Submitted URL: http://www.helmsinn.com/
Effective URL: https://www.helmsinn.com/
Submission: On April 05 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 52 HTTP transactions. The main IP is 3.127.73.216, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.helmsinn.com.
TLS certificate: Issued by R3 on February 13th 2024. Valid for: 3 months.
This is the only time www.helmsinn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.127.73.216 16509 (AMAZON-02)
6 18.66.112.9 16509 (AMAZON-02)
16 65.9.95.89 16509 (AMAZON-02)
7 52.228.119.67 8075 (MICROSOFT...)
9 65.9.95.13 16509 (AMAZON-02)
2 65.9.94.148 16509 (AMAZON-02)
4 54.81.54.204 14618 (AMAZON-AES)
6 2a02:6ea0:c70... 60068 (CDN77 _)
1 2600:1f14:5db... 16509 (AMAZON-02)
52 10
Apex Domain
Subdomains
Transfer
31 cdn-website.com
lirp.cdn-website.com — Cisco Umbrella Rank: 18935
static.cdn-website.com — Cisco Umbrella Rank: 19396
irp.cdn-website.com — Cisco Umbrella Rank: 19531
2 MB
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3222
api.userway.org — Cisco Umbrella Rank: 3089
62 KB
7 onressystems.com
www.onressystems.com
110 KB
4 multiscreensite.com
rtc.multiscreensite.com — Cisco Umbrella Rank: 20616
2 cloudfront.net
d32hwlnfiv2gyn.cloudfront.net
19 KB
1 helmsinn.com
www.helmsinn.com
25 KB
52 6
Domain Requested by
16 static.cdn-website.com www.helmsinn.com
static.cdn-website.com
9 irp.cdn-website.com www.helmsinn.com
7 www.onressystems.com www.helmsinn.com
static.cdn-website.com
6 cdn.userway.org www.helmsinn.com
cdn.userway.org
6 lirp.cdn-website.com www.helmsinn.com
irp.cdn-website.com
4 rtc.multiscreensite.com static.cdn-website.com
2 d32hwlnfiv2gyn.cloudfront.net www.helmsinn.com
1 api.userway.org cdn.userway.org
1 www.helmsinn.com
52 9

This site contains links to these domains. Also see Links.

Domain
www.onressystems.com
www.onressoftware.com
Subject Issuer Validity Valid
www.helmsinn.com
R3
2024-02-13 -
2024-05-13
3 months crt.sh
multiscreensite.com
R3
2024-03-24 -
2024-06-22
3 months crt.sh
www.onressystems.com
Go Daddy Secure Certificate Authority - G2
2023-11-03 -
2024-12-04
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
1667503734.rsc.cdn77.org
R3
2024-02-27 -
2024-05-27
3 months crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.helmsinn.com/
Frame ID: 7236A003F00911E1C62328D57F3DBA25
Requests: 51 HTTP requests in this frame

Screenshot

Page Title

Home

Page URL History Show full URLs

  1. http://www.helmsinn.com/ HTTP 307
    https://www.helmsinn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

22 %
IPv6

6
Domains

9
Subdomains

10
IPs

3
Countries

2031 kB
Transfer

3631 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.helmsinn.com/ HTTP 307
    https://www.helmsinn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.helmsinn.com/
Redirect Chain
  • http://www.helmsinn.com/
  • https://www.helmsinn.com/
99 KB
25 KB
Document
General
Full URL
https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.73.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-73-216.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f43768cbac060c072be8dc7ad237e10f18fb166de04823a6a0196034d8f853f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
25508
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=utf-8
d-cache
from-cache
d-geo
EU
date
Fri, 05 Apr 2024 01:08:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
link
<https://lirp.cdn-website.com/md/pexels/dms3rep/multi/opt/pexels-photo-271639-1920w.jpeg>; rel=preload; as=image; fetchpriority=high
server
nginx
strict-transport-security
max-age=31536000; preload
vary
user-agent,accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.helmsinn.com/
Non-Authoritative-Reason
HttpsUpgrades
pexels-photo-271639-1920w.jpeg
lirp.cdn-website.com/md/pexels/dms3rep/multi/opt/
52 KB
52 KB
Image
General
Full URL
https://lirp.cdn-website.com/md/pexels/dms3rep/multi/opt/pexels-photo-271639-1920w.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7897eb72cf48eb16cdfb32406a88eb94fa16054203ff2b15bcc331d7e39dc594

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 10:33:18 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1262138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
52778
x-amz-expiration
expiry-date="Mon, 20 May 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Tue, 21 Nov 2023 18:13:13 GMT
server
AmazonS3
etag
"59b44199ac825d1657d4f40fac510311"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FhIA6cOWg782i_uBAYmQ9dKPKl7PQXk8qFvGInbOGwm96S2dx_UKEQ==
jquery-3.7.0.min.js
static.cdn-website.com/libs/jquery/
85 KB
30 KB
Script
General
Full URL
https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JlB87n.8JeSlNMpjtnQ7ZQFJjIuOXDIf
content-encoding
gzip
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 01:32:39 GMT
x-amz-cf-pop
PRG50-C1
age
257829
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jul 2023 14:02:06 GMT
server
AmazonS3
etag
W/"e6c2415c0ace414e5153670314ce99a9"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Sxy7E9InBfORO4D4CVufqEpSVbcIJGpa2FqX3ZB-Sx1gqxRldx5JAQ==
d-js-one-runtime-unified-desktop.min.js
static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/
325 KB
98 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ec60f255b99c3148e13d62b165b471f10437ce76367deda66f409537b5a85f1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Mpi7.VPs2mF4LQlbDZLwGpRUppw2ibiW
content-encoding
gzip
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:08:46 GMT
x-amz-cf-pop
PRG50-C1
age
219610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:44 GMT
server
AmazonS3
etag
W/"0640ae52188fdf8b38684d88c35aa13a"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
KccBObfHP5I8ApqMCNza__wLOKzPfC88Z0LohXva1r0vV0J-KP-3Mg==
d-js-jquery-migrate.min.js
static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/
11 KB
5 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5cGZRciU9yQTd39WTjrRqtrrPwC5WjUJ
content-encoding
br
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:15 GMT
x-amz-cf-pop
PRG50-C1
age
219702
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:44 GMT
server
AmazonS3
etag
W/"0c0a1fa81ed04355cd2c63c134163cc0"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
iV25KBS5Mibuu1wdoFX48qnr2R43HvUZS5_34ok6wcKMEm14FpaoPQ==
helms-inn-logo-1-2f71ec97-221w.png
lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/
6 KB
7 KB
Image
General
Full URL
https://lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/helms-inn-logo-1-2f71ec97-221w.png
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9413eef6fb19b426509e1f70e23b8b7c161ebc6bd3492608d76ada6ebeb3633b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
126276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6304
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Tue, 13 Feb 2024 22:25:52 GMT
server
AmazonS3
etag
"f5fe96d350240b654de32eeb844e6bb2"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z8xOrpPRZzHccQ36_ZdpIDIRg3aGAf_dJLxrQOtdJjoPClj1XGm_Pw==
moment.js
www.onressystems.com/Reservations/Scripts/
147 KB
44 KB
Script
General
Full URL
https://www.onressystems.com/Reservations/Scripts/moment.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 10 Apr 2023 00:37:44 GMT
Referrer-Policy
strict-origin-when-cross-origin
ETag
"22e89baa446bd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44320
X-XSS-Protection
1; mode=block
bootstrap.min.js
www.onressystems.com/Scripts/
36 KB
13 KB
Script
General
Full URL
https://www.onressystems.com/Scripts/bootstrap.min.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Tue, 06 Aug 2019 05:06:53 GMT
Referrer-Policy
strict-origin-when-cross-origin
ETag
"51f815c3144cd51:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13045
X-XSS-Protection
1; mode=block
bootstrap-iso.css
www.onressystems.com/assets/bootstrap-iso/
205 KB
36 KB
Stylesheet
General
Full URL
https://www.onressystems.com/assets/bootstrap-iso/bootstrap-iso.css
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
098f4f74a8c1a2e0c68b5976f7baa2b926030af6143d717fafd9820b57ec5c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Sat, 09 Dec 2017 23:17:01 GMT
Referrer-Policy
strict-origin-when-cross-origin
ETag
"ba6177d14371d31:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36474
X-XSS-Protection
1; mode=block
onResBookingStyles-inline-horizontal.css
www.onressystems.com/Reservations/Content/
7 KB
3 KB
Stylesheet
General
Full URL
https://www.onressystems.com/Reservations/Content/onResBookingStyles-inline-horizontal.css
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee274c4d897da79bef404a4fe76a14a0add7aa153fcc71174f6dc3441a12ff13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 10 Apr 2023 00:34:47 GMT
Referrer-Policy
strict-origin-when-cross-origin
ETag
"4ed0b540446bd91:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2415
X-XSS-Protection
1; mode=block
onResCC-inline.js
www.onressystems.com/Reservations/Scripts/
34 KB
8 KB
Script
General
Full URL
https://www.onressystems.com/Reservations/Scripts/onResCC-inline.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62965cf4163b0393f965eb00649bfe4d178dc4c54744ce86a9dbfb8ba75cae37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Wed, 21 Jun 2023 06:47:15 GMT
Referrer-Policy
strict-origin-when-cross-origin
ETag
"805bcb36ca4d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8074
X-XSS-Protection
1; mode=block
helms-inn-logo-1-2f71ec97-208w.png
lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/
6 KB
6 KB
Image
General
Full URL
https://lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/helms-inn-logo-1-2f71ec97-208w.png
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a544886df614c07c6d94ecf6b5727bba124ac253dc1abc493758acddef69ddea

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
126276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5916
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Tue, 13 Feb 2024 22:25:52 GMT
server
AmazonS3
etag
"ec0bd1616169ec3463900e23244f58b8"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
iV6FON6HM1vgG6wdaWY0RzocVwLiKAOqDLZt7m6ETiC7Ke6U9UKwVQ==
css2
irp.cdn-website.com/fonts/
18 KB
1 KB
Stylesheet
General
Full URL
https://irp.cdn-website.com/fonts/css2?family=Allura:wght@400&family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Comfortaa:wght@300..700&subset=latin-ext&display=swap
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
94221c128f0cb98818e380a6f54c41338b3aa50acd62ff9ce67bfadf3740d821

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:20 GMT
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
126276
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
A7Y90ErddBsDwg6fGgPFq6DybSbKOhFcmtEr4eQVA89YTw1Kn0hcFw==
d-css-runtime-desktop-one-package-structured-global.min.css
static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/css/
207 KB
26 KB
Stylesheet
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afd631768171a49f742616ae4910d4e6c2185dbaf9b41e8bf0c84ba75b797fed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
STD3__Y3VMVHKYGBMPERwSfFMVmJl_uw
content-encoding
br
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:15 GMT
x-amz-cf-pop
PRG50-C1
age
219702
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:43 GMT
server
AmazonS3
etag
W/"f63bedb249f0477493f4627811f3fe6c"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
2gmcLVXCcJI974SVye9i_oCS3z93-Br_VH70NwomtnH1wFsHzFssrQ==
54e556b679d0c30ebb9478c0b190abdf.css
irp.cdn-website.com/WIDGET_CSS/
20 KB
4 KB
Stylesheet
General
Full URL
https://irp.cdn-website.com/WIDGET_CSS/54e556b679d0c30ebb9478c0b190abdf.css
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4113deb8566a6b219f0bfb658b91d988dc99ef35688e055f3c7c222a80d7d4d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:21 GMT
x-amz-version-id
4vcU1LZIkvPw5WIOD9ZAAryA3ILCK51X
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
126276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 01 Apr 2024 14:27:14 GMT
server
AmazonS3
etag
W/"896eafc45a7b1c5120281b876df5758e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
gf3_LJVqmT5M5t10wlDJ9mWY_emvNHI1CH61ftfy0y0jjqUdm1MScA==
f21da4b7_withFlex_1.min.css
irp.cdn-website.com/f21da4b7/files/
300 KB
33 KB
Stylesheet
General
Full URL
https://irp.cdn-website.com/f21da4b7/files/f21da4b7_withFlex_1.min.css?v=8
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52e29d72a042fb353b25d959ed9aaea3e192123e80e013dd9c0924a365a244a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:05:50 GMT
x-amz-version-id
hKeISzpvzEKv.D80rzToIdSoj.0.c_p.
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
493387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Mar 2024 19:19:51 GMT
server
AmazonS3
etag
W/"4aa34185eca19ddd88fbc1523b43c02c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
UicDXWwsAqvIskls47T8t8AKx1bYIsjNPSR32kOqSqu9jIaMbWAVIg==
f21da4b7_home_withFlex_1.min.css
irp.cdn-website.com/f21da4b7/files/
10 KB
2 KB
Stylesheet
General
Full URL
https://irp.cdn-website.com/f21da4b7/files/f21da4b7_home_withFlex_1.min.css?v=8
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1d210b359240b3cca5518133e3ccaf92b872de12cc06840d888febcb6a21f71

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:05:50 GMT
x-amz-version-id
Qk7PPU6hJ221l2zGPFJWKAbCZshhL6Cl
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
493387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Mar 2024 19:19:49 GMT
server
AmazonS3
etag
W/"86e839295937c8ae94a4ed4544fab60c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
PKY4rEoOugroddslZ9QtujE3EmKzph6EFBbHobQLjorAEq0qhFkrrA==
truncated
/
563 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5e713a83494d7075f0c760eb201049adc76e759d7bca6d345ac728305be62b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 15 Mar 2024 23:42:29 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
1733187
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=86400
content-length
14892
x-amz-cf-id
tu3U4zFCjFWcuDy1kHC6f9oJUw7mQLFkwf7Z4PT2Iq3OgXdg8Rfsrg==
fontawesome-webfont.woff
static.cdn-website.com/fonts/
96 KB
96 KB
Font
General
Full URL
https://static.cdn-website.com/fonts/fontawesome-webfont.woff?v=6
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 08:26:25 GMT
x-amz-version-id
bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
age
60152
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Wed, 05 Jun 2019 08:06:55 GMT
server
AmazonS3
etag
"fee66e712a8a08eef5805a46892932ad"
vary
Origin
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_-mI3XK1XRnNC0lv4uTSAS6ZKsfmFYYZbJFWZ-hqC6FRtTMekEUSUA==
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
irp.cdn-website.com/fonts/s/comfortaa/v45/
30 KB
30 KB
Font
General
Full URL
https://irp.cdn-website.com/fonts/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 13 Mar 2024 23:14:48 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
1907648
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=86400
content-length
30512
x-amz-cf-id
xlXzibNDe65dLSkYUe1q-i4SOhd3qNYTAmI5eSKFvMjl9NXNMe-OdQ==
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 09 Mar 2024 02:24:27 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
2328269
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=86400
content-length
14712
x-amz-cf-id
gwwSWTVUbT63Juml4uSLWE-Rr_qvSUpz4vfKFJkhfbIxtlBZDmKf2Q==
sp-2.0.0-dm-0.1.min.js
d32hwlnfiv2gyn.cloudfront.net/
49 KB
18 KB
Script
General
Full URL
https://d32hwlnfiv2gyn.cloudfront.net/sp-2.0.0-dm-0.1.min.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-148.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 15:30:24 GMT
x-amz-version-id
IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
content-encoding
gzip
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1330713
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 20 Mar 2022 08:45:42 GMT
server
AmazonS3
etag
W/"81ff203c31c9a3e5c15c5a790eebb460"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=6048000
x-amz-cf-id
tb4wsgzhmw0dQT8ykjL-68h5ouWv2kCfRQEHYzhD6adQR-jTVLnJRQ==
AjaxServices.ashx
www.onressystems.com/Reservations/
75 KB
4 KB
XHR
General
Full URL
https://www.onressystems.com/Reservations/AjaxServices.ashx
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb26e542927989425c343fe5ab78e91d4c0173ac113f7f3db6dba89c1b2f833b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.helmsinn.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
3203
X-XSS-Protection
1; mode=block
AjaxServices.ashx
www.onressystems.com/Reservations/
4 KB
2 KB
XHR
General
Full URL
https://www.onressystems.com/Reservations/AjaxServices.ashx
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.119.67 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b91d9f5f03616b898c7a8bfd40c635bbd34d4f5d8d209f8a4c4c8ecd866e15c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.helmsinn.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Apr 2024 01:08:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
strict-origin-when-cross-origin
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
1747
X-XSS-Protection
1; mode=block
644.c31b82314b7dabdf232e.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
58 KB
19 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/644.c31b82314b7dabdf232e.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e13768beb203ca359f857dc3f7de6b261b1fd567caa15d3579b90cbff212143

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
89bJX7cFb8K_F05VBYJm1rVo46nCOyle
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"d934f8f3fe5737249d20d091a58ff902"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
ER4diVhma5m5PSd4wnJhs8koKfRWhPnUweha1BulfK84ApYxojtiiQ==
733.b8282d33b0a5f797f9d0.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
4 KB
2 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/733.b8282d33b0a5f797f9d0.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6c9e6ad9b4d5728bad40fe224742e4ec9ff040eec29ff7d8f029a5c6fd2938b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ccLLe6wNUSADJFRfXfnKebaYVzj6eQMN
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"72721d4a1fe39c70d5a065f55325a2bd"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
wl9q3ktORCEjxEdVseq1U0R58HcbQVNqxKryK7Qf4gytuJ4aAMdnJA==
690.68446a796dab958a4b23.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
3 KB
2 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/690.68446a796dab958a4b23.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ac42ea01c0278ff2806e5242f582b3fa669b23f397c07ec42f05d99a040481

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
_yfcryNmrW7WXi.KGWZIUf6C0xqBmoPH
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"22f02d5cfbe0f50c03930309afd8ec37"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
usqQ6yKlshz2pB-4mlmEF291lxxgG2IjdCu9yAc-BSuLdisJ0kQY3Q==
teo-duldulao-4op9_2Bt2Eg-unsplash-1920w.jpg
lirp.cdn-website.com/125d3ac3/dms3rep/multi/opt/
481 KB
481 KB
Image
General
Full URL
https://lirp.cdn-website.com/125d3ac3/dms3rep/multi/opt/teo-duldulao-4op9_2Bt2Eg-unsplash-1920w.jpg
Requested by
Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/f21da4b7/files/f21da4b7_home_withFlex_1.min.css?v=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afb640168c06002fdb8462f1674147bc9dfd9a65cf0a1190138b2052681d856c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://irp.cdn-website.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 23 Mar 2024 15:34:26 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
age
1071271
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
492162
x-amz-expiration
expiry-date="Sun, 14 Jul 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Mon, 15 Jan 2024 20:14:32 GMT
server
AmazonS3
etag
"f5c2e4e0a412925b3c1330f1f035a8cc"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
71j-j8kqD9wwnGkS8IUKo0H9damY_15LxqGeITHKO2AG1xoOEIKF0Q==
9oRPNYsQpS4zjuA_iwgW.woff2
irp.cdn-website.com/fonts/s/allura/v21/
26 KB
26 KB
Font
General
Full URL
https://irp.cdn-website.com/fonts/s/allura/v21/9oRPNYsQpS4zjuA_iwgW.woff2
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 07:26:28 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
1446148
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=86400
content-length
26576
x-amz-cf-id
G69Y9WDvCCst3DYCjVfmBZ7qdHjb3lM2s-49yxtMIK-gYul-NQ5q7g==
Studio-1-king-w-murphy-bed-A+%281%29-1920w.jpg
lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/
243 KB
243 KB
Image
General
Full URL
https://lirp.cdn-website.com/f21da4b7/dms3rep/multi/opt/Studio-1-king-w-murphy-bed-A+%281%29-1920w.jpg
Requested by
Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/f21da4b7/files/f21da4b7_home_withFlex_1.min.css?v=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f1ca966c437508ea90bc86e9b380de11656685335ff747de419a2cf4cca2a07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://irp.cdn-website.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:22 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
age
126275
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
248506
x-amz-expiration
expiry-date="Sun, 19 May 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Mon, 20 Nov 2023 20:09:52 GMT
server
AmazonS3
etag
"a4e1de280db94f149a34b23d5b974c09"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ULU83V76HC-wi2N28bWuhQCigVuJRy_oypXhr5nSRm40VYcB0HzmtA==
clarisse-meyer-fycGoHbA_s0-unsplash-1920w.jpg
lirp.cdn-website.com/125d3ac3/dms3rep/multi/opt/
546 KB
547 KB
Image
General
Full URL
https://lirp.cdn-website.com/125d3ac3/dms3rep/multi/opt/clarisse-meyer-fycGoHbA_s0-unsplash-1920w.jpg
Requested by
Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/f21da4b7/files/f21da4b7_home_withFlex_1.min.css?v=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e0d80b5e370f72dd57c2c157728e13769058cd96f3d7a9f3ed088623d09d6c9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://irp.cdn-website.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:22 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
age
126275
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
559336
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified
Tue, 13 Feb 2024 22:16:07 GMT
server
AmazonS3
etag
"20c9259404a2921d31d9487d29235ae1"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
auSH0Vbu_7Uo7olXA7QnEDf9kA8eF34VQCB2Y1ZDcNIALXMKVDA9Ag==
dm-common-icons.ttf
static.cdn-website.com/fonts/
2 KB
3 KB
Font
General
Full URL
https://static.cdn-website.com/fonts/dm-common-icons.ttf?5f0fg
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:16:43 GMT
x-amz-version-id
PqntK7H35YcTmkMvqWIJAJRdU.53YusY
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
age
424334
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
2368
last-modified
Mon, 19 Aug 2019 11:53:23 GMT
server
AmazonS3
etag
"b71bfcb8a1c734ad0654e25cd41964f2"
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7vWkKLw4FykE7rh2VOkmMoguiVmcSAEspou3mWo_yDLRdcudy7HhKw==
skrollr.min.js
static.cdn-website.com/libs/bower-skrollr/
12 KB
6 KB
Script
General
Full URL
https://static.cdn-website.com/libs/bower-skrollr/skrollr.min.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 08:26:27 GMT
x-amz-version-id
04xLqcAi1BJ2lpzw2II1Thpz7n9kiiRR
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
age
60150
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Dec 2019 10:41:33 GMT
server
AmazonS3
etag
W/"7a180f303bea26a3ef7edf53342e7afa"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
feYaGTD6kanOpUJlROKqd7e3pFdRQgzAp9pTK_5aZtdP63zETw6Z4w==
runtime-module-anchors.7bc902270a3f71dd490a.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
3 KB
1 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/runtime-module-anchors.7bc902270a3f71dd490a.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
598048b579e2304e1bc7ef5ca72626e8296ee30e73c5464e44594ea0d26063c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
egpVRQ4cphqBAdn0UoRQsxKRS3pVktWm
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"10124f2b93d49883ea38376ca3e0088f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
10d7EB7SNbIR6IltZPEMOO6fOGUNs4gXHzLBJIlT_76q-LVeJfuBlQ==
198.cb1154cd066b8fd6bc7e.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
130 KB
32 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/198.cb1154cd066b8fd6bc7e.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
255a2268391d76e4349e5f6d48d53251229576664ef20621859314ef5234df42

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pd5ck5S8WiMrM5LHQ9q9iCMjXGU270D9
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"ed9574e1455bf6603294acdc0de59704"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
9-dfKP9lc636On29A3N7rGqB7eevtiNJ8chmIXm_DUM2VpbknFdsTA==
rt-widgets.5e69ffeba721663da9e1.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
8 KB
3 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/rt-widgets.5e69ffeba721663da9e1.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f824ed2101f2598a1ca238a109c2726298afb72f9605563d911622657953e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.TkDg9OoGQNgahv5CFhl3aZnd8ncvwOp
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"46cbe5fdbe429fb8ffbe59ebe0c6a0b4"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
SCvgaMWbQP_57EV7aQbJCvC6stedYsn-7R4VrdZ_1huCZkDBq1rxTw==
519.3855124329bd44d0f644.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
58 KB
17 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/519.3855124329bd44d0f644.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89b00027e5a84b415a0ba6350dc9432265f847cf2b8cc9c6c92a228f40b5db54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WjBO_T4DQeyYPfmRDJTmBoUej7eydpQJ
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"9254c7cf3e0f3721117f2b247dfa6e3f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
oTY5YF-ndxZF9L7R6YDXNDqLXsqVwNlTlkQ8lTjRjjJPpyjz2wFSvw==
422.82537afc71672fa00a21.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
3 KB
1 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/422.82537afc71672fa00a21.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f470ed98466a4bf52cd95e25a06167cae19e2e0bcf834e4238d3a497bb29d76

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bc1rdBBchIRMvE6_.7dHNzHN6V45rRbt
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"ba5e96ba192577a92da0b92bec540bc9"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
h7mvEPB9Z6Bo0XLRaZqDkR6AtGvm6hceqVAhGO0_Q-_Yb7AIKcYEbQ==
metrics
rtc.multiscreensite.com/performance/
0
0
Fetch
General
Full URL
https://rtc.multiscreensite.com/performance/metrics
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/733.b8282d33b0a5f797f9d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-54-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 01:08:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
metrics
rtc.multiscreensite.com/performance/
0
0
Preflight
General
Full URL
https://rtc.multiscreensite.com/performance/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-54-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helmsinn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Fri, 05 Apr 2024 01:08:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
i
d32hwlnfiv2gyn.cloudfront.net/
37 B
397 B
Image
General
Full URL
https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=Home&dtm=1712279336914&tid=882198&vp=1600x1113&ds=1600x3465&vid=1&duid=34809605ac159a6c&p=web&tv=js-2.0.0&fp=2783822544&aid=f21da4b7&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=800x600&cd=24&cookie=1&url=https%3A%2F%2Fwww.helmsinn.com%2F
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-148.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 01:08:58 GMT
x-amz-version-id
null
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
last-modified
Thu, 03 Jul 2014 09:50:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
etag
"3eacd0132310ea44cad756b378a3bc07"
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
37
x-amz-cf-id
-ZL5SWsm9CaR9wnZIXHCEpxaLoCiDpXfAmTlnRjfjC5hASuuLojxTQ==
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.helmsinn.com
URL: https://www.helmsinn.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f543e29c0025a3089a6b8478b30fd25cd991f0d4be4b60c256ac91ec9104be94

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:57 GMT
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
555
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
1536
x-accel-date
1712277801
x-77-nzt
EgwBw7WvJwH3AAYAAAwBisclwQH3DQAAAA
x-accel-expires
@1712281401
x-77-age
1549
last-modified
Thu, 04 Apr 2024 08:32:35 GMT
server
CDN77-Turbo
etag
W/"dad98d08ee9c347f7b9ade20f12c2a4d"
x-77-nzt-ray
25b021316bf2c574294f0f6608cd0706
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
bvjJHgR4rAWOrsoHJ4GP6AgkzwxUXUGeKPkooyXJhXpZ7DbefTtdSQ==
763.f71fb5cec75bf5e64ee5.js
static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/
4 KB
2 KB
Script
General
Full URL
https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/763.f71fb5cec75bf5e64ee5.js
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0060570e24727912db8de5d8a9a8b2de42f6dee02433f801fca2e16406c6d3f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5Ej2trNqQDWZTm43BQvAE8bhIxBteRTt
content-encoding
br
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
date
Tue, 02 Apr 2024 12:07:16 GMT
age
219701
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 26 Mar 2024 11:58:49 GMT
server
AmazonS3
etag
W/"219fb5fa89fcdc6627cabd3a6aee3a95"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
svr8jsbbU593vMcCoZPcz_qs2bLSUED0ELsbEYcH-tbgmcHyRMx7bg==
widget_app_base_1712219414165.js
cdn.userway.org/widgetapp/2024-04-04-08-30-14/
151 KB
43 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-04-04-08-30-14/widget_app_base_1712219414165.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cbff6d843c01d3c271cc3f5f6a0207c61c50fdf5bfead6ef5f2145d59142eb05

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:57 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
553
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
59139
x-accel-date
1712220198
x-77-nzt
EgwBw7WvJwH3A+cAAAwBisclwQH3DQAAAA
x-accel-expires
@1738140185
x-77-age
59152
last-modified
Thu, 04 Apr 2024 08:32:29 GMT
server
CDN77-Turbo
etag
W/"fb45ec045519f69a58f37dec393b27cf"
x-77-nzt-ray
25b02131d9e5f375294f0f66e1ee200d
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
FnnmEWpXmUjLNg5FZUfysArDKouYYR5KXLB5KSsnhyHL3fRX0iO__w==
fHF75IjKKl
api.userway.org/api/tunings/
500 B
886 B
XHR
General
Full URL
https://api.userway.org/api/tunings/fHF75IjKKl
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-04-08-30-14/widget_app_base_1712219414165.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:5ff2:59e6:8d74:e954 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
705a8e5ba7b204ab073a8a6130c873d3147f6335f5dae6dfe6d0e88097c1f5f6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Apr 2024 01:08:57 GMT
etag
W/"1f4-qtLbPZJ91oFY+96oAe5wp6/w2ZI"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usrf5e75f6c9b3f41d
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
500
x-service-version
uw-pr
site_favicon_16_1707874378391.ico
irp.cdn-website.com/f21da4b7/
9 KB
10 KB
Other
General
Full URL
https://irp.cdn-website.com/f21da4b7/site_favicon_16_1707874378391.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-13.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35ade6868d8674bb8dcae8feb332509da6e14c5aea2dbd233055ffd2adc25bf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 14:04:22 GMT
x-amz-version-id
qxwzHRalEgDOC7D2GT79AKWoYw_.QvOr
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
126275
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9662
last-modified
Wed, 14 Feb 2024 01:32:59 GMT
server
AmazonS3
etag
"f9f8af7daf7ee2e4192a872b145146a8"
content-type
image/x-icon
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Y47PLQC_bWM8tHWfNT1TUDgk7rJVko9D3ZOZwbIxUd5S56JPd5SUVw==
metrics
rtc.multiscreensite.com/performance/
0
0
Fetch
General
Full URL
https://rtc.multiscreensite.com/performance/metrics
Requested by
Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/4306/editor/apps/modules/runtime/733.b8282d33b0a5f797f9d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-54-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 01:08:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
metrics
rtc.multiscreensite.com/performance/
0
0
Preflight
General
Full URL
https://rtc.multiscreensite.com/performance/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-54-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helmsinn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Fri, 05 Apr 2024 01:08:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
en-US.json
cdn.userway.org/widgetapp/2024-04-04-08-30-14/locales/
621 B
1005 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-04-04-08-30-14/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-04-08-30-14/widget_app_base_1712219414165.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:57 GMT
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
551
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
59133
x-accel-date
1712220204
x-77-nzt
EgwBw7WvJwH3/eYAAAwBisclwQH3EwAAAA
x-accel-expires
@1738140185
x-77-age
59152
last-modified
Thu, 04 Apr 2024 08:32:29 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
25b02131d9e5f375294f0f66714bb438
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
3k3Uv2T_eKXFI2icCHc7UV0prA3TOuWAhl-nmh4U7O9X676RHcQqwg==
remediation-tool-free.js
cdn.userway.org/remediation/2024-04-04-08-30-14/free/
30 KB
12 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-04-04-08-30-14/free/remediation-tool-free.js?ts=1712219414165
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-04-08-30-14/widget_app_base_1712219414165.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4e372111c0fe9f8acd5da664244c32d820e688cf72df7d7c7b7b8ba629a4d641

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
Origin
https://www.helmsinn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:58 GMT
via
1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
548
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
59137
x-accel-date
1712220201
x-77-nzt
EgwBw7WvJwH3AecAAAwBnJIhJwH3EgAAAA
x-accel-expires
@1738140183
x-77-age
59155
last-modified
Thu, 04 Apr 2024 08:32:34 GMT
server
CDN77-Turbo
etag
W/"b9ba54d03dd2e6a2ff7abe0f1551ab6f"
x-77-nzt-ray
25b02131d9e5f3752a4f0f668531121b
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
6IMMi4U0DqCBzRLVURbLnQNfS-Yakk01k2qdE5z0z0FVGHNCbginFg==
wheel_right_wh.svg
cdn.userway.org/widgetapp/images/
3 KB
2 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/wheel_right_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3e6b781c7c17a33e8505761c3647280a3a9038e25babb36e1aae6c1ce628f8ca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:58 GMT
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
59126
x-accel-date
1712220212
x-77-nzt
EgwBw7WvJwH39uYAAAwBnJIhJwH3HQAAAA
x-accel-expires
@1738140183
x-77-age
59155
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"06c6df2a4bebb363295045224214514f"
x-77-nzt-ray
25b021316bf2c5742a4f0f6697e3cf1c
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
ZThX_OD6xnm4DG5we5iR15EG2OGDpdFVNpgVs9yRPStZrDJewfoIqg==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.helmsinn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 Apr 2024 01:08:58 GMT
via
1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
8
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
59139
x-accel-date
1712220199
x-77-nzt
EgwBw7WvJwH3A+cAAAwBJRPCNAH3DQAAAA
x-accel-expires
@1738140186
x-77-age
59152
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
25b021316bf2c5742a4f0f66cf0cd61c
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
xreYrROnfy1IT6CtChmKThEID_ZKxTjqBTFJ52-rjfDiiGNIgqpOFQ==

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _currentDevice object| Parameters function| toHash string| SystemID object| dmAPI function| loadCSS function| Def function| getDeferred function| waitForDeferred boolean| isWLR object| customWidgetsFunctions object| customWidgetsStrings object| collections string| currentLanguage boolean| isSitePreview string| d_version string| build function| buildEditorParent string| version boolean| isMultiScreen object| editorParent object| previewParent string| assetsCacheQueryParam function| $ function| jQuery function| _jquery object| jqueryAliases string| cookiesNotificationMarkupPreview object| INSITE object| rtCommonProps object| rtFlags object| Base64 string| RSS_CONTAINER_SELECTOR string| RSS_CONTAINER_MORE_POSTS_BUTTON string| RSS_CONTAINER_MORE_POSTS_INNER_DIV string| POST_ITEM string| POST_ITEM_LINK function| initBlogs function| PostItem function| fetchMoreBlogItems function| initStickyHeaderIfNeeded object| layoutDeviceComponentInterface object| layoutDeviceInterface function| invokeSafe function| getSafeFn function| getSafe undefined| isReseller boolean| isWLReseller boolean| isDudaone function| EventEmitter object| eventie function| imagesLoaded object| _dwigdets object| styleSheet function| WOW object| webpackJsonpruntime function| notifyServerThrottled object| evaluatedFlags object| _abtests function| savedBind object| collectionsLock object| _modules object| runtime function| delayFn boolean| actualTouchDevice undefined| editedFromTouchDevice string| __x__ object| _currentPage function| dm_gaq_push_url function| dm_gaq_push_event function| showOverlay function| dmShowPopupPage function| dmShowPopup function| dmHidePopup function| closePopupOnEsc function| dmModifyPopupPageContent function| handleImageLoadError function| setSmartSiteCookiesInternal function| setCustomWidgetScripts function| setCustomWidgetStrings boolean| flexSite number| c2 number| c1 function| $f function| Froogaloop function| iScroll function| moment string| g_sBookingWidgetParams string| lang number| g_iVendorID boolean| g_bTestMode string| g_sSessionToken string| g_sAlert number| g_iDaysInAdvanceBooking object| g_calStartDate object| g_calEndDate object| g_aryNoAvailDates object| g_aryAvailDates object| g_inDate object| g_outDate number| g_iMaxSelNumGuests number| g_iMaxSelNumRooms object| g_AvailData function| onResCC_LoadAvailability function| onResCC_AjaxDataRetrieved function| onResCC_LogError function| onResCC_BuildCalMonth function| onResCC_FillCal function| onResCC_FillCalMonth function| onResCC_GetLabels function| onResCC_MarkAvailDates function| onResCC_IsBlackedOut function| onResCC_GoNextMonth function| onResCC_GoPrevMonth function| onResCC_SetCalMonth function| onResCC_HighlightSelection function| onResCC_CancelSelection function| onresCC_CancelHighlight function| onResCC_ToggleDisplay function| onResCC_DateToOffset function| onResCC_DateToSelector function| onResCC_GetClickedDate function| onResCC_CheckAvail function| onResCC_CheckMinNS function| onResCC_ToEngDateFormat function| onResCC_ToLocaleDateFormat function| onResCC_GetMlsMsg function| onResCC_HasLabel function| onResCC_GetLabel function| onResCC_IsOutOfViewport boolean| g_bOutDateSelected function| onResCC_ValidateForm function| onResCC_FormSubmit function| onResCC_FormSubmit2 function| onResCC_ReSearch object| _dm_gaq object| _gaq object| _dm_insite object| GlobalSnowplowNamespace function| snowplow function| dmsnowplow object| g_oLabels number| expireDays number| visitLength object| layoutApp object| anchorsApp object| skrollr object| Skrollr number| __mobxInstanceCount object| __mobxGlobals object| webpackJsonp object| Snowplow object| dam object| _userway_config object| UserWayWidgetApp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

7 Cookies

Domain/Path Name / Value
www.helmsinn.com/ Name: dm_timezone_offset
Value: -120
www.helmsinn.com/ Name: dm_last_page_view
Value: 1712279336821
www.helmsinn.com/ Name: dm_this_page_view
Value: 1712279336821
www.helmsinn.com/ Name: dm_last_visit
Value: 1712279336821
www.helmsinn.com/ Name: dm_total_visits
Value: 1
www.helmsinn.com/ Name: _sp_id.2ad4
Value: 34809605ac159a6c.1712279337.1.1712279337.1712279337
www.helmsinn.com/ Name: _sp_ses.2ad4
Value: 1712281136914

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
d32hwlnfiv2gyn.cloudfront.net
irp.cdn-website.com
lirp.cdn-website.com
rtc.multiscreensite.com
static.cdn-website.com
www.helmsinn.com
www.onressystems.com
18.66.112.9
2600:1f14:5db:eb22:5ff2:59e6:8d74:e954
2a02:6ea0:c700::11
3.127.73.216
52.228.119.67
54.81.54.204
65.9.94.148
65.9.95.13
65.9.95.89
098f4f74a8c1a2e0c68b5976f7baa2b926030af6143d717fafd9820b57ec5c2c
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
16f824ed2101f2598a1ca238a109c2726298afb72f9605563d911622657953e6
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
255a2268391d76e4349e5f6d48d53251229576664ef20621859314ef5234df42
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
2f1ca966c437508ea90bc86e9b380de11656685335ff747de419a2cf4cca2a07
2f470ed98466a4bf52cd95e25a06167cae19e2e0bcf834e4238d3a497bb29d76
35ade6868d8674bb8dcae8feb332509da6e14c5aea2dbd233055ffd2adc25bf8
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60
3e6b781c7c17a33e8505761c3647280a3a9038e25babb36e1aae6c1ce628f8ca
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4e13768beb203ca359f857dc3f7de6b261b1fd567caa15d3579b90cbff212143
4e372111c0fe9f8acd5da664244c32d820e688cf72df7d7c7b7b8ba629a4d641
52e29d72a042fb353b25d959ed9aaea3e192123e80e013dd9c0924a365a244a5
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
598048b579e2304e1bc7ef5ca72626e8296ee30e73c5464e44594ea0d26063c5
62965cf4163b0393f965eb00649bfe4d178dc4c54744ce86a9dbfb8ba75cae37
705a8e5ba7b204ab073a8a6130c873d3147f6335f5dae6dfe6d0e88097c1f5f6
7897eb72cf48eb16cdfb32406a88eb94fa16054203ff2b15bcc331d7e39dc594
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ec60f255b99c3148e13d62b165b471f10437ce76367deda66f409537b5a85f1
89b00027e5a84b415a0ba6350dc9432265f847cf2b8cc9c6c92a228f40b5db54
9413eef6fb19b426509e1f70e23b8b7c161ebc6bd3492608d76ada6ebeb3633b
94221c128f0cb98818e380a6f54c41338b3aa50acd62ff9ce67bfadf3740d821
9e0d80b5e370f72dd57c2c157728e13769058cd96f3d7a9f3ed088623d09d6c9
a0060570e24727912db8de5d8a9a8b2de42f6dee02433f801fca2e16406c6d3f
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
a544886df614c07c6d94ecf6b5727bba124ac253dc1abc493758acddef69ddea
a6c9e6ad9b4d5728bad40fe224742e4ec9ff040eec29ff7d8f029a5c6fd2938b
afb640168c06002fdb8462f1674147bc9dfd9a65cf0a1190138b2052681d856c
afd631768171a49f742616ae4910d4e6c2185dbaf9b41e8bf0c84ba75b797fed
b91d9f5f03616b898c7a8bfd40c635bbd34d4f5d8d209f8a4c4c8ecd866e15c6
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1ac42ea01c0278ff2806e5242f582b3fa669b23f397c07ec42f05d99a040481
c1d210b359240b3cca5518133e3ccaf92b872de12cc06840d888febcb6a21f71
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cbff6d843c01d3c271cc3f5f6a0207c61c50fdf5bfead6ef5f2145d59142eb05
d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e4113deb8566a6b219f0bfb658b91d988dc99ef35688e055f3c7c222a80d7d4d
eb26e542927989425c343fe5ab78e91d4c0173ac113f7f3db6dba89c1b2f833b
ee274c4d897da79bef404a4fe76a14a0add7aa153fcc71174f6dc3441a12ff13
f43768cbac060c072be8dc7ad237e10f18fb166de04823a6a0196034d8f853f2
f543e29c0025a3089a6b8478b30fd25cd991f0d4be4b60c256ac91ec9104be94
f5e713a83494d7075f0c760eb201049adc76e759d7bca6d345ac728305be62b8