annualhelmet.info Open in urlscan Pro
2606:4700:3031::6815:56f3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://unionflees.com/0/0/0/3c6bc12908b09f9493489453e47d5c3a/117/23083_0_44/121223465 Page URL
2. https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	121223465 unionflees.com/0/0/0/3c6bc12908b09f9493489453e47d5c3a/117/23083_0_44/	135 B 427 B	1097ms 504ms	Document text/html	195.54.167.192 ASBAXETN
General Check archive.org Show headers Download Go to Full URL https://unionflees.com/0/0/0/3c6bc12908b09f9493489453e47d5c3a/117/23083_0_44/121223465 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.54.167.192 , Russian Federation, ASN49392 (ASBAXETN, RU), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers content-length 135 content-type text/html; charset=UTF-8 date Mon, 26 Dec 2022 12:04:36 GMT server Apache
GET H2	200	Primary Request / Show response annualhelmet.info/	2 KB 1 KB	344ms 300ms	Document text/html	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Requested by Host: unionflees.com URL: https://unionflees.com/0/0/0/3c6bc12908b09f9493489453e47d5c3a/117/23083_0_44/121223465 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eaca998de877282b9606282b09b332a19cb19e43431143fd0ca51732aa0fb55 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://unionflees.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 77f9ae0fecbcd5e9-CDG content-encoding br content-type text/html; charset=UTF-8 date Mon, 26 Dec 2022 12:04:36 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAatX1x6If729c8WR5wORljRhIzcUoPg%2FUXwQ6nHiszcn5sT%2Fu1luIBaRu2oEdd2FeZ4kz%2BL1KtjZHbXdPY01%2FA02Ls7%2FU%2BlW1mz%2BdlooaBg2iSS7D5Cs%2B4up6I3jl6bpjZ%2B%2Bvs%2B1h5NRMJ0NhhkcA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	4504a4f5b38f329fa46e8c7ea03b416f Show response annualhelmet.info/	188 KB 29 KB	735ms 734ms	XHR text/html	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f?_ax=w Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f5774e8ce3362916f29959ed060c50f2c631729dd0aadb33700a95ea88f307c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiJu2jQMq%2BmRQMdZWKid5kK2gWALPRqR8O%2BMza9X0YdDDi4uQaThEm8p7jqDe%2BMlqsSpa9F8nnNt8QLJQYDRKeOkDDUmCrE%2B25%2BlpIhiuVsbaiYBwB1dNfrUKmGiqavx4kxnUy86TsTsbfjPaDn3yQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate cf-ray 77f9ae11ef10d5e9-CDG expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	bootstrap.min.css annualhelmet.info/assets/vendors/bootstrap-4.5.3/css/	157 KB 25 KB	52ms 51ms	Stylesheet text/css	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 267946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 20 Aug 2021 13:04:53 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miNnXHITqfUGoWzolPnkicOCuQpnQ%2FFQFP%2Bl%2FxhJwCw0JrJieu%2BJim33ZvQIjfyGiidUu2kf8ns9MPT7az1JV5eLZ866QJcNpOMLlj8cNm9aFJNpP0vhXL2mhSjf3dxE0DWQTSQ0zATdWFF6u6T4BA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae168f5ed38b-CDG expires Fri, 30 Dec 2022 09:38:51 GMT
GET H3	200	all.css annualhelmet.info/assets/vendors/fontawesome/css/	72 KB 13 KB	33ms 32ms	Stylesheet text/css	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/vendors/fontawesome/css/all.css Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 268306 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 19 Jul 2021 19:01:59 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZrsZf0veUM2Kaog%2Bw3DN1iA6YlWqRQYoraYGWLPF5HfUSOSPd%2FCRHKJndqtMcRWLJ5i8OKWoCdCYnR8VAUbXgIy6z%2FQKhwF50GktXV2eBYeZiWBR%2FQ9WB3XdC0BBqUXYl%2BEuY5OiOJ7brCWvZlOng%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae168f60d38b-CDG expires Fri, 30 Dec 2022 09:32:51 GMT
GET H3	200	common-hybrid.css annualhelmet.info/assets/css/dublin/dist/	31 KB 8 KB	137ms 134ms	Stylesheet text/css	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/css/dublin/dist/common-hybrid.css?v=b7a0f5f370e0887aa2c4496fa641a8ad Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0cc59e3576168e72feae629158c422e254e2043510e6e3f7aa4300cd37d1a1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 13 Dec 2022 18:52:38 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gru45Sc94vd5tQpjX%2B4myLp4fxbe1fR7px9MhwbNy98aPYZzP2oR1%2FbijuAS8bMx7%2BOOqJ0fL0p9ktqKKohNU2d2AkFpFcJrlx%2BZBJZTAy8gizQNvq01LULK16Em3WcoDVRdaN5C1C1QaH1ZsLAemw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f65d38b-CDG expires Mon, 02 Jan 2023 12:04:37 GMT
GET H3	200	snow.css annualhelmet.info/assets/css/	13 KB 2 KB	70ms 67ms	Stylesheet text/css	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/css/snow.css Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc2a906966dca25e41863f4ceaefa2ba8a923d8b00512080ed3741a62ad7f494 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 267946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 09 Dec 2021 14:49:32 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FnyQs8N9AmwwGRPUEt0z9mRkj8hKvnKm1vfH8ZbmHBUmSEGap7WCSZ8rKDrA0sXuYfIIiTLYXQi93jz3mVgpGpzeXMQ9AhxTlZ5RoCTCv6n2N%2BBfeAJuS5Yj0wPj831DqGvtMJFqNagemUTwGfjOg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f67d38b-CDG expires Fri, 30 Dec 2022 09:38:51 GMT
GET H3	200	msg.js Show response annualhelmet.info/inc/	942 B 955 B	71ms 68ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/inc/msg.js Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 268383 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 20 Oct 2022 12:25:37 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7Wv0qSgnqR8Isqmmz9xFqgCetCuS4%2B4pXkP6Kc3ruIhpIYM%2BjhTeDceTLbrXxJTvLKSHRJafQikASpck8nDr20%2BIH%2FzjiFvaCtmg085xBKjQLVD5vC02qgwNb9lFIVOMMoEL0SQSc%2BKZER55ZbiVA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f68d38b-CDG expires Fri, 30 Dec 2022 09:31:34 GMT
GET H3	200	jquery-3.4.1.min.js Show response annualhelmet.info/assets/vendors/	86 KB 31 KB	71ms 68ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/vendors/jquery-3.4.1.min.js Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 267946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 20 Aug 2021 13:04:53 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJaG6duBZRLJnhwB4t%2FB1zOrIAedAgs4KmD6gt3%2FwF01v5PIIq%2BoQXja9igFogKzp%2FLxfwyFJEfbP8JDf5Lb6OK8%2BHYY7sEDPJ2d3UeNGJiwoL9SRdEDKTXjMskyDi1NkIDrTKxK0erUjwVkIUlisg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f69d38b-CDG expires Fri, 30 Dec 2022 09:38:51 GMT
GET H3	200	bootstrap.min.js Show response annualhelmet.info/assets/vendors/bootstrap-4.5.3/js/	62 KB 16 KB	88ms 85ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 268306 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 20 Aug 2021 13:04:53 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPOW23z%2BfhKfByd%2BVIRadP8Mg2%2BVOAdMk7nrerbWu9YYwysHrik6YAv6KWWzBGyhN3jhyO96dTlGJbdz2bmNXLr1KgfmU%2FM5aTTIXbpgHz17YinfUp3mOhwFXeEKRDJNPBmhDNO6hbvvzVoup7jPlw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f6cd38b-CDG expires Fri, 30 Dec 2022 09:32:51 GMT
GET H3	200	functions.js Show response annualhelmet.info/assets/js/	1 KB 1 KB	348ms 345ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/js/functions.js?v=b7a0f5f370e0887aa2c4496fa641a8ad Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 06 Sep 2022 14:55:28 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7woeh1aZjKn3G%2BMRVGtyb9x0ZmV%2BBYodxXkPDPwUwtDvkdfJElsdH3%2BOOJQ%2FFUjys1L5oN2E1ns6oa9fjAK%2B%2BPBy2emB77LfY7U84UqdL7UonTORmTeGjX0SsH7QkoMbzr5KCKfPGJazOw4FM9qBjg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f6dd38b-CDG expires Mon, 02 Jan 2023 12:04:37 GMT
GET H3	200	snow.js Show response annualhelmet.info/assets/js/	2 KB 1 KB	358ms 356ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/js/snow.js?v=b7a0f5f370e0887aa2c4496fa641a8ad Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ff8cfb299ecdd2987b008d3addf01b2a576e5dd1dbaa3962c943add94d3546c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 08 Dec 2021 18:57:50 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK1BjgvRXA1GwZ31mX11SBGQFEmoZnnceXXQC4yeOs4%2BgccLlN5%2FWDsf7Xoh8AtoNxOobtEKfeoG4nOesHEya5%2BcVWu%2BmCByCk%2BJ3nP7I9lOKEOAnGzvMTJFySTlvGL3gz8ya5Jy%2FAZ2F%2F0eGyU9vQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f6fd38b-CDG expires Mon, 02 Jan 2023 12:04:37 GMT
GET H3	200	intl_functions.js Show response annualhelmet.info/assets/js/	8 KB 3 KB	357ms 355ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/js/intl_functions.js?v=b7a0f5f370e0887aa2c4496fa641a8ad Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 15 Sep 2022 19:29:38 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19wsg1o0F6p9NO1nQ5CitJ%2FmJgkIZCa1Xjpom1AIkErP48jl6UuMxO27LRF9mmkkcbTZFSGC3%2Bts3NRFnOZee8%2BdEloUVgsMVbgJSnfb2vejBmNlvLx5u1ceDO5W%2F8yEqEkDRXtkQSsv6Zkf3r7yng%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f71d38b-CDG expires Mon, 02 Jan 2023 12:04:37 GMT
GET H3	200	common-hybrid.js Show response annualhelmet.info/assets/js/dublin/dist/	91 KB 20 KB	464ms 462ms	Script application/javascript	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://annualhelmet.info/assets/js/dublin/dist/common-hybrid.js?v=b7a0f5f370e0887aa2c4496fa641a8ad Requested by Host: annualhelmet.info URL: https://annualhelmet.info/?s1=350563&s2=884011553&s3=4579&s4=1D&s10=1785 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3acca3cfcc7b0b0e95e89e6b9bcbb35dcdd49e9f66f4277afad0da48584563 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 09 Dec 2022 15:35:20 GMT server cloudflare vary Accept-Encoding,User-Agent,User-Agent x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8OCiQMFLqv8Sfm4oOrN5wDQKadQleRRsCMDLCn82ayAPEqgnSV%2F3VewWMq3viwHCdy%2BDX4BJn0By8DxdbySOoZq8SjnG%2FwNVYZT2m1qn0KrPl67m3hzyvxixjhAuq2jY5jvKYevNwryZrtFhTumyg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 cf-ray 77f9ae169f73d38b-CDG expires Mon, 02 Jan 2023 12:04:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	106 KB 41 KB	93ms 34ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874 Requested by Host: unionflees.com URL: https://unionflees.com/0/0/0/3c6bc12908b09f9493489453e47d5c3a/117/23083_0_44/121223465 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 91697766f446e33348c84b0ea7480519930c20d2533ff834baf7732053a2f79a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 41821 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 26 Dec 2022 12:04:37 GMT
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	407ms 59ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap Requested by Host: annualhelmet.info URL: https://annualhelmet.info/assets/css/dublin/dist/common-hybrid.css?v=b7a0f5f370e0887aa2c4496fa641a8ad Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dcf5dfc09ff7659a86068a49ad4db5e5542a7ff352e0ec3956b2e79d4a5102f3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 26 Dec 2022 12:04:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 26 Dec 2022 12:04:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Dec 2022 12:04:38 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	213 KB 75 KB	85ms 33ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ccaf866cf56ec2561a80368a4bb0d146535715414be9167728f3e6fe766ba926 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76285 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 26 Dec 2022 12:04:37 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 348 B	77ms 29ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=2oebu0&_p=2027901670&cid=1234902298.1672056278&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672056277&sct=1&seg=0&dl=https%3A%2F%2Fannualhelmet.info%2F4504a4f5b38f329fa46e8c7ea03b416f&dr=https%3A%2F%2Funionflees.com%2F&dt=%5B1%5D%20R%C3%A9compense%20en%20attente%20-%20Leroy%20Merlin%20-%20Nous%20voulons%20votre%20avis!&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers pragma no-cache date Mon, 26 Dec 2022 12:04:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://annualhelmet.info cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v9e118mez8 Show response trk-epicurei.com/scripts/push/	7 KB 3 KB	169ms 118ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk-epicurei.com/scripts/push/v9e118mez8 Requested by Host: annualhelmet.info URL: https://annualhelmet.info/inc/msg.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90 Security Headers Name Value Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data: X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT content-security-policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data: x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options DENY vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers content-type application/javascript;charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQX7kxG8Wk2tDRNaFB4gFjlGyTJGtrFzjzjFXtTdn%2BMzGZ3t4wnZ8MDV0lDGYcTq2UpbolwETyV1Ki%2Fi%2F0gpFzbxNLUga9dEBd5AhUugh52vkS76u21zauF9pO7wrHnXTa%2FaqZWVNnSZks4VTA21"}],"group":"cf-nel","max_age":604800} cache-control no-cache, no-store, max-age=0, must-revalidate feature-policy geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none' cf-ray 77f9ae1a484699ce-CDG expires 0
GET H3	200	6310a1ddadac71764f0bb348406d4ce0.png annualhelmet.info/fim/1785-FR/	78 KB 78 KB	467ms 466ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/6310a1ddadac71764f0bb348406d4ce0.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86495e237a6d02c514844f047bcf76fde30a250ac86c8182bfb79de07251624d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 79752 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7t7xm%2FoTyf2r9CrNZtcb7%2FgTHqwHk1ZrionQm%2FAhjftFYlcQjMhDderxtACZrX4D%2BTMNboeDrBfFT8nnVvUHxE3%2FW9Ty3ob76FQaukSBM1t%2BHRWEcA5KR2rk5DDkxFBP7WgrXQYTozYWt2B%2BS11xA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1acf5dd38b-CDG expires Mon, 02 Jan 2023 09:40:36 GMT
GET H3	200	2a0d0f9318a68eb2e0a5d48fb0ebb0db.png annualhelmet.info/fim/1785-FR/	211 KB 212 KB	1085ms 1081ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/2a0d0f9318a68eb2e0a5d48fb0ebb0db.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0165d6e2a5346f5d4c60d55b3c74a3cfc63035567826ae2f3d32490a56d293ab Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 216439 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzNmKwTGnuZtbx1RJkVf4cB4OUy9AYvM2Zvq35%2BeuTwPtp1z6jAxGWWnJrd7TR70PJJbNqdrTzAq%2BkFU0lnHDik%2FIEz62%2B0waedrJQFv5lhcwEEzgLB%2BkZglkU1F6v%2F27jQoAbLawDFSkbJxeyuFzA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf64d38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	be6f509655f9a53d28c3be1a4fbc743a.png annualhelmet.info/fim/1785-FR/	49 KB 49 KB	1163ms 1160ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/be6f509655f9a53d28c3be1a4fbc743a.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08b2ec7776c77d0e996f708086726ee562979c83b624ae79716edd41b953df2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 49915 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVjwL1WyfG3E73CebRJqqtAKP5bVqwtr9P%2FDa9LDWPYFDkWZk3M0A4tSP9v3T2ly%2BsGUh2SInRSAvjXx8%2F1%2BPaBg3xPNYYFjch5S6apDR2zrCxEeyyHqBkc0nhrFysmyUjEg1T4CTLwhZLuuYRhKIA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf69d38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	c3f7353895766581fbee1a03204059b4.png annualhelmet.info/fim/1785-FR/	13 KB 14 KB	46ms 43ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/c3f7353895766581fbee1a03204059b4.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash daaede23b88adfdab069eb1633cda9abb7326ecaff2207a8b5649f046fe86a76 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13586 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvLI0y7JjUByH1r3nKhVKph74yRemRrqVlNAXFlTPbiu9edUavboBQ409aT7nQcLmHYTGAFc%2BKc%2BuqMUeHTNsaX9Hi1yNOhIDnyMc9gM424DsPGvY0jER8%2BCZus8piBACXyDO6BhDIeDs4aVaxyrig%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf6ed38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	14dfbc4e673111d570317f9f05ce5997.png annualhelmet.info/fim/1785-FR/	210 KB 211 KB	1283ms 1280ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/14dfbc4e673111d570317f9f05ce5997.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1746273f267b9d2a943af1ce3a6423f8c8da4d38175321e2a767c1b27ff37e0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 215485 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8CENCfYhJc42LudvRI%2Fh1JopBQduJTORyEDhToJC5JylhFAiW8YVb0U3rvVkw9rLRM5wc0xvyJt6BaWYwJ%2BZCcaiCag6wNZSqQ4jkE9fqzIlTs7ecqDOW%2BaGiVzpSvDXHiN1%2F7QLhHgkMPOa9kAjg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf77d38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	fb6d3aca3a0e24e924f0e0edf9b30b74.png annualhelmet.info/fim/1785-FR/	249 KB 249 KB	71ms 67ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/fb6d3aca3a0e24e924f0e0edf9b30b74.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cb48281252f573e51418a4ea6b2e6f1b6dc2a88c7cfc3a986d670b4e8863d36 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 254654 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQd1jJygcYEYjeCn%2Ftc63DMUkwImmpzJKH9gtzC%2FwsXYwmFR8bmbItM0n5rsSGMXD%2FiXgVw6DBQ0U8MzQuZshTf3dI5GmHLT0CVRFdMvm8TvT8EuqcxW4NpSRarGSD6t7gQLWDw1GFUr93%2BL12CWjQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf7dd38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	48c67847b97b3b83d736a094848fd9dd.png annualhelmet.info/fim/1785-FR/	1 MB 1 MB	47ms 44ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/48c67847b97b3b83d736a094848fd9dd.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 857133a9dceb3d7bf93fbaad72f5b6010016b0f9e084b3f62e3f357be177901e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1370432 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:40:35 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq33NHvwcfDjfDmlXTSFLBIf%2BARdxTWGQdUfrxFvQ%2BaJdBd6%2BOj8ckD1QSY3eYk2gPxxuqQwaub3UxaiGMSfsQRVjCuE7iGF%2BpVKE%2BdbozX1qarYBkmo8P%2FjLBxJLPHotChiQMDk9cXebxYixM2pBg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf81d38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	9a3b6ff8b1ef258ce0ad248793bdc849.png annualhelmet.info/fim/1785-FR/	4 MB 4 MB	1053ms 1050ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/9a3b6ff8b1ef258ce0ad248793bdc849.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3755 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4209334 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:57:05 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnE6LBIEHd7%2Fwus5HsWNkkmfl3q8q7CiZLot79ySOBMuq7TYCfH5kadw5Uj5nEb2PHtlGeHLr49fVzjSteUnJSDn2ltc%2BI8Wxr24h9mqkokehi%2BpglSOaJfYT0bwU3fBv1g9izNjzOPTTCCmYb6bmA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf85d38b-CDG expires Mon, 02 Jan 2023 11:02:03 GMT
GET H3	200	43a4bea0a86e84e1e2866ad39c298314.png annualhelmet.info/fim/1785-FR/	569 KB 569 KB	2403ms 2400ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/43a4bea0a86e84e1e2866ad39c298314.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 582286 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:49:41 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvqJw5Ddk9hnFVMbIIUCnVL3bP8T5Ji%2B0ZRHD59hkUfr3cc1Q2Iog0%2Fql5tVSjbwadRnFwSK5qYBkU5DOcbXJjKug9feVxojtTpnPCxXOYxLw%2BM8Y3WTtsL1mb7Iil89bCqowOtzcSB5Weq4QM8ptQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf8fd38b-CDG expires Mon, 02 Jan 2023 12:04:38 GMT
GET H3	200	b5fb12404beb2782417e54682c01fec7.jpg annualhelmet.info/fim/1785-FR/	71 KB 71 KB	2503ms 2500ms	Image image/jpeg	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/b5fb12404beb2782417e54682c01fec7.jpg Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8641 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 72492 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:39:36 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/jpeg report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkUnxinLrLBkSCiVynbjjTJpuQm%2B1WcPmS9zeCY4Z1BzLbINvKBSsmS5HItEMxdvaXle0Mn9ICbn18ocmaSyiVwTh%2FlYtenfz8oFdgE5h2UBQiO7ZVkVIQd7FwdbZSb1pN4OwZzrz%2FutAqoTtT4GVA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adf9dd38b-CDG expires Mon, 02 Jan 2023 09:40:37 GMT
GET H3	200	99d26040b2b7fae99345f8f1431bdcfd.png annualhelmet.info/fim/1785-FR/	501 KB 0	2519ms 2516ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/99d26040b2b7fae99345f8f1431bdcfd.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 852224 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 10:14:19 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx7ATUzkqHB0FObEP1QH7DSXhklZISfGimHjKeR8ETeU9aycpesnuq1yfJ%2BpKlz3MFtJku%2FM69VCZcSg41Js4HiKtQ3UE50Nx%2BjulsZm%2BlKI0WV%2FlLHYHFypV0yhMCQafPW5ASHZq9Lrq8ubX%2FYw0A%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adfa2d38b-CDG expires Mon, 02 Jan 2023 12:04:38 GMT
GET		7744d24d027a52f29ba2577a08683563.png annualhelmet.info/fim/1785-FR/	0 0
GET		23035d8fec2423d2f261786ecc24a21e.jpg annualhelmet.info/fim/1785-FR/	0 0
GET H3	200	7e966c9c630a702ce34436b08722bb99.png annualhelmet.info/fim/1785-FR/	51 KB 0	208ms 205ms	Image image/png	2606:4700:3031::6815:56f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://annualhelmet.info/fim/1785-FR/7e966c9c630a702ce34436b08722bb99.png Requested by Host: annualhelmet.info URL: https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:56f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 26 Dec 2022 12:04:38 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6674 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 589203 x-xss-protection 1; mode=block last-modified Mon, 26 Dec 2022 09:42:23 GMT server cloudflare x-frame-options SAMEORIGIN vary User-Agent,User-Agent, Accept-Encoding content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMd4maed4BNzxrOn4gqee8UlPR8tle3bNAZ8dRD02lZlkv309xz5Qeklosq%2FvGOCFpg%2BrAXZo5tuqGPT4CV7yeIrNrLPQbm4CK9Ue7LHJmyXdK8%2F9Nqyw31hueJRHTQmeOTuDCsOn7UvftXKo66KuQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=604800 accept-ranges bytes cf-ray 77f9ae1adfd1d38b-CDG expires Mon, 02 Jan 2023 10:13:24 GMT
GET		58a1b28b5f76fd41e8cf7468b2450d8f.jpg annualhelmet.info/fim/1785-FR/	0 0
GET		55c6a1cab7376c44213c58fb19e2a65b.png annualhelmet.info/fim/1785-FR/	0 0
GET		76ae9de430c2414a9a994020c580f786.png annualhelmet.info/fim/1785-FR/	0 0
GET		27d2a887e644a3e823a8d6e99da195a7.png annualhelmet.info/fim/1785-FR/	0 0
GET		4504a4f5b38f329fa46e8c7ea03b416f annualhelmet.info/	0 0
GET		fa-solid-900.woff2 annualhelmet.info/assets/vendors/fontawesome/webfonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/7744d24d027a52f29ba2577a08683563.png

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/23035d8fec2423d2f261786ecc24a21e.jpg

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/58a1b28b5f76fd41e8cf7468b2450d8f.jpg

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/55c6a1cab7376c44213c58fb19e2a65b.png

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/76ae9de430c2414a9a994020c580f786.png

Domain

annualhelmet.info

URL

https://annualhelmet.info/fim/1785-FR/27d2a887e644a3e823a8d6e99da195a7.png

Domain

annualhelmet.info

URL

https://annualhelmet.info/4504a4f5b38f329fa46e8c7ea03b416f

Domain

annualhelmet.info

URL

https://annualhelmet.info/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| _0x4eba function| _0x3ccf object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain object| _0xc1e function| _0xe65c function| $ function| jQuery object| bootstrap function| datehax function| startTimer number| duration object| _0xc3e function| _0xe62c string| rightnow string| imageSquare object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub object| _0xc23e function| _0xe48c string| LNG string| CMP string| CNT string| BID string| API_URL function| a0_0x34710f string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| a0_0x3e61 function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| a0_0x52ff function| showStreetStateU function| showModal function| showOfferWallU string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl string| questiontx string| of function| putVarCommon object| _0xc32e function| _0xe91c object| _0xc89e function| _0xe74c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			unionflees.com/	1970-01-20 09:10:48	Name: uid4579 Value: 884011553-20221226070436-51cd74691425c8c2de45052cead6d772-
			annualhelmet.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 57a48a878ac7dcba867aaab31a3d22c6
			.annualhelmet.info/	1970-01-20 18:03:36	Name: _ga_JMJ044GLKX Value: GS1.1.1672056277.1.0.1672056277.0.0.0
			.annualhelmet.info/	1970-01-20 18:03:36	Name: _ga Value: GA1.1.1234902298.1672056278

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

annualhelmet.info
fonts.googleapis.com
region1.google-analytics.com
trk-epicurei.com
unionflees.com
www.googletagmanager.com
annualhelmet.info
195.54.167.192
2001:4860:4802:32::36
2606:4700:3031::6815:56f3
2a00:1450:4001:806::2008
2a00:1450:400d:80c::200a
2a06:98c1:3120::3
0165d6e2a5346f5d4c60d55b3c74a3cfc63035567826ae2f3d32490a56d293ab
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
0f5774e8ce3362916f29959ed060c50f2c631729dd0aadb33700a95ea88f307c
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5
6cb48281252f573e51418a4ea6b2e6f1b6dc2a88c7cfc3a986d670b4e8863d36
7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074
7eaca998de877282b9606282b09b332a19cb19e43431143fd0ca51732aa0fb55
857133a9dceb3d7bf93fbaad72f5b6010016b0f9e084b3f62e3f357be177901e
86495e237a6d02c514844f047bcf76fde30a250ac86c8182bfb79de07251624d
91697766f446e33348c84b0ea7480519930c20d2533ff834baf7732053a2f79a
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
9ff8cfb299ecdd2987b008d3addf01b2a576e5dd1dbaa3962c943add94d3546c
a1746273f267b9d2a943af1ce3a6423f8c8da4d38175321e2a767c1b27ff37e0
b08b2ec7776c77d0e996f708086726ee562979c83b624ae79716edd41b953df2
ccaf866cf56ec2561a80368a4bb0d146535715414be9167728f3e6fe766ba926
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
daaede23b88adfdab069eb1633cda9abb7326ecaff2207a8b5649f046fe86a76
dcf5dfc09ff7659a86068a49ad4db5e5542a7ff352e0ec3956b2e79d4a5102f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3acca3cfcc7b0b0e95e89e6b9bcbb35dcdd49e9f66f4277afad0da48584563
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fc2a906966dca25e41863f4ceaefa2ba8a923d8b00512080ed3741a62ad7f494
fd0cc59e3576168e72feae629158c422e254e2043510e6e3f7aa4300cd37d1a1