helenair.com cmp.osano.com
6	cmp.osano.com	helenair.com cmp.osano.com
4	cdn.segment.com	cmp.osano.com cdn.segment.com
3	tagan.adlightning.com	helenair.com cmp.osano.com
2	www.google-analytics.com	cmp.osano.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	securepubads.g.doubleclick.net	cmp.osano.com
2	www.gstatic.com	helenair.com
1	api.segment.io	cdn.segment.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	c.amazon-adsystem.com	helenair.com
1	email.mail.helenair.com	1 redirects
97	16

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
legacy.memoriams.com
www.legacy.com
www.stringr.com
autos.montanawheelsforyou.com
frontpagebets.com
www.google.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
helenair.com GTS CA 1P5	`2023-09-07` - `2023-12-06`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://helenair.com/
Frame ID: 02BB53D03C716A9BEE5A4FC91325DFC4
Requests: 93 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 23D6E23C8953AD25214556797532F4FB
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 7835C751993296C6D28EEF81548F21BB
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 896E0A6598A42CD1395F893BE846A84B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Independent Record | Breaking News | | Read Helena, MT and Montana breaking news. Get latest news, events and information on Montana sports, weather, entertainment and lifestylesVideoCollectionVideoAudioVideoVideoAudioAudioAudioAudioAudioVideoCollectionCollectionCollectionCollection

Page URL History Show full URLs

http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0i... HTTP 307
https://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0i... HTTP 302
https://helenair.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

86 %
HTTPS

50 %
IPv6

15
Domains

16
Subdomains

16
IPs

3
Countries

1857 kB
Transfer

5675 kB
Size

3
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=helenair.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fhelenair.com%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 9 months

Search URL Search Domain Scan URL

URL: https://legacy.memoriams.com/network/IndependentRecord/Obituary?online=1&utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=helenair
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/helenair/today
Title: Find an Obituary

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlvUgZwn9k2
Title: Share video

Search URL Search Domain Scan URL

URL: https://autos.montanawheelsforyou.com/
Title: Cars

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=helenair.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://frontpagebets.com/
Title: FrontPageBets

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//7%20W%206TH%20AVE%20STE%20507%2BHELENA%2BMT%2B59102
Title: 7 W 6TH AVE STE 507, HELENA, MT 59102

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1526%20HAUSER%2BHELENA%2BMT%2B59601
Title: 1526 HAUSER, HELENA, MT 59601

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//65%20E%20Park%2BButte%2BMT%2B59701
Title: 65 E Park, Butte, MT 59701

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/ChangeAccount.aspx?Domain=HelenaIR.com
Title: Manage Active Subscription

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsImxpbmtfaWQiOjE3fQ/58e023a5c656fac458dc19f8ecb5ad20c14c7ef1a8ec81404afa0199723c9413/ HTTP 307
https://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsImxpbmtfaWQiOjE3fQ/58e023a5c656fac458dc19f8ecb5ad20c14c7ef1a8ec81404afa0199723c9413/ HTTP 302
https://helenair.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
helenair.com/
Redirect Chain

http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsIm...
https://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dLcWtfdnpKTzFhel9PYXRZRUlFST0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsI...
https://helenair.com/

525 KB
61 KB

374ms
123ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

f2a36a525ed22316938cf9130b8db6de64989e47c195c37a318082d3a2d04a12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding: gzip
content-length: 59895
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 20 Sep 2023 20:38:27 GMT
etag: W/ab57bbb384545459416d559a35697008
last-modified: Wed, 20 Sep 2023 20:38:27 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.71.1; app2; 0.73s; 6.6M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://helenair.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
date: Wed, 20 Sep 2023 20:41:50 GMT
location: https://helenair.com/
via: 1.1 google, 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-id: 82iKHWzpwVuZJr4OG4G27fhd0n6tcdQ10FSq3w0lZed3AyfWgD9m2w==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 127ms
52ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5831288
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f69000-FRA
expires: Wed, 20 Mar 2024 20:31:39 GMT

GET
H2 200 user.js Show response
helenair.com/shared-content/art/tncms/user/ 3 KB
2 KB 237ms
235ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:26 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 17:07:29 GMT
x-vcache: HIT
age: 24
etag: W/"6509d551-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 140ms
66ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18914568
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d39159000-FRA
expires: Wed, 26 Jul 2023 07:54:27 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 136ms
62ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12273891
last-modified: Thu, 21 Jul 2022 21:07:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bff8-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d39149000-FRA
expires: Wed, 26 Jul 2023 07:54:27 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 135ms
62ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3093442
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Aug 2023 18:23:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64d52b28-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d39139000-FRA
expires: Wed, 14 Aug 2024 19:01:20 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 106ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7692978
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 18:40:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6495e71c-10fa"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f89000-FRA
expires: Sat, 22 Jun 2024 19:01:20 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 103ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18427017
last-modified: Thu, 21 Jul 2022 21:06:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bfe6-9ae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f79000-FRA
expires: Wed, 26 Jul 2023 07:54:27 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 104ms
31ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1103679
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 20:00:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645d495c-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f19000-FRA
expires: Wed, 15 May 2024 15:01:31 GMT

GET
H2 200 layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 113ms
40ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.c16df073a4f45c16eb2b8a91ceb7b785.css

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1222883
cross-origin-resource-policy: cross-origin
last-modified: Wed, 26 Jul 2023 20:07:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64c17cf0-26681"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f29000-FRA
expires: Wed, 31 Jul 2024 19:01:26 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 97 KB
17 KB 106ms
33ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1695193243

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3361586153712b89c111edae2eb7c511762d66346119ab80bddbde761bf8088

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 43467
cross-origin-resource-policy: cross-origin
last-modified: Wed, 20 Sep 2023 07:00:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"650a989b-18288"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f59000-FRA
expires: Thu, 19 Sep 2024 07:05:47 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 103ms
31ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18914567
last-modified: Fri, 01 Apr 2022 13:30:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe83-189c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f49000-FRA
expires: Sun, 23 Apr 2023 03:07:09 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 105ms
32ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2244
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:35:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642468c1-12b0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d18f39000-FRA
expires: Tue, 02 Apr 2024 18:07:59 GMT

GET
H2 200 access.js Show response
helenair.com/shared-content/art/tncms/api/ 87 KB
35 KB 122ms
121ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/shared-content/art/tncms/api/access.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer: https://helenair.com/
Origin: https://helenair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:39:58 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 14:49:50 GMT
x-vcache: HIT
age: 112
etag: W/"64f8918e-15cd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35387
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 331 KB
75 KB 98ms
28ms Script
application/javascript 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cb9fcea5c931597660e7cade320ba3e0f58a714a47bd872d768afd19cdeab037

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:41:22 GMT
content-encoding: br
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 90029
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 76512
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Sep 2023 18:57:31 GMT
server: CloudFront
etag: "e93f731c755f7d212b6cb651def51a0d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: md2xMHIGlzJpPiH-BLfbBYzchO6UddOvPFpSBoVa6EB3EzobCqpqcQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 95ms
25ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:59:37 GMT
content-encoding: gzip
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:04:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2535
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: N67z880fPzKeBbiZaZBEPdBn0cVbKmuFkXMBOuJJQX5bgHFpenrY5Q==

GET
H2 200 helenair.com.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 9 KB
2 KB 148ms
147ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/helenair.com.js?_dc=1695242307

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89e5bfb57ab35672236725747193a6c9f2d6ddb8eeb6202ee870aa6a493eed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
last-modified: Wed, 20 Sep 2023 05:01:50 GMT
x-vcache: MISS
server: cloudflare
etag: W/"650a7cbe-2398"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d693c9000-FRA
expires: Thu, 19 Sep 2024 20:41:51 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 49ms
46ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12269986
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246890-9ff8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43fbb9b9000-FRA
expires: Wed, 03 Apr 2024 07:46:11 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 33ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18858311
cross-origin-resource-policy: cross-origin
last-modified: Fri, 13 Jan 2023 15:38:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c17ae6-db8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43fbb9d9000-FRA
expires: Tue, 23 Jan 2024 15:39:41 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 34ms
31ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18937551
cross-origin-resource-policy: cross-origin
last-modified: Thu, 19 Jan 2023 22:31:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c9c4a7-1ba0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43fbb9e9000-FRA
expires: Fri, 26 Jan 2024 00:36:23 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 22:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Sep 2024 22:07:57 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 83ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 10:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 10:34:10 GMT

GET
H2 200 messaging.js Show response
helenair.com/shared-content/art/tncms/api/ 2 KB
1 KB 127ms
124ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:37:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 17:07:29 GMT
x-vcache: HIT
age: 268
etag: W/"6509d551-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
254 B 30ms
28ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 18908746
last-modified: Fri, 01 Apr 2022 13:30:31 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe77-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d693d9000-FRA
expires: Sun, 23 Apr 2023 03:07:09 GMT

GET
H2 200 tracking.js Show response
helenair.com/shared-content/art/tncms/ 3 KB
1 KB 238ms
237ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/shared-content/art/tncms/tracking.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:39:58 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 17:07:29 GMT
x-vcache: HIT
age: 112
etag: W/"6509d551-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 prebid7.9.0.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 197 KB
61 KB 40ms
39ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1684220442

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 11021339
cross-origin-resource-policy: cross-origin
last-modified: Tue, 16 May 2023 07:00:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64632a1a-313f5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d693e9000-FRA
expires: Wed, 15 May 2024 07:05:56 GMT

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 33ms
32ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1695193243

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:50 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 43467
cross-origin-resource-policy: cross-origin
last-modified: Wed, 20 Sep 2023 07:00:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"650a989b-2459"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43d693f9000-FRA
expires: Thu, 19 Sep 2024 07:05:47 GMT

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
98 KB 43ms
41ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 81067
cross-origin-resource-policy: cross-origin
last-modified: Thu, 14 Sep 2023 21:59:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65038248-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43fbb9f9000-FRA
expires: Wed, 18 Sep 2024 19:01:24 GMT

GET
H2 200 tracker.js Show response
helenair.com/shared-content/art/stats/common/ 9 KB
3 KB 238ms
238ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/shared-content/art/stats/common/tracker.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:39:56 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 14:02:33 GMT
x-vcache: HIT
age: 114
etag: W/"641b0a79-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 dc6da7aa-374d-11ec-896b-1b0788d30aba.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/ 4 KB
4 KB 34ms
32ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/dc6da7aa-374d-11ec-896b-1b0788d30aba.png

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d49ba3df631d3bad38e0a881637670859adc22ca85ba407621cafd712d5bd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 4731669
cf-polished: origFmt=png, origSize=4790
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="dc6da7aa-374d-11ec-896b-1b0788d30aba.webp"
content-length: 4048
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Oct 2021 17:46:49 GMT
server: cloudflare
x-vcache: MISS
etag: "61799089-12b6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce43fbba09000-FRA
expires: Wed, 12 Jun 2024 07:48:19 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 75ms
73ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 12625714
cf-polished: origFmt=png, origSize=3610
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4400bd09000-FRA
expires: Thu, 18 Apr 2024 06:49:00 GMT

GET
H2 200 logo-tagline.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 75ms
74ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1695193243

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 43468
cf-polished: origFmt=png, origSize=10949
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="logo-tagline.webp"
content-length: 5302
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 07:00:43 GMT
server: cloudflare
x-vcache: MISS
etag: "650a989b-2ac5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4400bd29000-FRA
expires: Thu, 19 Sep 2024 07:05:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
78 KB 101ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4e376381863d9d80f7f33aaf308580e3aa22cf0073829a95941eac03aa62926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79031
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 19:01:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 20:41:51 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 49 KB
19 KB 121ms
24ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3086b1c8f5a9ec7c98246f55b3f6c5b5ee6dc6f274fdb07a8a1ca8980a0d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 6i4QxqG9EZo5hAMjY6TPzMSCGZ16pPTf
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 19:56:37 GMT
x-amz-cf-pop: FRA60-P4
age: 2738
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19221
x-amz-meta-git_commit: e09f10f
last-modified: Sun, 17 Sep 2023 10:53:35 GMT
server: AmazonS3
etag: "c2e06a7a2a3b477227144f9c0064453c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: mP_t3TsF6CG1xPEPzAcPczZHrRntO0wZddVc63wgCjoeiCYBrm3aUw==

GET
H2 200 helenair.com.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 1 KB
385 B 30ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/helenair.com.js?_dc=1684220442

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f0031ea468bbd0348d091f5712b620056184103b6c1607af24ba4e7c49fb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 11011190
cross-origin-resource-policy: cross-origin
last-modified: Tue, 16 May 2023 07:00:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64632a1a-5b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43f6b499000-FRA
expires: Wed, 15 May 2024 07:05:56 GMT

GET
H2 200 dfp.lazy.pbjs.js Show response
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 17 KB
4 KB 35ms
32ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pbjs.js?_dc=1684220442

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9c3fe0bb7e27e1fef2af1cae6a8924b40d3240418da5d484c65c00dae8f10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 11011190
cross-origin-resource-policy: cross-origin
last-modified: Tue, 16 May 2023 07:00:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64632a1a-447d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce43fbb999000-FRA
expires: Wed, 15 May 2024 07:05:56 GMT

GET
BLOB 200
OK 79829b58-1514-4c41-aede-654174c90970
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/79829b58-1514-4c41-aede-654174c90970
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 142ms
73ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b11f35644da3ef1864a31c7dca82a9423a719abc43662c8c14c4eb138219612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29584
x-xss-protection: 0
server: cafe
etag: 256 / 19620 / 31078044 / config-hash: 9843192085666301801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 20:41:51 GMT

GET
H2 200 tracker.gif
helenair.com/shared-content/art/stats/common/ 0
145 B 122ms
121ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helenair.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1695242511328160012001127012858924&tnms_dt=Independent%20Record%20%7C%20Breaking%20News%20%7C%20%7C%20Read%20Helena%2C%20MT%20and%20Montana%20breaking%20news.%20Get%20latest%20news%2C%20events%20and%20information%20on%20Montana%20sports%2C%20weather%2C%20entertainment%20and%20lifestyles&tnms_upage=1&tnms_do=helenair.com&tnms_uri=/&tnms_ref=&rt=1695242511329
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 559 KB
135 KB 153ms
128ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9274d827085950eafdccf9001b6de37e68e117333cd40f7dfd3b70bff221fd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138335
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 19:01:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 20:41:51 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 85ms
31ms Font
application/font-woff2 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1695193243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1695193243
Origin: https://helenair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 50101
cross-origin-resource-policy: cross-origin
content-length: 26164
last-modified: Tue, 01 Nov 2022 07:00:46 GMT
x-vcache: MISS
server: cloudflare
etag: "6360c41e-6634"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce440ad151cc9-FRA
expires: Thu, 02 Nov 2023 15:04:36 GMT

GET
H2 200 b-e09f10f-fd9abb4c.js Show response
tagan.adlightning.com/leeenterprises/ 84 KB
31 KB 23ms
23ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 04:25:34 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: zhzD0.k4yK1QATUF8Zyk6eChx2be4yrB
x-amz-cf-pop: FRA60-P4
age: 3255378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31504
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:07 GMT
server: AmazonS3
etag: "9906aff1d286210259bcaf608003dd01"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WB8xAhVCxESo4MKpWOz1RFDu3aQfPWJc0EhXdJhsmu5umSBQJffzcg==

GET
H2 200 bl-ef0aa10-b56dc648.js Show response
tagan.adlightning.com/leeenterprises/ 72 KB
30 KB 30ms
30ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-ef0aa10-b56dc648.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bed221d78d9bcc3b9770f23b8510762499a051be5a77ba3c452ef73f8e18774d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:13:32 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: hufsvwMDPM6FzlYkghH6qZb_Ouz1ktaV
x-amz-cf-pop: FRA60-P4
age: 293300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30107
x-amz-meta-git_commit: ef0aa10
last-modified: Sun, 17 Sep 2023 10:52:53 GMT
server: AmazonS3
etag: "b5da2f5c11869dcea9e2432ec3d58b63"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OblRYomxaSB1XerQ5xiPpZi5DpmHCKKVnZxCvZYShxFKzzHg9mgNJg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 409 KB
129 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31078044

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 13:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25414
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131891
x-xss-protection: 0
server: cafe
etag: 12284941131365068139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 19 Sep 2024 13:38:17 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 23D6 4 KB
1 KB 22ms
22ms Document
text/html 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helenair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11336
content-encoding: br
content-type: text/html
date: Wed, 20 Sep 2023 17:32:56 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-id: SKb2rCbwWdtJZYypkep_7NKy6OSmRxtd27apur40gg6FFewkwZY7sg==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 160ms
116ms Preflight 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://helenair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 20 Sep 2023 20:41:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-id: 31P4BuvmZZxfQdKBuxl_oRlXv22C8fxNijNzrOQin8BaovqDoJRRcQ==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 98 KB
25 KB 23ms
23ms Script
application/javascript 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a0ede11c28419af7bf0609331dd6b978ddcdc7ee1283c30f95652a9e6817012

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: XcyWkjCb.yr2rpYmEKRLRkd_D.RaB.Oa
content-encoding: gzip
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 18:58:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 6224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Sep 2023 18:57:23 GMT
server: AmazonS3
etag: W/"d4d006fd54b8041ff3c05ae792bc5ff5"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: ExdKjNKlO1UyOSd-_pUuoCs-xvSDp86zxMOtUIJ8HvVUv3nZKgf1QA==

GET
H2 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 21 KB
7 KB 23ms
23ms XHR
application/json 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

624c19a4056c556176807b24f2d940561c57ea14b4a98f2bbdc11ea990eb0386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://helenair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: Hk5JhxVG3FIN1Y4FYsYYvDyLh3jwlikF
content-encoding: br
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 19:02:25 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 5967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Sep 2023 18:57:23 GMT
server: AmazonS3
etag: W/"ea7393166431a4c965a37a9a0027e3aa"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: Xehy1FJP6-G9MMT6YUsoegOljDtla7NvStrinO79tsvlead-A0E9yw==

GET
H2 200 650747657ad21.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/f/ca/fca14431-f202-58c2-9666-f1da44a2d70b/ 12 KB
13 KB 419ms
418ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/f/ca/fca14431-f202-58c2-9666-f1da44a2d70b/650747657ad21.image.jpg?resize=400%2C225

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b074e956b8d79fc22d0f06502a2d2b9b2e6afc75497bdcc372edc301d99225d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=12856, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 12687
cf-bgj: imgq:85,h2pri
last-modified: Sun, 17 Sep 2023 18:37:25 GMT
server: cloudflare
x-vcache: MISS
etag: "5ce1b90f8e6be52cf967031a86bfd94a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4419d409000-FRA
expires: Wed, 18 Sep 2024 11:31:04 GMT

GET
H2 200 650a67d928b1a.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/3/ed/3ed9c569-d551-57e0-96a2-efa96c313b45/ 16 KB
17 KB 139ms
137ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/3/ed/3ed9c569-d551-57e0-96a2-efa96c313b45/650a67d928b1a.preview.jpg?crop=1364%2C768%2C124%2C51&resize=400%2C225&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f25203c2b6350ddb55e160c5e7cd09e5b227158faf08c9d436c0fc0b32f937

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=19778
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="650a67d928b1a.webp"
content-length: 16816
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 03:32:46 GMT
server: cloudflare
x-vcache: MISS
etag: "ce81a45124bf4c5d5adcd6920d79633e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4419d429000-FRA
expires: Thu, 19 Sep 2024 17:39:57 GMT

GET
H2 200 6507497d2af93.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/4/a8/4a8fd177-8155-53b3-9463-ef78b14a5e2b/ 11 KB
11 KB 394ms
392ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/4/a8/4a8fd177-8155-53b3-9463-ef78b14a5e2b/6507497d2af93.preview.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9af08a623aa67f8a4c203ab74f6b4804b666696e3d42bd4cb258fbcdfbe4f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=11894
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6507497d2af93.webp"
cf-bgj: imgq:85,h2pri
last-modified: Sun, 17 Sep 2023 18:46:25 GMT
server: cloudflare
x-vcache: MISS
etag: "c9d2ba78a86de4b6d2f8e82202d13c77"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce4419d439000-FRA
expires: Tue, 17 Sep 2024 00:34:02 GMT

GET
H2 200 650b394b8636c.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/b/4b/b4b98fa0-57dd-11ee-b829-136c4572c3d8/ 24 KB
24 KB 141ms
139ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/b/4b/b4b98fa0-57dd-11ee-b829-136c4572c3d8/650b394b8636c.preview.jpg?crop=960%2C540%2C0%2C90&resize=400%2C225&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02bd15d539f3e41adfc3b1381a016d0e2195b07b6a963d7855f873bf90b832a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=24186, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 24074
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 18:26:22 GMT
server: cloudflare
x-vcache: MISS
etag: "7ce244080af1b0b8a0877456f232e3e5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4419d449000-FRA
expires: Thu, 19 Sep 2024 19:47:29 GMT

GET
H2 200 650b44ca24f92.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/6/33/6339cc8b-303a-5159-9a77-5143aefcaafc/ 22 KB
23 KB 127ms
125ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/6/33/6339cc8b-303a-5159-9a77-5143aefcaafc/650b44ca24f92.preview.jpg?crop=1340%2C754%2C0%2C99&resize=400%2C225&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

826287d7c624ddfbf89385aac12d9f3bba19a2d50103addd3107810e7fa07eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=23018, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 19:15:22 GMT
server: cloudflare
x-vcache: MISS
etag: "7848806f6a95fa33f2c5523ead63fdd1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce4419d469000-FRA
expires: Thu, 19 Sep 2024 19:16:27 GMT

GET
H2 200 6431f5b20b8cf.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/c/4c/c4cd422d-8dac-5dc6-b93b-8842f91dd92a/ 23 KB
23 KB 144ms
142ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/c/4c/c4cd422d-8dac-5dc6-b93b-8842f91dd92a/6431f5b20b8cf.image.jpg?resize=400%2C225

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5abf2937a05521071de062475681418cdf894fb583d4ec0f6565aa5ddeab051b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=23353, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 23157
cf-bgj: imgq:85,h2pri
last-modified: Sat, 08 Apr 2023 23:16:02 GMT
server: cloudflare
x-vcache: MISS
etag: "73371578e64ad3f0f49abdf0823a1f36"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4419d489000-FRA
expires: Thu, 19 Sep 2024 19:38:24 GMT

GET
H2 200 64ec3475c72e8.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/1/9b/19bc5569-bc8c-5941-92a9-a86b41ab89df/ 14 KB
14 KB 134ms
132ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/1/9b/19bc5569-bc8c-5941-92a9-a86b41ab89df/64ec3475c72e8.image.jpg?crop=800%2C450%2C0%2C26&resize=400%2C225&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81d1bfe9275839689ef18b5f92e5582ed54a4b0d6a1811a83f832a2fa5c756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:51 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=14019, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 13845
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Aug 2023 05:45:25 GMT
server: cloudflare
x-vcache: MISS
etag: "057eb2dfa951a0c44dc5d60d22571ef0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4419d499000-FRA
expires: Thu, 19 Sep 2024 16:03:17 GMT

GET
BLOB 200
OK f59ea70b-36a2-433c-8de6-b91cdc47c21c
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/f59ea70b-36a2-433c-8de6-b91cdc47c21c
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK b34155c9-196c-4fc7-a991-c30a9dc878c0
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/b34155c9-196c-4fc7-a991-c30a9dc878c0
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 66e25ff3-2b04-4356-a17d-9444b4218044
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/66e25ff3-2b04-4356-a17d-9444b4218044
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 9b91eb55-6b71-45a3-be84-c7ad44c9a658
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/9b91eb55-6b71-45a3-be84-c7ad44c9a658
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 4a9e388b-745a-46f4-87c0-81a8daa31131
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/4a9e388b-745a-46f4-87c0-81a8daa31131
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 7835
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
667 B

118ms
23ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer: https://helenair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 59949
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 20 Sep 2023 04:02:44 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 4mGyUTA2A2kd0gBQbfhNQHuODnVVkT-3pjHm7Qru1wVYJnUbQ-A1Aw==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Wed, 20 Sep 2023 20:41:51 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
BLOB 200
OK 3da6560f-1810-4710-80f6-1e5f2dc2ebe1
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/3da6560f-1810-4710-80f6-1e5f2dc2ebe1
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK d5629b50-e7a0-4be9-a650-f0507793ed98
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/d5629b50-e7a0-4be9-a650-f0507793ed98
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK cc84faa0-acc9-4f6d-b88d-3608bd570f2c
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/cc84faa0-acc9-4f6d-b88d-3608bd570f2c
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 969c6153-6644-4c7b-b18a-c6472d56c315
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/969c6153-6644-4c7b-b18a-c6472d56c315
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 650b3e3b0a412.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/b4/5b465c2e-e3de-5e24-8451-30646484e88e/ 55 KB
56 KB 133ms
132ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/b4/5b465c2e-e3de-5e24-8451-30646484e88e/650b3e3b0a412.preview.jpg?crop=1050%2C591%2C0%2C79&resize=750%2C422&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91dfc06610a596a198e1408290c64ba066e86cf0c183ed17d13b220310ae6876

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=56925, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 18:47:23 GMT
server: cloudflare
x-vcache: MISS
etag: "798270f6832edd4b62ab17327e4f0691"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce443cf7f9000-FRA
expires: Thu, 19 Sep 2024 18:58:38 GMT

GET
H2 200 650b3dd9a492b.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/c/ab/cab498d4-b554-50dd-868b-de986d5ff43c/ 9 KB
10 KB 134ms
133ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/c/ab/cab498d4-b554-50dd-868b-de986d5ff43c/650b3dd9a492b.preview.jpg?crop=1101%2C619%2C0%2C56&resize=300%2C169&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba911d09a6413de6f8d1d1f931a1464c3f273d5de6fb39a3e0894a5aa060c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=9773, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 9660
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 18:45:45 GMT
server: cloudflare
x-vcache: MISS
etag: "43a1dbae635efcb0497e95700aa1292d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce443cf809000-FRA
expires: Thu, 19 Sep 2024 18:55:21 GMT

GET
H2 200 650afd70263d3.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/8/ed/8ede5690-91b4-574b-87ad-2e3fd1954ec3/ 11 KB
11 KB 142ms
141ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/8/ed/8ede5690-91b4-574b-87ad-2e3fd1954ec3/650afd70263d3.preview.jpg?resize=300%2C169

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec32b94e8ead4291902827660140873992021287cdd449eefc540a147f3594d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=11483, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 14:11:05 GMT
server: cloudflare
x-vcache: MISS
etag: "ea7b61f27584775aaeaae9ccbd5872ab"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce443cf829000-FRA
expires: Thu, 19 Sep 2024 17:53:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
63 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

986e07255ec3f5d0505316bdb70ed5bfab712a846d55c77c95cd4978598ab140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64833
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 19:01:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 20:41:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
19ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Sep 2023 19:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3129
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Sep 2023 21:49:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
69 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bf7cd1fc4104bd6e4a4c1706c267736183a31b30598eea7b0919211a9d1b6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70219
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 19:01:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 20:41:52 GMT

GET
BLOB 200
OK 1e2a8292-1b98-412b-9439-056d6c431586
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/1e2a8292-1b98-412b-9439-056d6c431586
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
cmp.osano.com/ Frame 896E 4 KB
1 KB 23ms
23ms Document
text/html 2600:9000:211e:b000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:b000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helenair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11337
content-encoding: br
content-type: text/html
date: Wed, 20 Sep 2023 17:32:56 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-id: l0mc_rzc5Fj7ySrhg4xBC0VieC3-Slh8Af_27d-XmZ4IEUAtB4wfnQ==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W1D1PJ47HW&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dff537e5c59f085d66e08b07da5b1de9591656b1c8d3cdef285d45e4eb747033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 20:41:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
87 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bda808b293dc36f3c15e7e03bf06e809f39373e6fc13bf162c4aae67c5669bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 20:41:52 GMT

GET
BLOB 200
OK 43184cc5-7b16-4f8a-b38e-30f361f10106
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/43184cc5-7b16-4f8a-b38e-30f361f10106
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
436 B 125ms
29ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://helenair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helenair.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 650b1f0785d26.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/d4/ed485818-57b4-5919-a57e-6db7bb90fd86/ 9 KB
9 KB 128ms
127ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/d4/ed485818-57b4-5919-a57e-6db7bb90fd86/650b1f0785d26.preview.jpg?crop=1763%2C992%2C0%2C92&resize=300%2C169&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e4af7400e01212161549c27bf2155c225fb09438ebdc4cfbd5182cd5fafad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=9012, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Sep 2023 16:34:15 GMT
server: cloudflare
x-vcache: MISS
etag: "ceac7a9187fb343306ab3fc291969441"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce444b85e9000-FRA
expires: Thu, 19 Sep 2024 16:40:45 GMT

GET
H2 200 650a0d0c3ff56.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/7/f3/7f37c2e8-572e-11ee-a5e4-930ed4e39694/ 5 KB
5 KB 131ms
131ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/7/f3/7f37c2e8-572e-11ee-a5e4-930ed4e39694/650a0d0c3ff56.preview.jpg?crop=743%2C418%2C0%2C26&resize=300%2C169&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c23429799dc9998cb642f80e5dd36599e03653433148e47ab88c6fbfc00c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=6399
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="650a0d0c3ff56.webp"
content-length: 4792
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Sep 2023 21:05:20 GMT
server: cloudflare
x-vcache: MISS
etag: "0697b8a491909c30417af4ebd6527f8d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce444b8609000-FRA
expires: Wed, 18 Sep 2024 21:13:11 GMT

GET
H2 200 6509f6ac7010e.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/b/16/b168afe6-5721-11ee-839e-1fd61742c92f/ 12 KB
12 KB 133ms
132ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/b/16/b168afe6-5721-11ee-839e-1fd61742c92f/6509f6ac7010e.preview.jpg?crop=1764%2C992%2C0%2C90&resize=300%2C169&order=crop%2Cresize

Requested by

Host: helenair.com
URL: https://helenair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f220241b68c40bee5bfea119c8ff6cb84b8f1150301f3bdd5240c1dbee35631

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=12461, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 12289
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Sep 2023 19:29:50 GMT
server: cloudflare
x-vcache: MISS
etag: "84984e31497a75b7d35191960f68999e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce444b8619000-FRA
expires: Wed, 18 Sep 2024 19:35:25 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 7835 70 B
260 B 50ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 20 Sep 2023 20:41:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
BLOB 200
OK 2e610afd-4214-4f5c-8360-b0cdd54d5035
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/2e610afd-4214-4f5c-8360-b0cdd54d5035
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 105 KB
28 KB 96ms
24ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b79ef0d77339903f488a4cbe714a44abf6ea8ce6103607621b445ae3df3d14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: tugEymyy_9sqk8k1NSZpjRGKeNEOQ70Z
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 20:40:57 GMT
x-amz-cf-pop: FRA6-C1
age: 56
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 18 Sep 2023 10:47:59 GMT
server: AmazonS3
etag: W/"e7dd59593e93ff0ed16b65bc87f544eb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: BF15dnZ_S_VBp7HN7zZFT0GBQ6GYOgFiDJVBZvNq4ACCD29sDWDX6g==

GET
BLOB 200
OK fa6a7496-7abf-4cc8-996e-df9f01b1186d
https://helenair.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://helenair.com/fa6a7496-7abf-4cc8-996e-df9f01b1186d
Requested by: Host: helenair.com
URL: https://helenair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Sep 2023 21:23:48 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74baa6ab0e411dd23642253b42993a2bb76c7ef2df2e49478db6640698524961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 20:41:52 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
365 B 111ms
28ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://helenair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helenair.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 3 KB
1 KB 62ms
20ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: UnK3Jzx82VjmkmXiPXCq1ZNpqTk7dOLW
content-encoding: gzip
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 19:43:37 GMT
x-amz-cf-pop: FRA6-C1
age: 3496
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 29 Aug 2023 20:45:09 GMT
server: AmazonS3
etag: W/"bce4f760852ffc7e53a6ecc84f0a6d9b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 1wxkppsgZ91_b3d-rtN1ltON1MJJRl8dYyxrMEHch5N3PJUUnctUyw==

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 22ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id: _H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 6203296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 00:08:20 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: P5jxmP9tWqEZo5dyWwCiZ23AxwYHd3UI3f7fIFzmI4tEMvFqpxUXlA==

GET
H2 200 64c0a94ff1ff3.image.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/82/08222a76-b260-5a4c-8701-53681de61971/ 15 KB
15 KB 136ms
135ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/82/08222a76-b260-5a4c-8701-53681de61971/64c0a94ff1ff3.image.png?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=18498
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="64c0a94ff1ff3.webp"
content-length: 15462
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 05:04:16 GMT
server: cloudflare
x-vcache: MISS
etag: "073a1c0f9f54bfa9c70f24f5574e2651"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4469a309000-FRA
expires: Tue, 17 Sep 2024 04:52:12 GMT

GET
H2 200 65092f1fcbabf.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/f5/5f571ae8-45a5-5b26-a350-c84bfa11763f/ 7 KB
7 KB 130ms
130ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/f5/5f571ae8-45a5-5b26-a350-c84bfa11763f/65092f1fcbabf.image.jpg?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab89d60b9e1ab39a76e26342c169564caa51443a06bc44d8341916ad47c8bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=8534
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65092f1fcbabf.webp"
content-length: 7002
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Sep 2023 05:18:23 GMT
server: cloudflare
x-vcache: MISS
etag: "f0601655d92d768369530ca600091097"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4469a329000-FRA
expires: Wed, 18 Sep 2024 05:21:27 GMT

GET
H2 200 63d8b24f58c75.image.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/bc/0bc035f2-8700-5ec7-8f54-2f2f5ca671fd/ 59 KB
59 KB 127ms
127ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/bc/0bc035f2-8700-5ec7-8f54-2f2f5ca671fd/63d8b24f58c75.image.png?crop=600%2C338%2C0%2C13&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb9ec628a3a88428ab0dd29413e716c930932b4175133aaaf33a9a69d6332da

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=119630
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="63d8b24f58c75.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Jan 2023 06:16:47 GMT
server: cloudflare
x-vcache: MISS
etag: "c5777f0d2b91965ce9949a1a799847ad"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 809ce4469a339000-FRA
expires: Wed, 18 Sep 2024 05:33:22 GMT

GET
H2 200 65092f20cb146.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/41/e419e320-dd37-5cf1-a78f-b5f435ac4abc/ 9 KB
9 KB 153ms
153ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/41/e419e320-dd37-5cf1-a78f-b5f435ac4abc/65092f20cb146.image.jpg?crop=600%2C338%2C0%2C31&resize=400%2C225&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a166af634acd4e7a5873ebe3ba44e420d4f9a42eaba304b172f7d6e22bcecec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=11556
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65092f20cb146.webp"
content-length: 9408
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Sep 2023 05:18:24 GMT
server: cloudflare
x-vcache: MISS
etag: "37cd38552be48f7ba1cad03af35f9a39"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 809ce4469a349000-FRA
expires: Thu, 19 Sep 2024 17:39:02 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 22ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 14502676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: n26zNgMmKo5nU5XMUKYq2vFLEHXNfFxRhMM77QUf-_8-RlLH_de9-Q==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 588ms
193ms Fetch
application/json 35.155.246.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-246-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://helenair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helenair.com
date: Wed, 20 Sep 2023 20:41:52 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 /
helenair.com/tncms/tracking/classifieds/featured/ 0
147 B 122ms
122ms Ping
application/octet-stream 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/tncms/tracking/classifieds/featured/?i=f2c311c6-b63f-52fc-807a-dfb19652ac4e,
Requested by: Host: helenair.com
URL: https://helenair.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
real-hostname: helenair.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
helenair.com/tncms/tracking/business/block/ 0
147 B 122ms
122ms Ping
application/octet-stream 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://helenair.com/tncms/tracking/business/block/?i=47e00c12-7ba2-5ef3-9d48-9b7ed42cc19f,94efe857-8902-5ceb-857e-1760b0a731df,a272997c-3c3e-5086-845a-8a56b90b93cc,
Requested by: Host: helenair.com
URL: https://helenair.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helenair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:41:52 GMT
real-hostname: helenair.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
helenair.com/	1970-01-20 15:37:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
.helenair.com/	1970-01-20 14:54:06	Name: AMP_TOKEN Value: %24NOT_FOUND
helenair.com/	1970-01-20 23:39:38	Name: ajs_anonymous_id Value: 8e1084b3-77db-4d4e-aa0e-e12517417fd1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api.segment.io
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cdn.segment.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
email.mail.helenair.com
helenair.com
insight.adsrvr.org
securepubads.g.doubleclick.net
tagan.adlightning.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.16.132.24
108.138.1.25
13.225.83.200
18.66.147.69
192.104.182.109
2600:9000:211e:b000:3:b7e:8940:93a1
2600:9000:214f:1400:6:4d4d:1ec0:93a1
2a00:1450:4001:802::200e
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2008
2a00:1450:4001:813::200e
35.155.246.37
35.71.131.137
99.86.8.175
02bd15d539f3e41adfc3b1381a016d0e2195b07b6a963d7855f873bf90b832a3
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0bda808b293dc36f3c15e7e03bf06e809f39373e6fc13bf162c4aae67c5669bc
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
1e9c3fe0bb7e27e1fef2af1cae6a8924b40d3240418da5d484c65c00dae8f10a
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2a0ede11c28419af7bf0609331dd6b978ddcdc7ee1283c30f95652a9e6817012
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3f220241b68c40bee5bfea119c8ff6cb84b8f1150301f3bdd5240c1dbee35631
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
48e4af7400e01212161549c27bf2155c225fb09438ebdc4cfbd5182cd5fafad9
4ab89d60b9e1ab39a76e26342c169564caa51443a06bc44d8341916ad47c8bbf
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
5abf2937a05521071de062475681418cdf894fb583d4ec0f6565aa5ddeab051b
5b79ef0d77339903f488a4cbe714a44abf6ea8ce6103607621b445ae3df3d14a
5cb9ec628a3a88428ab0dd29413e716c930932b4175133aaaf33a9a69d6332da
5f3086b1c8f5a9ec7c98246f55b3f6c5b5ee6dc6f274fdb07a8a1ca8980a0d01
624c19a4056c556176807b24f2d940561c57ea14b4a98f2bbdc11ea990eb0386
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6d49ba3df631d3bad38e0a881637670859adc22ca85ba407621cafd712d5bd43
74baa6ab0e411dd23642253b42993a2bb76c7ef2df2e49478db6640698524961
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7bf7cd1fc4104bd6e4a4c1706c267736183a31b30598eea7b0919211a9d1b6e8
826287d7c624ddfbf89385aac12d9f3bba19a2d50103addd3107810e7fa07eb5
85f0031ea468bbd0348d091f5712b620056184103b6c1607af24ba4e7c49fb38
8c23429799dc9998cb642f80e5dd36599e03653433148e47ab88c6fbfc00c2fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91dfc06610a596a198e1408290c64ba066e86cf0c183ed17d13b220310ae6876
9274d827085950eafdccf9001b6de37e68e117333cd40f7dfd3b70bff221fd17
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48
986e07255ec3f5d0505316bdb70ed5bfab712a846d55c77c95cd4978598ab140
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9ec32b94e8ead4291902827660140873992021287cdd449eefc540a147f3594d
a166af634acd4e7a5873ebe3ba44e420d4f9a42eaba304b172f7d6e22bcecec1
a3361586153712b89c111edae2eb7c511762d66346119ab80bddbde761bf8088
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4e376381863d9d80f7f33aaf308580e3aa22cf0073829a95941eac03aa62926
a81d1bfe9275839689ef18b5f92e5582ed54a4b0d6a1811a83f832a2fa5c756a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b074e956b8d79fc22d0f06502a2d2b9b2e6afc75497bdcc372edc301d99225d1
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b11f35644da3ef1864a31c7dca82a9423a719abc43662c8c14c4eb138219612d
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b89e5bfb57ab35672236725747193a6c9f2d6ddb8eeb6202ee870aa6a493eed7
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bed221d78d9bcc3b9770f23b8510762499a051be5a77ba3c452ef73f8e18774d
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9fcea5c931597660e7cade320ba3e0f58a714a47bd872d768afd19cdeab037
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d9af08a623aa67f8a4c203ab74f6b4804b666696e3d42bd4cb258fbcdfbe4f10
dba911d09a6413de6f8d1d1f931a1464c3f273d5de6fb39a3e0894a5aa060c0e
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff537e5c59f085d66e08b07da5b1de9591656b1c8d3cdef285d45e4eb747033
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f25203c2b6350ddb55e160c5e7cd09e5b227158faf08c9d436c0fc0b32f937
f2a36a525ed22316938cf9130b8db6de64989e47c195c37a318082d3a2d04a12
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fc5c9d805c7cc14cbb1c2e1b3d9c7714e97176a0634ca2542a721aa6f87a350e

helenair.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

86 %HTTPS

50 %IPv6

15 Domains

16 Subdomains

16 IPs

3 Countries

1857 kBTransfer

5675 kBSize

3 Cookies

14 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helenair.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

86 %
HTTPS

50 %
IPv6

15
Domains

16
Subdomains

16
IPs

3
Countries

1857 kB
Transfer

5675 kB
Size

3
Cookies

97 HTTP transactions
1 data transactions