urlscan.io logo urlscan.io
SecurityTrails logo

www.helbreath.net Open in urlscan Pro
192.185.67.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.helbreath.net/
Effective URL: https://www.helbreath.net/
Submission: On May 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 192.185.67.82, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.helbreath.net.
TLS certificate: Issued by R3 on April 30th 2024. Valid for: 3 months.
This is the only time www.helbreath.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 192.185.67.82 19871 (NETWORK-S...)
3 104.18.72.113 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 157.240.252.13 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 104.16.53.111 13335 (CLOUDFLAR...)
25 7
17    192.185.67.82 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-67-82.unifiedlayer.com
www.helbreath.net
3    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
helbreath.zendesk.com
Apex Domain
Subdomains		 Transfer
17 helbreath.net
www.helbreath.net
293 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2198
ekr.zdassets.com — Cisco Umbrella Rank: 2568
289 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
89 KB
1 zendesk.com
helbreath.zendesk.com
992 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
25 5
Domain Requested by
17 www.helbreath.net www.helbreath.net
3 static.zdassets.com www.helbreath.net
static.zdassets.com
2 connect.facebook.net www.helbreath.net
connect.facebook.net
1 helbreath.zendesk.com static.zdassets.com
1 www.facebook.com connect.facebook.net
1 ekr.zdassets.com static.zdassets.com
25 6

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
www.helbreath.cleroth.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-09 -
2024-05-08		 3 months crt.sh
helbreath.zendesk.com
Cloudflare Inc ECC CA-3		 2024-03-04 -
2024-12-31		 10 months crt.sh

This page contains 3 frames:

Primary Page: https://www.helbreath.net/
Frame ID: 57764F9E17B896628F3A7BA81CCE649E
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc9640b402cc2bc54%26domain%3Dwww.helbreath.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.helbreath.net%252Ff3adacc711cad1b95%26relation%3Dparent.parent&container_width=160&href=https%3A%2F%2Fwww.facebook.com%2Fhbolympia%2F&layout=button_count&locale=en_GB&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 79780DD3C8940580D9218E197D77CC1E
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Frame ID: 7536E6B9AF6DF7AAFC217CC0237F2DF4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Helbreath

Page URL History Show full URLs

  1. http://www.helbreath.net/ HTTP 307
    https://www.helbreath.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

671 kB
Transfer

5779 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.helbreath.net/ HTTP 307
    https://www.helbreath.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.helbreath.net/
Redirect Chain
  • http://www.helbreath.net/
  • https://www.helbreath.net/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
d6282a7d8431050a53187f139f3983ab858a512dc3922656b1e230a54b54d928

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
2159
content-type
text/html; charset=UTF-8
date
Wed, 01 May 2024 11:05:42 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://www.helbreath.net/
Non-Authoritative-Reason
HttpsUpgrades
style.css
www.helbreath.net/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/css/style.css?17
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
e7fd2cade6d5ace0f854034164a683dd76e4bfcbc8a7b2ca8698098938097b84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 16:07:54 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3042
jquery-1.7.2.min.js
www.helbreath.net/js/ 		93 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/js/jquery-1.7.2.min.js
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2017 22:53:14 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
jquery.countdown.js
www.helbreath.net/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/js/jquery.countdown.js
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
7691e9db5e0fc7fe8f7cfc6776b3972629e875d0c84ce7cc657273271ddfec5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2017 22:53:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10608
scripts.js
www.helbreath.net/js/ 		904 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/js/scripts.js?3
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
ad0abb258fdb1e50bff1f3cd82426e1c0d506083d31245a9b2fc963beb920e5e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2017 22:53:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
529
topborder.png
www.helbreath.net/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/topborder.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
056d01c7b93bba426c2be5fff053444d4e9b24e77fdd074d76e3490a72915c22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:47 GMT
server
Apache
accept-ranges
bytes
content-length
20462
content-type
image/png
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=9e13d1bc-f848-4ef8-be83-2cde7f61fc88
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
54
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdT0zA27QpkAcJJolTG8ewZBOvgqJIq0SLPb%2FfTv%2BTSaQAFieYqur5VH8ev1GH1Bwf9I7IMynbW9pHkIQGOqs0Aph2YvhQRzkuTsAbBvPcCGm7%2BXMfgZLOp2eEMoL6%2FgglUBed8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
87cf4c488c5b35fa-FRA
access-control-allow-headers
*
bottomborder.png
www.helbreath.net/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/bottomborder.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
d78d6822869f211d425de6a67ad1496c979546fe79cdf1a0adc70a621ad35fdb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:17 GMT
server
Apache
accept-ranges
bytes
content-length
16229
content-type
image/png
all.js
connect.facebook.net/en_GB/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/js/scripts.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eeb01c54fb9faec691c7f8491c0943d5e3487d6f9ebcdadc19c412293ac8d58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 May 2024 11:05:42 GMT
content-md5
Vv5Yhh+kf1j3z+L0nwItNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1691
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
X73w3KHWn7CZeAbNly5ij3KdNmRP25jKfSe+uwbOJVc+AH+Pi6IUIiqdE9OLdZef76ku+BQWMFSnGz8Ksbhcmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
33acc86474845767b69f14314ea68067
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"a26868ad647d056747c819aa28027bb6"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 01 May 2024 11:24:50 GMT
down.png
www.helbreath.net/img/ 		465 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/down.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
3086d6145c6939be9aa0aac4c5bc93c45d40b0ce82e1d16bc46ae0c1d6381f11

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:21 GMT
server
Apache
accept-ranges
bytes
content-length
465
content-type
image/png
9e13d1bc-f848-4ef8-be83-2cde7f61fc88
ekr.zdassets.com/compose/ 		758 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/9e13d1bc-f848-4ef8-be83-2cde7f61fc88
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9e13d1bc-f848-4ef8-be83-2cde7f61fc88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5008b53a7baf9171e6eb16ee1c31c9688956a8a007e2eaefed427e90df4ed5c6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
879ecc14da5b389f-SEA, 879ecc14da5b389f-SEA
x-runtime
0.012934
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5008b53a7baf9171e6eb16ee1c31c968"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCOA25kr3ub9jJZ0PDc85jENZS0fRAXt6cfn11bCWmAEMOQh5EuQ253MCYhio9LyWXkSgvjGCCaCRRQ97sJSLo%2B0hQbFdwmcFlS8X6F8KlxnMReXWYeBuJ4mPpHzFvdNNRo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
87cf4c4a9fc24d54-FRA
bck.jpg
www.helbreath.net/img/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/bck.jpg?2
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
841d1b7f30abcb37869eef0e048a4777f7f495cd064fd24fa125dcf0560abe50

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 20 Mar 2020 17:17:06 GMT
server
Apache
accept-ranges
bytes
content-length
117661
content-type
image/jpeg
contentback.png
www.helbreath.net/img/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/contentback.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
cb581c93c4e16374fe0f171184942fab116d5bf796cdec7c52c6c785a8a6b97a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:19 GMT
server
Apache
accept-ranges
bytes
content-length
59731
content-type
image/png
menuhead.png
www.helbreath.net/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/menuhead.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
8d6f1569a8fd39758f166fde400a8295ce99a55ca9533d723526a4b63cc4bd2d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:38 GMT
server
Apache
accept-ranges
bytes
content-length
1700
content-type
image/png
despmid.png
www.helbreath.net/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/despmid.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
e1713070566e3185b64a17bc3a0d66377a586ab607163b63752cdb77ed3e8d8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:20 GMT
server
Apache
accept-ranges
bytes
content-length
6281
content-type
image/png
desptop.png
www.helbreath.net/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/desptop.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
9c28e1f38df33e66caf38e577ae8da6121177fb947a6a5b7a2feae7236725728

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:20 GMT
server
Apache
accept-ranges
bytes
content-length
2812
content-type
image/png
posttitle.gif
www.helbreath.net/img/ 		153 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/posttitle.gif
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
83e4b93b9a38ebac6ef50fd64c6d9ddb019c667508b07ceba1988e7b96e103be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:42 GMT
server
Apache
accept-ranges
bytes
content-length
153
content-type
image/gif
playover.png
www.helbreath.net/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.helbreath.net/img/playover.png
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/css/style.css?17
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
03c26270f9e53aceaf8c9604fb7db5b7c74dc920e9cbb54c62998075ab9da3b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/css/style.css?17
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Fri, 10 Mar 2017 22:52:41 GMT
server
Apache
accept-ranges
bytes
content-length
13262
content-type
image/png
gameplay-teaser.mp4
www.helbreath.net/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/gameplay-teaser.mp4
Requested by
Host: www.helbreath.net
URL: https://www.helbreath.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.helbreath.net/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

Content-Range
bytes 0-4559704/4559705
date
Wed, 01 May 2024 11:05:42 GMT
last-modified
Tue, 12 Nov 2019 05:15:44 GMT
server
Apache
accept-ranges
bytes
Content-Length
4559705
content-type
video/mp4
all.js
connect.facebook.net/en_GB/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=1c0d55f8e673d279c305a291e553b448
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
3c9d64792b58d090f4a1f07c5bc375396caeb0d534681800cbf207388ffbade9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Origin
https://www.helbreath.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 May 2024 11:05:42 GMT
content-md5
vTQJVXJD8GphQNxydG/Idw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87042
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=33, mss=1232, tbw=4300, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
U2Jwa4wpPpQnY+JqQNMm8SK9C8BEaN3/pZtEBPCYPywG1Vi63atbwI1Ei7p/wWj8XYXhg/a1+LYpKq96Wf+I+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
149cece92e28c78a19cb28a2f4ec6044
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6c7039e44b1572d306aff2a90e47281a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 01 May 2025 09:31:07 GMT
like.php
www.facebook.com/plugins/ Frame 7978 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc9640b402cc2bc54%26domain%3Dwww.helbreath.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.helbreath.net%252Ff3adacc711cad1b95%26relation%3Dparent.parent&container_width=160&href=https%3A%2F%2Fwww.facebook.com%2Fhbolympia%2F&layout=button_count&locale=en_GB&sdk=joey&share=true&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=1c0d55f8e673d279c305a291e553b448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.helbreath.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Wed, 01 May 2024 11:05:43 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=32, ullat=0
x-fb-debug
v8hHSojC/jKICmc72gE/W/YecheWfGYr0KP2SB85tK/27oBlYEERTDEWgYfYeI/INSLkN9wC+JSd8LtRh97COA==
x-xss-protection
0
square_logo.ico
www.helbreath.net/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.helbreath.net/img/square_logo.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.67.82 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-67-82.unifiedlayer.com
Software
Apache /
Resource Hash
0cbfabdab48185f0f8a436a926e53cf64c35cf8150e74aabfc5745cfd4a0ae6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.helbreath.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:43 GMT
last-modified
Fri, 10 Mar 2017 22:52:45 GMT
server
Apache
content-type
image/x-icon
cache-control
max-age=604800
accept-ranges
bytes
content-length
2102
expires
Wed, 08 May 2024 11:05:43 GMT
web-widget-main-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/ Frame 7536 		969 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9e13d1bc-f848-4ef8-be83-2cde7f61fc88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:43 GMT
x-amz-version-id
_IYDenNVju8wHXIpAa8FJzBqmTlghdyK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
64S1GV9HNQKB0DVA
age
101
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
last-modified
Mon, 08 Apr 2024 13:46:13 GMT
server
cloudflare
etag
W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHo82DQYmbmsAkEAp%2FCrMbwKGxQZ8iReEb%2B%2BybssIBpsttlCqByf3%2B%2BJQYawee7SQeQiS9o6tlkYFIQ2ezyAzZAIzrCttHyIKZrPtbUnFvEXMNzG3cY7Ka5ZpzcMuIexfgbOsHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87cf4c4e9a6635fa-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:12 GMT
en-us-json-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 7536 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:43 GMT
x-amz-version-id
LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWT4SJ3NP0VX855
age
1725634
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
last-modified
Mon, 08 Apr 2024 13:46:15 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyUgBgOKallOVqwjg4bKJACrHFzfMFtHumFJMNe7QenYSBDOvhDYtjyqmvmqNsxo7DIwDEvaDjv%2BgUUzKOes9duhF7qX5IKYNBrPtcTwjj%2BuOsgNHDp0MNC8BYOIS0yhjLt7k%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87cf4c4f6b2d35fa-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:13 GMT
config
helbreath.zendesk.com/embeddable/ Frame 7536 		385 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://helbreath.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a467ba8eeee3071cba8466f4b9c25da625c9c5c6e651f2feedd4be38a4c1758b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 11:05:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6d74d7c96b-sr5zv
x-cached
MISS
x-runtime
0.001640
last-modified
Wed, 01 May 2024 09:55:48 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrxLFRQtusfPcw2hpP6t%2B%2BTemx50KN5V%2FioxTC2HkRLATTdMwhuvIDY3D6c8c3wbLBb5lNNRvspvdIw9nqUrN7R%2FlVxovgeEo4TbGz%2BR4Hdj9NrV%2Br%2BBVklUhr%2FHNN8xpou%2FG4umHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
87cf4c4f9b4d366f-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| UpdateTime function| preload object| zEWebpackACJsonp function| zE function| zEmbed object| FB object| __buffer boolean| zEACLoaded function| $zopim

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
ekr.zdassets.com
helbreath.zendesk.com
static.zdassets.com
www.facebook.com
www.helbreath.net
104.16.53.111
104.18.70.113
104.18.72.113
157.240.252.13
192.185.67.82
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
03c26270f9e53aceaf8c9604fb7db5b7c74dc920e9cbb54c62998075ab9da3b4
056d01c7b93bba426c2be5fff053444d4e9b24e77fdd074d76e3490a72915c22
0cbfabdab48185f0f8a436a926e53cf64c35cf8150e74aabfc5745cfd4a0ae6e
3086d6145c6939be9aa0aac4c5bc93c45d40b0ce82e1d16bc46ae0c1d6381f11
3c9d64792b58d090f4a1f07c5bc375396caeb0d534681800cbf207388ffbade9
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5008b53a7baf9171e6eb16ee1c31c9688956a8a007e2eaefed427e90df4ed5c6
7691e9db5e0fc7fe8f7cfc6776b3972629e875d0c84ce7cc657273271ddfec5d
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
83e4b93b9a38ebac6ef50fd64c6d9ddb019c667508b07ceba1988e7b96e103be
841d1b7f30abcb37869eef0e048a4777f7f495cd064fd24fa125dcf0560abe50
8d6f1569a8fd39758f166fde400a8295ce99a55ca9533d723526a4b63cc4bd2d
9c28e1f38df33e66caf38e577ae8da6121177fb947a6a5b7a2feae7236725728
a467ba8eeee3071cba8466f4b9c25da625c9c5c6e651f2feedd4be38a4c1758b
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
ad0abb258fdb1e50bff1f3cd82426e1c0d506083d31245a9b2fc963beb920e5e
cb581c93c4e16374fe0f171184942fab116d5bf796cdec7c52c6c785a8a6b97a
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d6282a7d8431050a53187f139f3983ab858a512dc3922656b1e230a54b54d928
d78d6822869f211d425de6a67ad1496c979546fe79cdf1a0adc70a621ad35fdb
e1713070566e3185b64a17bc3a0d66377a586ab607163b63752cdb77ed3e8d8a
e7fd2cade6d5ace0f854034164a683dd76e4bfcbc8a7b2ca8698098938097b84
eeb01c54fb9faec691c7f8491c0943d5e3487d6f9ebcdadc19c412293ac8d58d