urlscan.io logo urlscan.io
SecurityTrails logo

thehelperbees.tfaforms.net Open in urlscan Pro
18.214.240.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://silverscript.thehelperbeesportal.com/
Effective URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC0...
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 18.214.240.207, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thehelperbees.tfaforms.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 15th 2024. Valid for: a year.
This is the only time thehelperbees.tfaforms.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13 18.214.240.207 14618 (AMAZON-AES)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.227.147.243 396982 (GOOGLE-CL...)
19 6
1    2606:4700:20::681a:59a (United States)

ASN13335 (CLOUDFLARENET, US)
silverscript.thehelperbeesportal.com
13    18.214.240.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-240-207.compute-1.amazonaws.com
thehelperbees.tfaforms.net
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.227.147.243 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 243.147.227.35.bc.googleusercontent.com
www.thehelperbees.com
Apex Domain
Subdomains		 Transfer
13 tfaforms.net
thehelperbees.tfaforms.net
208 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
69 KB
1 thehelperbees.com
www.thehelperbees.com
1 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3015
7 KB
1 thehelperbeesportal.com
silverscript.thehelperbeesportal.com
517 B
19 7
Domain Requested by
13 thehelperbees.tfaforms.net 1 redirects thehelperbees.tfaforms.net
2 fonts.googleapis.com thehelperbees.tfaforms.net
2 cdnjs.cloudflare.com thehelperbees.tfaforms.net
cdnjs.cloudflare.com
1 www.thehelperbees.com
1 fonts.gstatic.com fonts.googleapis.com
1 stackpath.bootstrapcdn.com thehelperbees.tfaforms.net
1 silverscript.thehelperbeesportal.com 1 redirects
19 7

This site contains links to these domains. Also see Links.

Domain
www.thehelperbees.com
Subject Issuer Validity Valid
*.tfaforms.net
Amazon RSA 2048 M02		 2024-04-15 -
2025-05-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
www.thehelperbees.com
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Frame ID: 383F23DBD6F5BE1FF149F5831CA441E9
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SilverScript Medicare Advantage Referral Intake

Page URL History Show full URLs

  1. https://silverscript.thehelperbeesportal.com/ HTTP 302
    https://thehelperbees.tfaforms.net/wf06dJB HTTP 303
    https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • (?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

318 kB
Transfer

770 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://silverscript.thehelperbeesportal.com/ HTTP 302
    https://thehelperbees.tfaforms.net/wf06dJB HTTP 303
    https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHD...
thehelperbees.tfaforms.net/wf06dJB/
Redirect Chain
  • https://silverscript.thehelperbeesportal.com/
  • https://thehelperbees.tfaforms.net/wf06dJB
  • https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiO...
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
18a2039e98f541392fcf910e82a438379d585b9912cc580922a2d2d8610e1a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 09:08:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT, -1
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-fa-app
50-12

Redirect headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate no-cache, private
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 09:08:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-fa-app
50-12
FA__DOMContentLoadedEventDispatcher.js
thehelperbees.tfaforms.net/js/ 		133 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/js/FA__DOMContentLoadedEventDispatcher.js
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7b0f0cf1437e94da0a6bb82e8cf96f237e23fc304f4a365edf936b554fb5cedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 16:57:34 GMT
server
nginx
etag
W/"65e208fe-85"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
wforms-layout.css
thehelperbees.tfaforms.net/dist/form-builder/5.0.0/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/dist/form-builder/5.0.0/wforms-layout.css?v=8b5c9ffd0b6fc88dc72529725004f6b69b9e0ae8
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9ecd3d0ad6bfb3d656606eeb5c7ee15805495c858c1dd4e9e90e3da5deede10a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:40:29 GMT
server
nginx
etag
W/"65e2130d-7826"
content-type
text/css
x-fa-app
50-12
theme-40.css
thehelperbees.tfaforms.net/uploads/themes/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
22143918cb5b6d255e87f1f75216428f34a6d1daf21c4df79c6e8e235735c7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 20:57:56 GMT
server
nginx
etag
W/"65835554-4162"
content-type
text/css
x-fa-app
50-12
wforms.js
thehelperbees.tfaforms.net/wForms/3.11/js/ 		216 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/wForms/3.11/js/wforms.js?v=8b5c9ffd0b6fc88dc72529725004f6b69b9e0ae8
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
421e3dfcc4e42ad0e9535deb48c371aa602a9c4f0210da5b6553bb2647c6203e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:30:43 GMT
server
nginx
etag
W/"65e210c3-35ed3"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
localization-en_US.js
thehelperbees.tfaforms.net/wForms/3.11/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/wForms/3.11/js/localization-en_US.js?v=8b5c9ffd0b6fc88dc72529725004f6b69b9e0ae8
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
546b29c0d58453484fe0efe4e8715a16f88594ce3ec85ac598e2d1a065347df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:30:48 GMT
server
nginx
etag
W/"65e210c8-1a0b"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
jquery.js
thehelperbees.tfaforms.net/dist/jquery/ 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/dist/jquery/jquery.js
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1d420088235a094ace032903135406fd4449fc35d7f0db5e8dee38392f5c3180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:40:29 GMT
server
nginx
etag
W/"65e2130d-15e11"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
typeahead.bundle.js
thehelperbees.tfaforms.net/js/typeahead/v1.2.0/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/js/typeahead/v1.2.0/typeahead.bundle.js
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
53b5b7076f0e480f06acf893e34f28e8d64b61676b4344e68abd0bea4cefbfda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 16:57:34 GMT
server
nginx
etag
W/"65e208fe-199e5"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
267791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4839
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6857"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILpfPmkltwOFNgYmexiEUoZw2bARcmaZ1qVEA0z2y7slnrnzE7quAnj0Oarsb80ZhbgcjprMnH%2BiFFUSdTKPAApnTVc%2B8d23HpgFJeY21jOh%2ByiXEwD0qrYglbcAe5%2FAKEyKcaKn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
878478c588a7a01e-FRA
expires
Sat, 12 Apr 2025 09:08:52 GMT
open-telemetry.3e6c1bedaa7fb4452dd0.js
thehelperbees.tfaforms.net/dist/open-telemetry/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/dist/open-telemetry/open-telemetry.3e6c1bedaa7fb4452dd0.js
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d5d5d976ab32fac4758f26605a380fc60f41ece88e60633464368c3367c8a4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:40:30 GMT
server
nginx
etag
W/"65e2130e-13d30"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
iframe_message_helper_internal.js
thehelperbees.tfaforms.net/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/js/iframe_message_helper_internal.js?v=2
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
23543aaa71824cc6fee0e06935013bab69df682ebc05c606472875c9a9a932bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 16:57:34 GMT
server
nginx
etag
W/"65e208fe-531d"
content-type
application/javascript; charset=utf-8
x-fa-app
50-12
wforms-jsonly.css
thehelperbees.tfaforms.net/dist/form-builder/5.0.0/ 		755 B
495 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehelperbees.tfaforms.net/dist/form-builder/5.0.0/wforms-jsonly.css?v=8b5c9ffd0b6fc88dc72529725004f6b69b9e0ae8
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 01 Mar 2024 17:40:29 GMT
server
nginx
etag
W/"65e2130d-2f3"
content-type
text/css
x-fa-app
50-12
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
411068924a81785f6b2f7230c87bcc1bb6e78e409cdd0b6ac479517a420af0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 09:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 08:29:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 09:08:52 GMT
css
fonts.googleapis.com/ 		7 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fac30f50b4a7c2194996ec927b12ea51b16ecc015b25922d064e7dadd21c298f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 09:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 07:56:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 09:08:52 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
14112301
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
878478c68fe434f4-WAW
cdn-requestpullsuccess
True
B2hHFSWg6Cq0CCVmxm5luRhIyN4xjt6VC3JREumPS8YwQ6E0HveLA6IJcezwkaxC-THB_Logo.png
thehelperbees.tfaforms.net/forms/get_image/1/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehelperbees.tfaforms.net/forms/get_image/1/B2hHFSWg6Cq0CCVmxm5luRhIyN4xjt6VC3JREumPS8YwQ6E0HveLA6IJcezwkaxC-THB_Logo.png
Requested by
Host: thehelperbees.tfaforms.net
URL: https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.240.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-240-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1f9b299e63d62a8c4b51872a7bf1264275d964c593a2962b8062ab010345d76c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/uploads/themes/theme-40.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 21 Feb 2023 18:38:23 GMT
server
nginx
etag
"69294d0f28049fcc09b6e8e92d1088ba"
content-type
image/png
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
max-age=315360000
x-fa-app
50-12
expires
Thu, 20 Apr 2034 09:08:54 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thehelperbees.tfaforms.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 17:14:36 GMT
x-content-type-options
nosniff
age
575657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 17:14:36 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://thehelperbees.tfaforms.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:53 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1507132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64464
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-fbd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BVteaIMqKhaqJy0JaMGVo1B7aadMYUqsti3qLXw%2BoU2pTpQzS7hn7eFlYfi5Yx8rCIftW1zLc%2B9vktQbmmuUumJPHMEo6xQDpIeGi1Jg03bsBAq8Pb5X6wZEoGkl1CPkRw23lBh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
878478c96b0e196d-FRA
expires
Sat, 12 Apr 2025 09:08:53 GMT
bee-fullcolor.svg
www.thehelperbees.com/wp-content/uploads/2022/07/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.thehelperbees.com/wp-content/uploads/2022/07/bee-fullcolor.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.227.147.243 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.147.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b10451756d7ea9aa91a25942052202b109a4b0318b3a7fb697bcd597bc373dc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thehelperbees.tfaforms.net/wf06dJB/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3b3JrZmxvd1Nlc3Npb25VdWlkIjoiYjVkNGM2MGItZGQyNC00N2U5LTk3ZWMtMGM0NDAxZjU0MTUzIiwiZm9ybUlkIjoxMjUsInJlc3BvbnNlSWQiOm51bGwsInVzZV9zYXZlX3Jlc3VtZSI6ZmFsc2V9.OHDqd6umoz6KtPslRjHlk10XO0lltafPJktTYNp7bwc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 09:08:54 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
last-modified
Sat, 07 Jan 2023 06:06:17 GMT
server
nginx
etag
W/"63b90bd9-7f4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| base2 boolean| loadIE object| _b function| _i object| StopIteration object| wFORMS object| cfg object| wFormsNumericLocaleFormattingInfo undefined| FAoldJQ undefined| $ undefined| jQuery function| SearchIndex function| Bloodhound function| FA$ object| simpleStorage undefined| base

2 Cookies

Domain/Path Name / Value
thehelperbees.tfaforms.net/ Name: FORMASSEMBLY
Value: 5eea1f00952ff6b1475d3124fe4dd570
thehelperbees.tfaforms.net/ Name: FASRV
Value: 2e828ac1ae84d7bf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
silverscript.thehelperbeesportal.com
stackpath.bootstrapcdn.com
thehelperbees.tfaforms.net
www.thehelperbees.com
104.17.24.14
104.18.10.207
18.214.240.207
2606:4700:20::681a:59a
2a00:1450:4001:800::2003
2a00:1450:4001:811::200a
35.227.147.243
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
18a2039e98f541392fcf910e82a438379d585b9912cc580922a2d2d8610e1a0e
1d420088235a094ace032903135406fd4449fc35d7f0db5e8dee38392f5c3180
1f9b299e63d62a8c4b51872a7bf1264275d964c593a2962b8062ab010345d76c
22143918cb5b6d255e87f1f75216428f34a6d1daf21c4df79c6e8e235735c7b7
23543aaa71824cc6fee0e06935013bab69df682ebc05c606472875c9a9a932bb
2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
411068924a81785f6b2f7230c87bcc1bb6e78e409cdd0b6ac479517a420af0f4
421e3dfcc4e42ad0e9535deb48c371aa602a9c4f0210da5b6553bb2647c6203e
53b5b7076f0e480f06acf893e34f28e8d64b61676b4344e68abd0bea4cefbfda
546b29c0d58453484fe0efe4e8715a16f88594ce3ec85ac598e2d1a065347df4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b0f0cf1437e94da0a6bb82e8cf96f237e23fc304f4a365edf936b554fb5cedd
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9ecd3d0ad6bfb3d656606eeb5c7ee15805495c858c1dd4e9e90e3da5deede10a
b10451756d7ea9aa91a25942052202b109a4b0318b3a7fb697bcd597bc373dc2
d5d5d976ab32fac4758f26605a380fc60f41ece88e60633464368c3367c8a4dc
fac30f50b4a7c2194996ec927b12ea51b16ecc015b25922d064e7dadd21c298f