helm.life Open in urlscan Pro
52.43.222.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lx...
Effective URL:
https://helm.life/virtual-halloween-parties/
Submission: On November 10 via api (November 10th 2022, 8:52:38 pm UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 32 domains to perform 147 HTTP transactions. The main IP is 52.43.222.191, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is helm.life.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 27th 2022. Valid for: a year.

This is the only time helm.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::6812:2a5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	52.43.222.191 52.43.222.191	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:228d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.5.136.4 52.5.136.4	14618 (AMAZON-AES) (AMAZON-AES)
1	34.253.58.124 34.253.58.124	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.195.195.43 44.195.195.43	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400e:1b::a	15169 (GOOGLE) (GOOGLE)
3	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	54.182.0.80 54.182.0.80	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1	3.94.137.4 3.94.137.4	14618 (AMAZON-AES) (AMAZON-AES)
147	40

2 2606:4700:4400::6812:2a5e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 52.43.222.191 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-222-191.us-west-2.compute.amazonaws.com

helm.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

meetings.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:228d (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.5.136.4 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-136-4.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.58.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-58-124.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.195.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-195-43.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2128 (United States)

ASN13335 (CLOUDFLARENET, US)

2459647.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400e:1b::a (Ireland)

ASN15169 (GOOGLE, US)

rr5---sn-5hnednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.2 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.182.0.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-182-0-80.bom52.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.137.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-137-4.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	helm.life 1 redirects helm.life	16 MB
20	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	852 KB
13	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	92 KB
8	googlevideo.com rr5---sn-5hnednss.googlevideo.com — Cisco Umbrella Rank: 49722	2 MB
7	hubspot.com meetings.hubspot.com — Cisco Umbrella Rank: 81003 forms.hubspot.com — Cisco Umbrella Rank: 3126 app.hubspot.com — Cisco Umbrella Rank: 5485 track.hubspot.com — Cisco Umbrella Rank: 2248	27 KB
7	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6928	425 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261	32 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 6532 aorta.clickagy.com — Cisco Umbrella Rank: 1522 hemsync.clickagy.com — Cisco Umbrella Rank: 6019	15 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1540 ka-f.fontawesome.com — Cisco Umbrella Rank: 2985	100 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 309	2 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1923	202 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1781	2 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2382 api-iam.intercom.io — Cisco Umbrella Rank: 2331	2 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	5 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
2	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3333	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4821	46 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2157	30 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2144	40 KB
2	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3160	6 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2230	2 KB
2	sidekickopen10.com 1 redirects t.sidekickopen10.com — Cisco Umbrella Rank: 51542	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5922	548 B
1	hubspotusercontent-na1.net 2459647.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 35704	5 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 334	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	52 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4340	437 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 714	266 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4880	2 KB
147	32

	Domain	Requested by
36	helm.life	1 redirects t.sidekickopen10.com helm.life cdnjs.cloudflare.com
20	www.youtube.com	helm.life www.youtube.com
13	cdnjs.cloudflare.com	helm.life
8	rr5---sn-5hnednss.googlevideo.com	www.youtube.com
7	static.hsappstatic.net	helm.life meetings.hubspot.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	ka-f.fontawesome.com	kit.fontawesome.com helm.life
3	js.intercomcdn.com	widget.intercom.io
3	bam-cell.nr-data.net	meetings.hubspot.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googletagmanager.com
3	aorta.clickagy.com	2 redirects tags.clickagy.com
2	track.hubspot.com	helm.life
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com helm.life
2	app.hubspot.com	meetings.hubspot.com static.hsappstatic.net
2	forms.hubspot.com	js.hscollectedforms.net meetings.hubspot.com
2	api.hubapi.com	js.hsadspixel.net
2	www.google-analytics.com	helm.life www.google-analytics.com
2	js.hscollectedforms.net	js.hs-scripts.com meetings.hubspot.com
2	js.hs-banner.com	js.hs-scripts.com meetings.hubspot.com
2	js.hs-analytics.net	js.hs-scripts.com meetings.hubspot.com
2	js.hsadspixel.net	js.hs-scripts.com meetings.hubspot.com
2	js.hs-scripts.com	helm.life meetings.hubspot.com
2	fonts.googleapis.com	helm.life
2	t.sidekickopen10.com	1 redirects
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	www.google.de	helm.life
1	2459647.fs1.hubspotusercontent-na1.net	helm.life
1	js-agent.newrelic.com	meetings.hubspot.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	js.hsadspixel.net
1	hemsync.clickagy.com	tags.clickagy.com
1	forms.hsforms.com	helm.life
1	id.rlcdn.com	helm.life
1	sync.crwdcntrl.net	helm.life
1	tags.clickagy.com	ws.zoominfo.com
1	meetings.hubspot.com	static.hsappstatic.net
1	ws.zoominfo.com	helm.life
1	kit.fontawesome.com	helm.life
147	42

This site contains links to these domains. Also see Links.

Domain
meetings.hubspot.com
www.iubenda.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-27` - `2023-05-27`	a year	crt.sh
*.helm.life Sectigo RSA Domain Validation Secure Server CA	`2022-05-27` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-01` - `2023-01-10`	2 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://helm.life/virtual-halloween-parties/
Frame ID: 69211BD7FDE51D028107CF5CCFFD4522
Requests: 82 HTTP requests in this frame

Frame: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Frame ID: 52403ABFF0BCEF053D22BE1EEEA6070C
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
Frame ID: 28DB03153FD303974A915F25EED559BA
Requests: 41 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f2b77e55.js
Frame ID: EFAA5BB1DA1EA85CE857DA323B123BCC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HELM Life - Hallowe'en Events

Page URL History Show full URLs

https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZH... Page URL
https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-... HTTP 307
https://helm.life/virtual-halloween-parties HTTP 301
https://helm.life/virtual-halloween-parties/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

97 %
HTTPS

75 %
IPv6

32
Domains

42
Subdomains

40
IPs

3
Countries

19881 kB
Transfer

24729 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://meetings.hubspot.com/shonna/demos
Title: schedule a demo here.

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/terms-and-conditions/8069768
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/8069768/full-legal
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35VgJQW2608j22_BpTbW6x22Bx18JyYdW33LrBj2TSCWXVlhRmV7wWN9sW3q2MmD7_95mJVL4jM521GWXWf4t402H04 Page URL
https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35VgJQW2608j22_BpTbW6x22Bx18JyYdW33LrBj2TSCWXVlhRmV7wWN9sW3q2MmD7_95mJVL4jM521GWXWf4t402H04?_ud=a8f32be7-6a54-4c4f-be12-e7b3f9102254&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://helm.life/virtual-halloween-parties HTTP 301
https://helm.life/virtual-halloween-parties/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D

Request Chain 73

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

Request Chain 91

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 137

https://widget.intercom.io/widget/fcbhnieb HTTP 302
https://js.intercomcdn.com/shim.latest.js

147 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35...
t.sidekickopen10.com/Ctc/T+23284/cF1l404/ 9 KB
3 KB 456ms
432ms Document
text/html 2606:4700:4400::6812:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35VgJQW2608j22_BpTbW6x22Bx18JyYdW33LrBj2TSCWXVlhRmV7wWN9sW3q2MmD7_95mJVL4jM521GWXWf4t402H04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7681ac0928438fe8-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 10 Nov 2022 20:52:28 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 44672c6a-c2ae-420e-ad6b-89210dd02260
x-robots-tag: none

GET
H/1.1

200
OK

Primary Request / Show response
helm.life/virtual-halloween-parties/
Redirect Chain

https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8...
https://helm.life/virtual-halloween-parties
https://helm.life/virtual-halloween-parties/

38 KB
38 KB

171ms
171ms

Document
text/html

52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/virtual-halloween-parties/
Requested by: Host: t.sidekickopen10.com
URL: https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35VgJQW2608j22_BpTbW6x22Bx18JyYdW33LrBj2TSCWXVlhRmV7wWN9sW3q2MmD7_95mJVL4jM521GWXWf4t402H04
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: c3f5b657696652d1164c1855207d3db4d3c9c208bc06088adabff95c5dc6cd8a

Request headers

Referer: https://t.sidekickopen10.com/Ctc/T+23284/cF1l404/Jks2-6q7W69sMD-6lZ3nJW500-VS4tnp9dW1pvLQq2rGnStN2mGKw8ZHBQdW3G8S4v949NpDW5lxDWj43qvlYVyM6X08xzDsLW2JhNR_3RBTqqW30g_QV8Llkq4W48Dph648yp6gW2kwNM22c7Nf6W1-1HQQ2CdVChW96Glr57nY2fWW7lfsmF4_9x-VW2L7_vG35VgJQW2608j22_BpTbW6x22Bx18JyYdW33LrBj2TSCWXVlhRmV7wWN9sW3q2MmD7_95mJVL4jM521GWXWf4t402H04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 38850
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Nov 2022 20:52:29 GMT
ETag: "97c2-5ed210075b54a"
Keep-Alive: timeout=5, max=99
Last-Modified: Thu, 10 Nov 2022 17:21:20 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33

Redirect headers

Connection: Keep-Alive
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 10 Nov 2022 20:52:28 GMT
Keep-Alive: timeout=5, max=100
Location: https://helm.life/virtual-halloween-parties/
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 64ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e394b8ce18c3257c0c90c751eea70255778b4fb454c5c3ee19cf0a0515e41d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 20:48:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Nov 2022 20:52:29 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/ 137 KB
16 KB 76ms
34ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3281336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15749
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-22485"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fg0j68gu4rN20hZRz%2FABT2UWDZF%2FOysObwBMTL0cAjH4zacfM0ch9iIkTLqzXc4Tt5fIAXArNG1KUPP3ss1oqIh9SxpXVwo31KUH2D5XWMZSh6wuBR80MjG9nrL2D3kpSeqjclXEM6VBPWyRSo%2FylYvh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1428119bfa-FRA
expires: Tue, 31 Oct 2023 20:52:29 GMT

GET
H2 200 venobox.css
cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/ 11 KB
2 KB 80ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/venobox.css

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668f42e0d474e55967b3175602a720703b6bbcda1f00d9897aad830269956938

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2980945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1884
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401a-2cbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQcETv0iitba32dVssx0kDd18p%2FA67Oyg%2FLZahGocN9LHQ4mqLsu1QgqQI9E74tCKIXX15KFBbvDRQJzBMC2bE0cTtHJL3iBj9oaTXNOCt4AYmo4UTbmi2GqWZDY%2BKwAXOLrKrg12k3lenLw7EDzq%2BNe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1428149bfa-FRA
expires: Tue, 31 Oct 2023 20:52:29 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 81ms
39ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWmtrwlbv91DVo9nbOZcMzz2pGb5Yvvfsf4NvlTOoche10S0l36gkBlARVktKjqHp%2F0H3vbyzOmvZvmfXsm8FbBa1xOb3poEinI%2BlZ6ssR6YBTLtU995ErE1KukoPm%2FjKerTwZ74Mxg5nKBghNdCYsg8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1428159bfa-FRA
expires: Tue, 31 Oct 2023 20:52:29 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 73ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDbBixoYaLnNgedHnVumCK%2FOAyTDXcHR%2BbVAzO1smISBUzoApls1NgVuC9tGEbr51DmZvEpkcGoHrU7eB8qpgka3rurETKC1YcoHc6vgaN1pXvQt3ey9hl%2B8CfOGu0PATlFGQk6P9hGUjlsA6oYLkLQH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1428169bfa-FRA
expires: Tue, 31 Oct 2023 20:52:29 GMT

GET
H2 200 67b2a101ab.js Show response
kit.fontawesome.com/ 11 KB
4 KB 181ms
92ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/67b2a101ab.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6771b989935dfa794a17deed9a412caceb36a4fe11a186b168ab8c09dc389ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 12
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7681ac146f6f903c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FyZUbKW5nMTWfzND3MqB

GET
H/1.1 200
OK sessions3x3.js Show response
helm.life/partials/ 20 KB
20 KB 184ms
183ms Script
text/javascript 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/partials/sessions3x3.js?v1.2
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 9a5787483b47c31fac3f6c511a5593cfce7c6d5fcb2b8022d441bc0975ca6e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:29 GMT
Last-Modified: Thu, 10 Nov 2022 17:20:43 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "4ebb-5ed20fe32c3b7"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20155

GET
H/1.1 200
OK partners.js Show response
helm.life/partials/ 15 KB
16 KB 173ms
172ms Script
text/javascript 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/partials/partners.js?v1.2
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 2fb08a17f92d700f8a35fbebe13d318a8f513bcdc87e0b97aeebcf8237359372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:29 GMT
Last-Modified: Thu, 10 Nov 2022 17:20:43 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "3dd4-5ed20fe32c3b7"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15828

GET
H/1.1 200
OK groupFAQ.js Show response
helm.life/partials/ 23 KB
23 KB 498ms
166ms Script
text/javascript 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/partials/groupFAQ.js?v1.2
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 43308f3538dddf254d7c15352fcdf9812d870feb678a8111bb1814cd9804751c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:29 GMT
Last-Modified: Thu, 10 Nov 2022 17:20:43 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "5ade-5ed20fe32b417"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23262

GET
H/1.1 200
OK bookingModals.js Show response
helm.life/partials/modals/ 176 KB
177 KB 499ms
166ms Script
text/javascript 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/partials/modals/bookingModals.js?v1.3
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 1bc2b312c1294a8c6c87a24ca0a94a45083cba653bd397161af254c60e8b1236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:29 GMT
Last-Modified: Thu, 10 Nov 2022 17:20:43 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "2c1a5-5ed20fe32c3b7"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 180645

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 73ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4230954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27277
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ig%2BdJi7SlA9bLNYra6VyfGi7tMeeX%2FwAIGP12SzKwy6rBPs4cxtemW35nKfPHBGGr20EgD3bWI07SUfTTr3ItAFNr7Qox7Gz%2BFjwR8l%2BiiWFMSlX1FsMKr5DEHXKcqxYoZVF7zylvk12oCIg7Ule5N%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1428189bfa-FRA
expires: Tue, 31 Oct 2023 20:52:29 GMT

GET
H/1.1 200
OK style.css
helm.life/virtual-halloween-parties/css/ 20 KB
20 KB 355ms
169ms Stylesheet
text/css 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/virtual-halloween-parties/css/style.css?v1.3
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: b4c1b6acd3a74df28e8d7ff204651fb7efdc7c1878b464281a25688ab83dc9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:29 GMT
Last-Modified: Thu, 10 Nov 2022 17:21:17 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "4f79-5ed21003e974d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20345

GET
H2 200 clFWIV3ljP7M46poUyND Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 200ms
163ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/clFWIV3ljP7M46poUyND

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

924586812c11fff1043fcdc56f33f89cd7454b6fcecb8ccf3abaaffc37e0a96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7681ac1a6fb89b8c-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type

GET
H2 200 5357668.js Show response
js.hs-scripts.com/ 2 KB
890 B 42ms
19ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5357668.js
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feeb9209142d7624172daec0b47b39b5adc0ecf62013b66659cc22cadb87300c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: b3cf802e-a134-4ac4-b3bb-98668baa6bf1
age: 12
cf-polished: origSize=1992
cf-bgj: minify
last-modified: Thu, 10 Nov 2022 20:52:18 GMT
server: cloudflare
x-trace: 2B22E6988284FE51F1A77B176B09E329B3E49B5D40000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7681ac1a59769bfb-FRA
expires: Thu, 10 Nov 2022 20:53:30 GMT

GET
H/1.1 200
OK HELMdotLife_bigger_transp.png
helm.life/images/ 50 KB
51 KB 168ms
166ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/images/HELMdotLife_bigger_transp.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: f4f00816cba425a15af1023b5fdb83da58074bc5c29c608254789f59db7da65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Fri, 23 Aug 2019 15:57:58 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "c9e8-590cadebbfd2a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 51688

GET
H2 200 MeetingsEmbedCode.js Show response
static.hsappstatic.net/MeetingsEmbed/ex/ 3 KB
2 KB 467ms
449ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c59568d0910e070f81e4f29256bcd83e5fa9217230e2eeb5b2f1cce66f15d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
x-amz-version-id: G06CBr66D7JO6H8PoRJY0VBnQLLRuYiF
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 14:24:12 GMT
server: cloudflare
etag: W/"bf38f9c2121bff527bb6c2db7f7480df"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKbjhfz%2B5Dyw6HKbSXSuTpF%2BA56tMiNsmWXjltszYWLUKAFgFecr%2FkTxouzYCH6BFrHUdgfZzQeiFz7uoEtsS%2By22waVeHrdyOEbU5drLNfDjYMz7lJNW6oYk%2BgCCYBWbanu7EI9q4UoGDS10zwGz%2FxhsrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=60
cf-ray: 7681ac181d715c38-FRA
x-amz-cf-id: ch9VHPOtev_13LdnyeeP9On_o2uLvsyBbiG_XuVV8PZ-jxkLXYi9NQ==
expires: Thu, 10 Nov 2022 20:53:30 GMT

GET
H/1.1 200
OK icon-AbandonedMotelImage.png
helm.life/assets/images/icons/ 608 KB
608 KB 173ms
171ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/icons/icon-AbandonedMotelImage.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: dc26bd45cff8e8215383a82bfdfdf943541753e126401fadd54182f5a16ce8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:53 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "97f4d-5ed20f08a6582"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 622413

GET
H/1.1 200
OK FamilyFeudScreensHalloween-icon.png
helm.life/virtual-halloween-parties/img/icons/ 393 KB
393 KB 169ms
167ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/virtual-halloween-parties/img/icons/FamilyFeudScreensHalloween-icon.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 12edd8a4a3e9f7c361be53652828835ec307ffa46cc9b8eedc72e72480462fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 10 Nov 2022 17:21:18 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "6241c-5ed210051d164"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 402460

GET
H/1.1 200
OK icon-ThrillerPark.png
helm.life/assets/images/icons/ 1 MB
1 MB 172ms
170ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/icons/icon-ThrillerPark.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 16caee8ff7c3b2ed977a8b8a12475ab62c4f22c0f97050a5961a99d9c74c0632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1772a0-5ed20f094c5df"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1536672

GET
H/1.1 200
OK icon-join-us.png
helm.life/assets/images/icons/ 373 KB
374 KB 544ms
185ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/icons/icon-join-us.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 6618dc010686090925cee7f83247ec3e172b653e90cde2034b676446bd2de569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "5d525-5ed20f0958161"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 382245

GET
H/1.1 200
OK icon-hosts.png
helm.life/assets/images/icons/ 98 KB
98 KB 166ms
166ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/icons/icon-hosts.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 183948c42e176851ca1cc2b1acd406243807b340ae445526605c5dc8043931f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1877b-5ed20f09571c1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 100219

GET
H/1.1 200
OK icon-team-pictures.png
helm.life/assets/images/icons/ 97 KB
97 KB 165ms
165ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/icons/icon-team-pictures.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 8b1ac3fe7331075d7af2da807be77785b35930ca1f4d9cb728a68ecca22a49ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1830d-5ed20f095a0a2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 99085

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3282434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6714
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDINSgXIiYChGQBAw86oXU6yg6JWD7b3KmL4hn5kUsI8EIIuFHqL0irTHFmRJSQ4MaJcCVZFWF6Fd40b%2BWv6QGpKMsBeErwAWIaXpCBPovslwC07XehRGr1e04kvdDc9hUWiwKDzwzi3%2BShKnZbu%2BY6d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a1eb39bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/ 49 KB
13 KB 21ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1123848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12230
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-c5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEbbHbYXPPPJHxa8yBSS1DgmtqjMjdv9BuAUt1sTmVMlsyxwYJQ0GlC8w%2FZ4WCNBfmSMpgL2ND1QQtMt7ZZU5%2F4BbV7HyWl5Ow33dOZrYdCMXm4MqN5lQR3ZF0crebHP7U9z7xAdRG0g47C9VU3zzI3G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3edc9bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.4/ 34 KB
9 KB 28ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.4/isotope.pkgd.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2500029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8852
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-89f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2Y5rVIntNGP5Sz%2Bn8aSCBKF1WiAtbwwWu7JaVUWwsY1UE7GMxCWVyapTUAgF11DxQZQe6%2BCx2jQmsj0g%2BdJmr2kHXg47A8Vw%2FhUG8jQJIuf%2Bq192x6NfNy1DfqWcp%2B8wfkfC0annmiAqmsqh8GkITIZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ede9bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 imagesloaded.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.3/ 4 KB
2 KB 33ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.3/imagesloaded.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96aaaa52a09f732bf412087a74fc996f527a730cd2d62eb9630483a179beaac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1213045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1260
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1157"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzcScDbDOM%2B7jveuxnQ2vfA1gh3O5%2BnaV15oRzWjKwyMQ1yRj7F8YGmQ%2BTukitKlf%2B1j48m7C3eRMaQOqBp3uKhN9%2F5jMWXBnrKtHFQTmIav18bXJFeb2ekRJHfQDHU4bZVGFlDZujTWCqvpdoHbNwpO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ee09bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 jquery.scrollTo.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.2/ 2 KB
2 KB 24ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollTo/2.1.2/jquery.scrollTo.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 706207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1162
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-98f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkvovjDN0%2BQLp6leqJPcsq5fmYE7AZX1Mcq4ecUI%2BXwKvlbfvl%2BFQ%2BCjX1exkNJiGKabNY1Hq%2B%2BU2Q2MAuayyquDx71J0Ho6R8JGOR%2BBSwo4sDF9UOazc4BIzmRJaALYx%2BZEpBqTuZrvDan9QRi%2FqZ7W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ee19bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 jquery.nav.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-one-page-nav/3.0.0/ 2 KB
1 KB 32ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-one-page-nav/3.0.0/jquery.nav.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb22aade2f8cbfc096c09da285e2cd541e5f256b3a0890090c8a043eb6d4b147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 874
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-9a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDmz68bud7peHsxrKKI%2FDYTvLINDwiKw0grk6iMtcaW%2FemXagz%2BwxxO91rbzPZwn2B9%2Fe5l%2BWjbXwjA97%2F9FV5ODjgVKQJ3nq4joYoU57m2a8UUKA8WVzVqOFBZ5SsypIfjVwuxyFVwGAjtadh37jRGE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ee39bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 jquery.appear.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.appear/0.3.3/ 865 B
995 B 34ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.appear/0.3.3/jquery.appear.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5636dc6e0365d1aee575140d3e19a41295b41b10879ebe76a46564563a677d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1095412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 414
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-361"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsxxaizRWc%2B5eCWT27cm23CeOkqC1w56T4BDk9iaAKdM00Ccqc33aO%2F7VzYjS1XNk0dzwBLsvArMepbmBmwYIlA%2FU4pBIB%2Ff5OnVLjCnUIxhV7W0rRh6SS1coTlgQNgDq2qzWzPquGILRhcbes7Bjl9s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ee49bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H2 200 venobox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/ 10 KB
3 KB 29ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/venobox/1.8.2/venobox.min.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc8ab51796237ffaf77fe0d6f9a68d0d9653f396fb740f925ed3a778390f6457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 480990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3052
last-modified: Mon, 04 May 2020 16:17:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401a-263a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpkShxXScec5NZCRgIBDCIrOEXJUJvblsWwXRjITZ%2BQE%2Fb5g6idVJoc589JiIySyFnZbv7M0IKHXL9nvb%2BGlOXuaxPavAuFD4Q6DZqgRwirw8WHSKGz1xDw9Z8G43i3FgaaoHIfqs23ku78O%2BY1x8pUS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7681ac1a3ee69bfa-FRA
expires: Tue, 31 Oct 2023 20:52:30 GMT

GET
H/1.1 200
OK script.js Show response
helm.life/virtual-halloween-parties/js/ 3 KB
3 KB 169ms
167ms Script
text/javascript 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/virtual-halloween-parties/js/script.js?v=1.0
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 247cbd411c06a43d997e83209d3e56322e57541be449ab69538fd1da3f88e2cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 15 Oct 2020 03:01:47 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "b4b-5b1acde692c8a"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2891

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 52ms
31ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=67b2a101ab
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 95528
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijpMb%2Flgx5s978eN6WsmWpBCN0vwORSQU8ILl2Fo91yMIsyw1J4sQpuu01I0cp14Bbxw9wLGMy0gxPHt8eqjP4TFBLBy%2BLclzJok%2FeQJntJWy2BcINcFI5YuyGJqvt7rhURRbC5oi1k%2FxTXNXLMJG2Xq7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7681ac152a379bee-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9s5nDQpOe0QEfDsRK1dg4KZSh1ywDRFaDsn0DfDsOAHxKKhEej5-XQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 48ms
28ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=67b2a101ab
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 95528
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riK4DLZwLG96J0%2BEdHAeBsb2Aj3ulXD8LbRfzqhg03MLslsd%2FMmYssz5Lkpit7JZPYKb%2Bf5JgpHsgAdZ1xF8CiQQHYKhcxX%2B3tVIsN5YZL74Jc%2BzRDPvNL0osiUfgdQxImuzNp5D7VkNvjhQYJtXMcesig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7681ac152a3c9bee-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: M-ifx3vPt1oYm_XVKXnm5AZOgb0tJhhTVK89qZsvCbCaAIWPhhaSqQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 53ms
33ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=67b2a101ab
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/67b2a101ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:29 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 95528
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMk78uaGsPMZiNqyOGxuP24dOPJdXgrvCUftsYaGaZYoyOE61sWIaVOg2nRIJA%2BoLD8KS44sMFvRmNgWO%2BqZcckr8AwI%2FdRJhEfqTYWpmWMHiyhX%2FFpZ0Y%2FY2bSxYOhO9W60ttJ2lPjtYhpLhXwECM%2FRBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7681ac152a389bee-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: mgD0AfS_5XxjKUhywwNlXGP_UWD2n38b-v7r6tqhrBulKY-6kmxv4w==

GET
H2 200 css
fonts.googleapis.com/ 702 B
465 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Doppio+One

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/css/style.css?v1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58c442d8b27a0d475d79e7954c803eef7cc32fa2b94762d7c43a27728c1c4fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 10 Nov 2022 20:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 20:52:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Nov 2022 20:52:30 GMT

GET
H/1.1 200
OK short-hero-halloween-2022.png
helm.life/assets/images/heros/ 385 KB
385 KB 300ms
166ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/heros/short-hero-halloween-2022.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/css/style.css?v1.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: a9cd338f0e049592083b551f5632cd6215a09cf715f3059c7ab5215665691d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/css/style.css?v1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:53 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "6030c-5ed20f0839f0e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 393996

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helm.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 216408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 08:45:42 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 53ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helm.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:45:28 GMT
x-content-type-options: nosniff
age: 216422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 08:45:28 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 39ms
19ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5357668.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
x-amz-version-id: DLUYzpWToXViCCMAk42gu6ZXj0CV1cO1
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 16
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.301/bundles/pixels-release.js&cfRay=7681abb36bab9c0c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 12:04:15 UTC
server: cloudflare
etag: W/"6c8c013098279271f03db17ec4dd49a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
cache-control: max-age=600
cf-ray: 7681ac1a9cdd9b74-FRA
x-amz-cf-id: kw4MI2QpCapwGizBNanXGmKHSymWV7ttTUxrQ1wDd9Wg6mQ53YMb5A==
x-hs-target-asset: adsscriptloaderstatic/static-1.301/bundles/pixels-release.js

GET
H2 200 5357668.js Show response
js.hs-analytics.net/analytics/1668113400000/ 63 KB
20 KB 548ms
529ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1668113400000/5357668.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5357668.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236c55cd1f6df5469afb5ad60cafcd291dd63e3898fce14ce8e75fd776564c8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: JQ1PAQNXV64MW2WJ
x-amz-server-side-encryption: AES256
x-amz-id-2: YPQK45x3Jx4nRBcKH3s+md7mWUd7u3sEg4W/AVhZ/MPRHdMqDRdcL3IzvsKpcpKYzC78GHKrHeo=
last-modified: Fri, 04 Nov 2022 20:30:34 GMT
server: cloudflare
etag: W/"5df68013031def919b6d00caeb3875c3"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7681ac1a98fb92b9-FRA
expires: Thu, 10 Nov 2022 20:57:30 GMT

GET
H2 200 5357668.js Show response
js.hs-banner.com/ 60 KB
16 KB 63ms
39ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5357668.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5357668.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7de8f0077970bfdbec50e5d6c97e1cc3506edd24784a9f303308b1fc7fa290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
x-amz-version-id: RZBnlBpNt1851_yaV4y8utDssGz3c8CK
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: A3RRH5K6EJEEENTC
age: 10
x-amz-server-side-encryption: AES256
x-amz-id-2: 4xugz0BdlixEHSZpI3E9t7VFl81e3Ej1hZlIOVkzXUo+4jREQJmm+BHKF2b9yNy6WeHlrz0JTLc=
last-modified: Tue, 25 Oct 2022 20:36:16 GMT
server: cloudflare
etag: W/"bbd21005bb883c47c70d7238a48624a9"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://helm.life
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7681ac1a9fb99b51-FRA
expires: Thu, 10 Nov 2022 20:57:19 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 183ms
160ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5357668.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://helm.life/
Origin: https://helm.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=7681ac1a9cdf902a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7681ac1a9cdf902a-FRA
x-amz-cf-id: QzZhVClRGtgiyVfr2tspxnzwVfRNTqqrxCZkXEIliJdm6JsSsW3OYQ==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 demos Show response
meetings.hubspot.com/shonna/ Frame 5240 50 KB
18 KB 175ms
149ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28b8fa2de5f5d3adc6c7ca61ae38969d27c77303183603adf495db7069c4201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://helm.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-MeetingsPublicNewDomain-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7681ac1e4ff39b77-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 10 Nov 2022 20:52:31 GMT
etag: W/"fbf9697b0668a65f3ac2b51c0d486c92"
last-modified: Thu, 10 Nov 2022 04:26:22 UTC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2JZkIPxZjS%2FKAwlPWo9v%2FSRgK82DugOFmk3pdHXmAFljjp6Mb1iiPbfcma%2BJ0xWIq6tHlkJENvIqYaHDNdYfZ4XVM5HGdEQa2GumffTLV%2BZfWJ16Ol%2B8c4jSqT18LePzhYWRZNKkclFXhoz2qmAu7WV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-cf-id: gLBWwSJH8TmNhd9W4KYFAycuZ5sod5pBpBxGyU2CwQErSZg6gUom3Q==
x-amz-cf-pop: IAD12-P3
x-amz-meta-ao: {"allowIFrame":"always","scriptSrc":["fixme:data","fixme:batbing","facebook","impact","hotjar","linkedin","fixme:yahoo-jp","recaptcha","podsights","convertexperiments","googlesyndication","doubleclick"]}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: r3IcRf2HjhXJUjZdJAtqcArtSVri.DKe
x-cache: Hit from cloudfront
x-hs-target-asset: MeetingsPublic/static-1.28540/html/public-na1.html

GET
H2 200 Kp59zq9C2RE Show response
www.youtube.com/embed/ Frame 28DB 69 KB
29 KB 167ms
122ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fff00e4cea37cc50b900dcf559ffc48a98e276d5e9a94f9961b6b9820fa2707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helm.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 20:52:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK team_QcjLU6DfmF9OWC0uHkK8_Certificial-Team-Pic-Motel.png
helm.life/gear/gear-uploads/ 1023 KB
1024 KB 174ms
174ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team_QcjLU6DfmF9OWC0uHkK8_Certificial-Team-Pic-Motel.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: adca4721e086e45bbc67bfa2913475050fdd84ae84c4aba1f7ef4698ee33655b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Fri, 29 Oct 2021 20:42:10 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "ffdf5-5cf83dc774c6a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1048053

GET
H/1.1 200
OK team_VuTyirASmx5MGh0ONsbI_Netsuite-Oracle-AbandonedMotel.png
helm.life/gear/gear-uploads/ 1 MB
1 MB 173ms
165ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team_VuTyirASmx5MGh0ONsbI_Netsuite-Oracle-AbandonedMotel.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 83d7b11e82afabb29b5a86e940c68111d2048c43b41be89b68f3c5d45188fa5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Fri, 29 Oct 2021 15:18:30 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "151cd3-5cf7f56fe4cc1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1383635

GET
H/1.1 200
OK team_VShUbf3BmKXi04CqPDJ2_Sanofi-1220-motel.png
helm.life/gear/gear-uploads/ 791 KB
791 KB 173ms
172ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team_VShUbf3BmKXi04CqPDJ2_Sanofi-1220-motel.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: c2d013f9c8acf6568b1a3451a7032ffe6dc3f78d285bcb13066d118f1206c37d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Mon, 20 Dec 2021 22:15:42 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "c5c78-5d39b3abf4261"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 810104

GET
H/1.1 200
OK team_jB9ZEyUF310tivgkq5wL_Unilever-AbandonedMotel-1028-2021-TeamImage.png
helm.life/gear/gear-uploads/ 1 MB
1 MB 170ms
169ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team_jB9ZEyUF310tivgkq5wL_Unilever-AbandonedMotel-1028-2021-TeamImage.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: ee17049557bee505d278dc8c2071846d4f3c115152fa629bf38e297bb22057e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Thu, 28 Oct 2021 21:05:47 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "13c858-5cf70131608f8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1296472

GET
H/1.1 200
OK team_e2dSJcQCoDgnrhxjtavf_AFP-VirtualEscaperoomAbandonedMotelbyHELMLife.png
helm.life/gear/gear-uploads/ 1 MB
1 MB 167ms
167ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team_e2dSJcQCoDgnrhxjtavf_AFP-VirtualEscaperoomAbandonedMotelbyHELMLife.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: f3b5df87804320565c1355709555a83deb20e04883d66d805b8d34b638b92313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Wed, 09 Feb 2022 20:44:31 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "12253a-5d79be6870c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1189178

GET
H/1.1 200
OK team-AES-klasdiohq928rhasf-Motel.png
helm.life/gear/gear-uploads/ 928 KB
928 KB 173ms
171ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team-AES-klasdiohq928rhasf-Motel.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 02bc058249916a359b0b47f70248556a6b5c52989cfa86ec1cf17c397148cff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Wed, 14 Sep 2022 22:00:02 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "e7edd-5e8aa40358efd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 949981

GET
H/1.1 200
OK team-ABM-891lkfguabfwcc-top10halloween.png
helm.life/gear/gear-uploads/ 2 MB
2 MB 180ms
180ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team-ABM-891lkfguabfwcc-top10halloween.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 653bcde9850edeb9c388b0d546fd489aa884fb4006d59bd12401a906bb95ba39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:31 GMT
Last-Modified: Wed, 14 Sep 2022 21:53:37 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1c351a-5e8aa293a1eed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1848602

GET
H/1.1 200
OK team-beutel-82n8fnaksl29fa-top10halloween.png
helm.life/gear/gear-uploads/ 2 MB
2 MB 172ms
171ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team-beutel-82n8fnaksl29fa-top10halloween.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: f46c4aba0827fcb0947a0bda7a76cb3662c8ff3bb8f22e2ed192731ba72c0a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Wed, 14 Sep 2022 21:54:55 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "211bea-5e8aa2dde5832"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2169834

GET
H/1.1 200
OK team-fanatics-9029812391823-halloweentop10.png
helm.life/gear/gear-uploads/ 2 MB
2 MB 173ms
172ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/team-fanatics-9029812391823-halloweentop10.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: c744600ad8c7afcc07f4f98375704353691018947a2394feccde305c747e6548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Wed, 14 Sep 2022 21:53:24 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1c8948-5e8aa2878e000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1870152

GET
H/1.1 200
OK stub_hub_logo_600_400.webp
helm.life/assets/images/logos/ 4 KB
5 KB 166ms
166ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/stub_hub_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 5a066e57c89e4cf2ea0802c9cdcddca76e81ecbe27444e054e0d732c9f19663c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:55 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "114c-5ed20f09daf39"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4428

GET
H/1.1 200
OK fanatics_logo_600_400.webp
helm.life/assets/images/logos/ 4 KB
4 KB 180ms
179ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/fanatics_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 1324b9070ba75cca6096c3ad994df9a5e83b149dfb236353cd0b26c0af5b0109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "ebc-5ed20f09b0f51"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3772

GET
H/1.1 200
OK unilever_logo_600_400.webp
helm.life/assets/images/logos/ 11 KB
12 KB 170ms
170ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/unilever_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: a25a76398588aa00c46e293494be8d81baa977946d533994227f02018887ec57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:55 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "2cf6-5ed20f0a02fe0"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 11510

GET
H/1.1 200
OK logo_D7AgFtO8wWlnLpRvPryJ_Nike-logo.png
helm.life/gear/gear-uploads/ 45 KB
46 KB 180ms
180ms Image
image/png 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/gear/gear-uploads/logo_D7AgFtO8wWlnLpRvPryJ_Nike-logo.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 4f90bb23123116189eb771dd97c64d841c43c7b863ac9027ee391b3b5bc16f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 16 Dec 2021 02:33:00 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "b4dd-5d33a3dbbfcaa"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 46301

GET
H/1.1 200
OK credit_suisse_logo_600_400.webp
helm.life/assets/images/logos/ 4 KB
4 KB 169ms
169ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/credit_suisse_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 502cd97205649cba31150b6f37fd78c65028438cf4bad4a7bbc60ec0711de1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "10b2-5ed20f09b0f51"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4274

GET
H/1.1 200
OK abbott_logo_600_400.webp
helm.life/assets/images/logos/ 3 KB
3 KB 684ms
684ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/abbott_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: cfb1c5a8563de2b1a6a7c47ce402c759408e3639a100ea619c10a8a78ab75659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:54 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "c1e-5ed20f09af011"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3102

GET
H/1.1 200
OK netsuite_logo_600_400.webp
helm.life/assets/images/logos/ 2 KB
2 KB 180ms
180ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/netsuite_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 58d3e662070696cf07261a66aaa2b29c89a5bcc2514526e6eb19c71aa7d18146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:33 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:55 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "854-5ed20f09bcad3"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2132

GET
H/1.1 200
OK motorola_logo_600_400.webp
helm.life/assets/images/logos/ 5 KB
5 KB 166ms
166ms Image
image/webp 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/assets/images/logos/motorola_logo_600_400.webp
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 09a00a8e7005af0468efac8b8656d50ac598f0d8d1e92a182b32c265dde5afe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:33 GMT
Last-Modified: Thu, 10 Nov 2022 17:16:55 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
ETag: "1282-5ed20f09bcad3"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4738

GET
H/1.1 404
Not Found dom_a.jpeg
helm.life/virtual-halloween-parties/img/team/ 196 B
196 B 167ms
167ms Image
text/html 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/virtual-halloween-parties/img/team/dom_a.jpeg
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:33 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found anu_rana_headshot.jpg
helm.life/virtual-halloween-parties/img/team/ 196 B
196 B 182ms
181ms Image
text/html 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helm.life/virtual-halloween-parties/img/team/anu_rana_headshot.jpg
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/virtual-halloween-parties/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:33 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 38ms
28ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://helm.life/
Origin: https://helm.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:30 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 74516
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVyhKdDF3UhB2JlvJyL%2BacE%2B7g6YIZnJKfDPGnMQxl5b3GeRiDSzmF9wUcE47u%2FhIExGPMHNsRIt7VdjqzLp0rsQURnpKWtYPBjQ%2Biq60k5z0zsXWYDihRgIxw5nkjp9tZly2HN1rQFS2ofi61xDBsyEVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7681ac1b1d789bf4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xqbzsyBexkJ_7qxa_jicGM9p0ahLUULkmTixAb8TlBqK-vcMV1cJYQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 482ms
14ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 19:29:16 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4995
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 21:29:16 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
829 B 662ms
200ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5357668

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f13bdf82c47961458b1871ec3517cc71f0d81a3dd45162450c925d85c725f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fe6ad4b1-4923-4c49-9c3b-7b3defc776b5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BB89FF85F0FD7F1E443A0E9A67AB3383017D8CF13000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://helm.life
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbhUYlmmk7jLNNMnogKg3HmSkVd4KscsrXcdD04mmuLM1A0OVl8XIx5k1C4Sc9nTrDZNKSc6E35QwtUxQZP3002l9BoHOAN0wwSg%2BDM732MA8q5pfvcmMfJ%2BAih3khGV9WKQxfKN8up7FHG2"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7681ac1e2b209090-FRA
access-control-allow-headers: *

POST
H/1.1 200
OK get_booking_modal_data.php Show response
helm.life/api/ 216 B
696 B 367ms
213ms XHR
text/html 52.43.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://helm.life/api/get_booking_modal_data.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.222.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-222-191.us-west-2.compute.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: a262a4011292c89b0b5e3c4b1f83afaee38cabc344d5a90623f41e336126d565

Request headers

Accept: */*
Referer: https://helm.life/virtual-halloween-parties/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 10 Nov 2022 20:52:30 GMT
Server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , Authorization
Content-Length: 216
Keep-Alive: timeout=5, max=98

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 498ms
62ms Script
application/javascript 2606:4700:4400::6812:228d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/clFWIV3ljP7M46poUyND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:228d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: eiH8z613.BRzukjofzW7pfMQ5QqyyUJw
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 8856fedb63df7336fbe33f5df12fe4d6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P1
age: 70417
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 07 Oct 2022 12:51:20 GMT
server: cloudflare
etag: W/"39cbfce65efed785f567d3a64646eed5"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7681ac1e3d605bf5-FRA
x-amz-cf-id: phQTs7N_P6YsdVOwBLNUH4AAqg9oB-U-Ixkleo2hc5xjm6LAvuo3lQ==

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1016 B 540ms
153ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5357668&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33446bffd18b801ea2b3640d6c877020c831f7ba3d4dc6a91b14c8487e5f04a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://helm.life/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: df162bbf-cb03-4a30-a5cf-561dc5fdccfb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://helm.life
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0g6I%2FJxkvvVs3ur3jl6%2Bcf2vj8jJGS6HsexMjnJzrT3w6kVwfFlyzLNAFUCdZb69YMrtKMACCfReBvzkUyij%2BwWyMMc0dUm4ZIIrXP31BnDDAGWOL1%2FHMNnoNcmBLUNi%2BoMfj5vXXVNO7er7wTn"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7681ac1e3e435c92-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
18ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=325667772&t=pageview&_s=1&dl=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&ul=en-us&de=UTF-8&dt=HELM%20Life%20-%20Hallowe%27en%20Events&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1199933143&gjid=930752967&cid=2105834485.1668113551&tid=UA-47217208-4&_gid=856852877.1668113551&_r=1&_slc=1&z=1229791395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helm.life/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helm.life
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
503 B 284ms
92ms XHR
application/json 52.5.136.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.136.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-136-4.compute-1.amazonaws.com
Software: Aorta/20221109.cd7826bc8 /
Resource Hash: aa3d7c036c53cc0c40ad2617a84bf2f8901f18c1cd23ad036b0caa29e8534cd0

Request headers

Referer: https://helm.life/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: gzip
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://helm.life
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: f4bfe6e814d2
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

404

/
sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7...

49 B
266 B

117ms
34ms

Image
image/gif

34.253.58.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: H2
Server: 34.253.58.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-58-124.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.192
content-length: 49
expires: 0

Redirect headers

date: Thu, 10 Nov 2022 20:52:31 GMT
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 31126eebdc7c
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

73ms
32ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 10 Nov 2022 20:52:31 GMT
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://id.rlcdn.com/711861.gif
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 82440e09cb25
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
437 B 175ms
151ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 5699f554-eb6f-4e31-bc37-29068b6a8ac0
x-trace: 2BEE2BAC632592B2329042D0C2FD23CA271E79B2A6000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7681ac1f5d369b7d-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 28DB 359 KB
49 KB 51ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 08:58:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28DB 15 KB
15 KB 52ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 44430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28DB 15 KB
15 KB 53ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 253872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.245/ Frame 5240 44 KB
16 KB 43ms
31ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Requested by

Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 15958
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
server: cloudflare
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkNUH727rpplD%2BDCP5v1xmsNVTotHZtqXdj2xve%2FtNG6IWiVpOtrUtLD7Ziq1iGqCsgfOPXYrSBi7jw0yIkI9d7bEHqLTdQmPRYG1jRRnrNQI2kvqgq9webzQdBvXeaiyG135JxT3NMFplChYYO1mfc%2FyeQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5cdd90a2-FRA
x-amz-cf-id: f2vy5JYeFPt3oGQ4Z2CYBNkQv8DwHG2YU3XCpFDUJHTzROO8NYYJjw==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 book-info-early-requester.js Show response
static.hsappstatic.net/MeetingsPublic/static-1.28540/html/ Frame 5240 2 KB
2 KB 41ms
29ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsPublic/static-1.28540/html/book-info-early-requester.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf2106d020423c4d6c2d4d14a4f7e6cb19c1c782bb7d10df37e38abcfc5c688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: zSNIn9DPYt8baWk2tDVcteAjXu4KzhFX
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 15958
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Nov 2022 16:10:45 GMT
server: cloudflare
etag: W/"f07c7b8e268e312abd69687eb1a35338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6NEQMolMBMc%2Bn3Zj0eVyCz%2Fz0nDcaLmfePgJQZ18DKHUVveiceFzw%2FhxwBIk3MjWjeCxYae6gAJ8HWIU561ibE%2FA9mMbHITZBFEHCJvJKXV7AqX%2FWP%2FH8HGZmXzR2P%2FZFd4Uw1ZCnr4DhkXJRUNeHNQ%2FJQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5ce190a2-FRA
x-amz-cf-id: U6vHpEz9vNsY1bgXCmR1eSPeSvMhBr6MrpOjtYZphDkW1Gzmwb0Ffg==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 project_with_deps.css
static.hsappstatic.net/MeetingsPublic/static-1.28540/bundles/ Frame 5240 182 KB
26 KB 33ms
22ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsPublic/static-1.28540/bundles/project_with_deps.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a98daa2ba7710ef8526045a99acb9a742f72214b9ba27f17c1b5c0fbe1deea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: gHqHWSryO_w5HSi4gBcAePaa2tBJwXS1
via: 1.1 120b3c0f2e15a58ec71cef7658e3ef14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BRU50-C1
age: 16829
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Nov 2022 16:10:45 GMT
server: cloudflare
etag: W/"240e28d02820b8f0cc4fddfc5ca9617d"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5c78SecrW3ltAnmiwwTwU4iWc03AFanbBEOAGONOJej%2Bbf20oUwF8fbt6pDW7I84iBQ7Bk4st%2FLBZjJh2y%2FKHqgrRG08vWUmQ8j75P7OJ70%2FM3jd87Gys%2FXxgSWBY1aYXB3MhmUImmavJ5FgSU9qh%2B2VVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5b7a695e-FRA
x-amz-cf-id: l4014LYad_7kTg1VjYJxPwJmFsClOdKKJ6gMHgB0rrtpX6sSr-45lA==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 configure-monitoring.js Show response
static.hsappstatic.net/MeetingsPublic/static-1.28540/html/ Frame 5240 743 B
1 KB 50ms
39ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsPublic/static-1.28540/html/configure-monitoring.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0f508d72b0c80492449bb1c05415bcf973a7593dcb9dfd4c34d5aa206fe886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: QSCQqnSrQJoK0V8lEcdwYcH4JAtBJNa6
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DUS51-P2
age: 15957
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Nov 2022 16:10:45 GMT
server: cloudflare
etag: W/"2c30206656f71c0628709170657aa77f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmjhUhULmXHUCDt%2FHNSOtrX7qknmJhgB3MKWpN59KKVM9%2BJDo%2BNCBoKzuGnI4wapm10eGfk6%2FacRzwQAxHyuirFL4BtkmxD609d0YIes9h6lkajMj1G0YRfKhKZz%2BgWgaKIR5ZzCUcX6Yb1fNslf3kuHmF0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5ce590a2-FRA
x-amz-cf-id: n7hVKP9K9grEpbijLX7JhAwdqeAWJyMK9grSe3FNcIgoXeiTPQEfeg==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.332/ Frame 5240 295 KB
95 KB 50ms
39ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 15957
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
server: cloudflare
etag: W/"d9e371a943207738b889e588b0560980"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtVS893iR10roRdR%2BcDZM0Ad2Q9GPFdxdOuo917W9mwxETXCaZvH0e0sjLWNTenosfU2SBouKhruA7CZQCv%2Ffr%2FcPVJ3tTkQBTWjvZpSatOT7zodK0vVEh1i5uHA5gxBtCGaJT6cnqe7I6D52RWP06A1hUY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5ce890a2-FRA
x-amz-cf-id: 77MDum6kYsHsXD8mmwyvQOyufQSRY5d3PDQokKC77_kz7AWHoxpqKw==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 project.js Show response
static.hsappstatic.net/MeetingsPublic/static-1.28540/bundles/ Frame 5240 979 KB
283 KB 70ms
59ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsPublic/static-1.28540/bundles/project.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12e73667132b78599304c60781bcae9bb2352eec79a570b4011d1dab5395640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-version-id: UN9DAjTL6xif6tWEBjhWkOYikCVkPioR
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P3
age: 15957
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Nov 2022 16:10:45 GMT
server: cloudflare
etag: W/"885c129fff62635181e86ac9ee02f55d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdD3wMa8KvQDsFD9njWeC82FMIKiBuwIHsaMUkIASvcgzlPP5m52pNMEtzRvpuUhY%2BnnFZIEM5p%2Fi2%2FlMb5ZAAh2N7hFQCJ5LVBUF0EPkD3QhffR%2FDCd95lSQ6rVm7jebDIqUL1zYGyDKoFPYrnOp9rduWg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 7681ac1f5cec90a2-FRA
x-amz-cf-id: hJhkaWismD2MQrhqAnKvRYiSzyel5TRIj6QuA6OCw3wSFMgD2nzY8w==
expires: Fri, 10 Nov 2023 20:52:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 28DB 309 KB
96 KB 69ms
45ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 06:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Nov 2023 06:06:39 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 28DB 2 MB
576 KB 55ms
33ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 28DB 9 KB
3 KB 67ms
45ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 15:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 15:39:07 GMT

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
322 B 866ms
95ms XHR
text/plain 44.195.195.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.195.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-195-43.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://helm.life
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 76ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-967701883

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0eae7231d93fbf73b16ac716b448ae52cd5fe8b97c8e84882f47f95120f55f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52982
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 18:21:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 20:52:31 GMT

GET
H3 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/ 2 B
716 B 164ms
143ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/json?portalId=5357668

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ca06c395-62ca-4639-af4b-518d4db14942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2B7D5A0D023247369EB4D014D2B7BA6184FA484AE5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://helm.life
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQZ%2FxAPza7IY0Kxg8X2LYnHO4H0q2G4tsXCviB%2FSWwTZrBj7%2B31gLLmvp00hvXHm3zjv1HqUaz7gX8GmaIc7qFDLrm5dYHFBTVGwalDEVhbY2GrvLiFAurO%2FSS0M3%2F6zLUFQVld5JS%2Bj%2BGA%2F"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7681ac1f9ce291e1-FRA
access-control-allow-headers: *

GET
H2 200 book Show response
app.hubspot.com/api/meetings-public/v1/ Frame 5240 30 KB
5 KB 395ms
392ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/meetings-public/v1/book?slug=shonna%2Fdemos&now=1668113551302&includeInactiveLink=true&location=meetings.hubspot.com&hubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentCosPageUrl=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&hs_static_app=MeetingsPublic&hs_static_app_version=1.28540&clienttimeout=12000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0896a995a58651a2c33a9dab1597ca65bfd2a9d7e5d481e7d9fb44fa33054b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://meetings.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5ea653a2-4a1c-4478-b760-011a81a17831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BE1852DD2ECB244E40636DEB01C65F4794F6DEE78000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Lza8rhZ8o%2FVFqQvjuuV6w27BOID2tFolS3j9GGL7gzEwe%2ByI3xj1IALxfKu4p7NURw4mvPRkO7Qbf9kYeMmm6s6tQk%2Fmdt%2BZ2CAy5cKx1gG1MkRaE2A5S9%2FPsWl9EKDuhdC2NCUhnjRZUlS1A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7681ac1fa9ed5c92-FRA
access-control-allow-headers: Content-Type, X-HubSpot-Static-App-Info
timing-allow-origin: *

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 28DB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

71ms
21ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0d1ac78f0c09d7b379a4d6db30718a3f991168ceb195b5166a737ce1612680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 20:52:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 28DB 29 B
588 B 74ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:50:07 GMT
x-content-type-options: nosniff
age: 144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 21:05:07 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 5240 49 KB
18 KB 43ms
19ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Thu, 10 Nov 2022 20:52:31 GMT
x-amz-request-id: H7R2Y79WNHW6K7MV
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: HM6YMCkn+y/gZ8/6BcG0QFa8pWS+Kfbai55VFIhjPYrKOhmv2eIKk9036HHA9Y7k4FHVyOS9Vfs=
x-served-by: cache-fra-eddf8230025-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1668113552.624496,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2704

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/967701883/ 2 KB
1 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967701883/?random=1668113551599&cv=11&fst=1668113551599&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&tiba=HELM%20Life%20-%20Hallowe%27en%20Events&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=322494487.1668113552&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-967701883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6da7d3a58aff125390c0d4c65de704c3f5e8814575dc75443689d18f48b827b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 91ms
25ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 20:52:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 28DB 66 KB
30 KB 66ms
32ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c101f28c086534bd16ac9fcc428b3b3bbd4d3b05cd161275d77fa5ebadcf37ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30936
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 28DB 52 KB
21 KB 125ms
125ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

501e6e561c45ee5b4d3344703256c8db41bb1a1beb66dcd15973de26ea0c205e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221106.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 20:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21132
x-xss-protection: 0
expires: Thu, 10 Nov 2022 20:52:31 GMT

GET
H2 200 gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js Show response
www.google.com/js/th/ Frame 28DB 36 KB
15 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 18:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 18:56:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 28DB 26 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:14 GMT

GET
DATA 200
OK truncated
/ Frame 28DB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_CZKrQitWbtvxw6K8JsOQf4Y6TNBwMn_Bm7HRc=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 28DB 2 KB
2 KB 294ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_CZKrQitWbtvxw6K8JsOQf4Y6TNBwMn_Bm7HRc=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63714209a5703810baf8660094891ab5ee850cf8f7b455e618d57c146d5017a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:19 GMT
x-content-type-options: nosniff
age: 13
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 11 Nov 2022 00:10:52 GMT

GET
DATA 200
OK truncated
/ Frame 28DB 352 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de0bd9fcb54fbf3244b784fb2f44a4123e21db4e52c5fe89ff8806bc0c3eb487

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5357668.js Show response
js.hs-scripts.com/ Frame 5240 2 KB
750 B 131ms
131ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5357668.js?analyticsCommon=true
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9594d8ebd07d1c8e3dfa91de55eda90aafa2dbf39005dff86e9f27e68c3a6b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Nov 2022 20:52:32 GMT
server: cloudflare
x-hubspot-correlation-id: ca4f7541-95d3-4c8a-9dcd-442f91b82a3c
x-trace: 2BC3DB06AE171DF4B7ABF283CB2BFEF0ACF86161A5000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7681ac234be69bfb-FRA
expires: Thu, 10 Nov 2022 20:53:32 GMT

GET
H2 200 a2a3fb92-95e2-4412-8a2e-bf1b46df2463.png
2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/ Frame 5240 4 KB
5 KB 1062ms
934ms Image
image/png 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/a2a3fb92-95e2-4412-8a2e-bf1b46df2463.png
Requested by: Host: helm.life
URL: https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5678ed87a2f11f1907a6d2d76dce2073d20f6fdcdd4fa2f7530953793a7aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-63801160273,P-2459647,FLS-ALL
x-amz-version-id: FKkfHwWu.uSAGWaYPRB20M2IvhymFf0.
x-amz-cf-pop: FRA56-C1
x-amz-request-id: XVJ1ACEPA7EKR06C
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-63801160273,P-2459647,FLS-ALL
cache-tag: F-63801160273,P-2459647,FLS-ALL
x-amz-meta-index-tag: none
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 4225
x-amz-id-2: SZuFglrxyvygrpabXcHcbxEMFrhArXFnFCogrq3KwldyXBo+pC0qGlMnNtxRVTcxFC4q/nffTe0=
last-modified: Thu, 13 Jan 2022 14:08:51 GMT
server: cloudflare
etag: "b1129d4d4af158f506b68b2349df0e2c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1642082930794
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7681ac241ba5903d-FRA
x-robots-tag: none
x-amz-cf-id: s6dImZS1jFBi30We0wGlGhmrPWaoLnKlx4Yws9jfx2SJ3H5heUqIjQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 28DB 0
19 B 22ms
21ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=u70SVmLQZSx0JqDh&el=embedded&ns=yt&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24230619%2C24287372%2C24292955%2C24293803%2C24406604%2C24407200%2C24407300%2C24408610%2C24413558&cl=486528943&seq=1&docid=Kp59zq9C2RE&ei=j2RtY_faKu-P6dsPkpaQ4AQ&event=streamingstats&plid=AAXtI_Oyatwxqkki&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKp59zq9C2RE%3Frel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DKp59zq9C2RE%26mute%3D1&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.236:B,0.236:B&cmt=0.008:0.000,0.236:0.000&afs=0.235:251::i&vfs=0.236:134:134::r&view=0.236:912:513&bwe=0.236:130000&bat=0.236:1:1&vis=0.236:0&bh=0.236:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:31 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 127 KB
128 KB 141ms
41ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1668135151&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2&id=o-ADoWCssdyu7feuPjkedo0JgsVopDpMo8Nnn0glkLLmC8&itag=134&aitags=133%2C134%2C160%2C242%2C243%2C278&source=youtube&requiressl=yes&mh=Sb&mm=31%2C26&mn=sn-5hnednss%2Csn-4g5edndd&ms=au%2Conr&mv=m&mvi=5&pl=44&initcwndbps=941250&spc=SFxXNiMy6oOmAESJ21iR3NYvJQlGkiQ&vprv=1&mime=video%2Fmp4&ns=DH-oNIJtdDHMovD8bmS5_9wJ&gir=yes&clen=2082990&otfp=1&dur=61.840&lmt=1633617872786020&mt=1668113100&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=pPGbCaH5GVosUA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALWb0Mwprz_7RzY7oeCZ5pkymkYMJNThLtnezdyy8Wg0AiBh1nDY3eY4KWHy7-JjX-Y0DjQ6LyGEuYFf9O-a_MrhrA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfeJDqM0bSY1cKQ-pwJ6_j4dnyNkG3e6xLGoXd5qvzckCIFug3Ko5Wl_7xHGbdU1I3JFclN77-hUQMXsR4d8ntHr8&alr=yes&cpn=u70SVmLQZSx0JqDh&cver=1.20221106.00.00&range=0-130229&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e04ebdeb5f53cea1569b361d1a9e6707c8a7b542a1e7c9553eee6918649e8f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 130230
Last-Modified: Thu, 07 Oct 2021 14:44:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 64 KB
65 KB 165ms
42ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1668135151&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2&id=o-ADoWCssdyu7feuPjkedo0JgsVopDpMo8Nnn0glkLLmC8&itag=251&source=youtube&requiressl=yes&mh=Sb&mm=31%2C26&mn=sn-5hnednss%2Csn-4g5edndd&ms=au%2Conr&mv=m&mvi=5&pl=44&initcwndbps=941250&spc=SFxXNiMy6oOmAESJ21iR3NYvJQlGkiQ&vprv=1&mime=audio%2Fwebm&ns=DH-oNIJtdDHMovD8bmS5_9wJ&gir=yes&clen=1094511&otfp=1&dur=61.861&lmt=1633617870889370&mt=1668113100&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pPGbCaH5GVosUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgLIMOQYu0ecWDLDabfPevYo_ONFVXJsaCXcfj7VBZYpYCIGFz6iI3BH8Svela6b1StYYi6diGT4EPvh0gU5RkrAff&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfeJDqM0bSY1cKQ-pwJ6_j4dnyNkG3e6xLGoXd5qvzckCIFug3Ko5Wl_7xHGbdU1I3JFclN77-hUQMXsR4d8ntHr8&alr=yes&cpn=u70SVmLQZSx0JqDh&cver=1.20221106.00.00&range=0-65909&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b5ddcca55f7bdf5fa511eb8d484d7562de92deef8adb799d081b731e65ef1a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65910
Last-Modified: Thu, 07 Oct 2021 14:44:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 28DB 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:46 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 28DB 65 KB
24 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b315188d391b0a6bd0ce3891ff88dca7529e1aabe1dc1e6c0ae7b904c5a6f6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24761
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:46 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 28DB 32 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bdadbdbc5d982af1dfbc9c02b8b0cdacaa166b325ad0d8d7589a985516dc03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8793
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:46 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 28DB 6 KB
2 KB 185ms
185ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a9e21aabfb0d3fc97aa4309a5832d8a4dceaae1772e72423f2014f423de9c6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221106.00.00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1893
x-xss-protection: 0
expires: Thu, 10 Nov 2022 20:52:32 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 28DB 90 B
134 B 29ms
27ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a454a4b3e4d023b8be1280b6b0d3c30eb86035ead2a2bc1e42e50c393f65f94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 23ms
23ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 20:52:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 5240 0
1 KB 207ms
189ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=MeetingsPublic&hs_static_app_version=1.28540

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.28540/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://meetings.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 398ec539-f7a5-4344-9e42-480fb7441542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgl11LgWdoSxg3%2BZnOBGHahnT%2BrYOs0XR%2FLixnMgd51axySc9toH81pPbEX4uvLjRZsKtxIMvtuiHywl3N9vcSByXzeTShiEeYIxF1rUteFu1OLDhetgthqHS6aRd7KnNUay%2BDsJFGbZZbJhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://meetings.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7681ac246f6d9137-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/1/ Frame 5240 49 B
950 B 170ms
141ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1506&ck=1&ref=https://meetings.hubspot.com/shonna/demos&be=757&fe=1043&dc=1042&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668113550551,%22n%22:0,%22f%22:507,%22dn%22:509,%22dne%22:509,%22c%22:509,%22s%22:520,%22ce%22:534,%22rq%22:534,%22rp%22:684,%22rpe%22:686,%22dl%22:687,%22di%22:1042,%22ds%22:1042,%22de%22:1043,%22dc%22:1043,%22l%22:1043,%22le%22:1044%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22deviceMemory%22:8,%22cpuCores%22:4,%22downloadSpeedMbps%22:10,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22package%22:%22MeetingsPublic%22,%22packageVersion%22:%221.28540%22,%22template%22:%22public-na1.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isIframe%22:true,%22scriptStartTime%22:770.8000001907349,%22appStartTime%22:911.8000001907349,%22i18nTime%22:917.8000001907349,%22i18nLangLocale%22:%22en-us%22,%22i18nDateNumFormat%22:%22en-us%22,%22isNewI18nLoader%22:true,%22bookInfoFetchPreRender%22:false,%22meetingsLibVersion%22:%22static-2.25922%22,%22reactRhumbVersion%22:%221.8344%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22bookInfoHasMeetingsUser%22:true,%22calendarProvider%22:%22GOOGLE%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4F6P3TzlNSyVSCUeQCzyT5nELHxrjovSbIu8fzuDr58ZJpXbYBDO%2F32AdJvqS1oK2FOXw4zhlFfNT4xtgIuHCuuzXTMN6uyQ92wg90PJPH%2BjOi6sdzq%2Fwu8YK7CTgdc9TJN3Xdy"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7681ac2488c49273-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/967701883/ 42 B
64 B 186ms
127ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/967701883/?random=1668113551599&cv=11&fst=1668110400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&tiba=HELM%20Life%20-%20Hallowe%27en%20Events&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2779140872&rmt_tld=0&ipr=y

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/967701883/ 42 B
548 B 76ms
40ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/967701883/?random=1668113551599&cv=11&fst=1668110400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&tiba=HELM%20Life%20-%20Hallowe%27en%20Events&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2779140872&rmt_tld=1&ipr=y

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 5240 6 KB
3 KB 230ms
228ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
x-amz-version-id: DLUYzpWToXViCCMAk42gu6ZXj0CV1cO1
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 18
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.301/bundles/pixels-release.js&cfRay=7681abb36bab9c0c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 12:04:15 UTC
server: cloudflare
etag: W/"6c8c013098279271f03db17ec4dd49a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
cache-control: max-age=600
cf-ray: 7681ac262a659b74-FRA
x-amz-cf-id: kw4MI2QpCapwGizBNanXGmKHSymWV7ttTUxrQ1wDd9Wg6mQ53YMb5A==
x-hs-target-asset: adsscriptloaderstatic/static-1.301/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ Frame 5240 65 KB
23 KB 240ms
238ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://meetings.hubspot.com/
Origin: https://meetings.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 35596
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=767e47190cc5bbe9-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7681ac262c7f902a-FRA
x-amz-cf-id: 2MbiWAoJZAjQdgcwVAuEKTnvUJ8orjLpx3-V1oHjoNNq0mRvu8c5nA==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 common.js Show response
js.hs-analytics.net/analytics/1668113400000/ Frame 5240 63 KB
20 KB 250ms
248ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1668113400000/common.js
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2f03db8e7c912eb17352c131a41470149fba42a9c2d674c79a952740454bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: CXBA3XKGKSM3M03E
age: 145
x-amz-server-side-encryption: AES256
x-amz-id-2: PDv/vGbed7rsxz9EygWmk3IcHfuVUoY2ATgYO87RkkHbT3aq4z2lQYgMAl/MEM0S13ul0j2/ys8=
last-modified: Fri, 04 Nov 2022 20:21:49 GMT
server: cloudflare
etag: W/"6b2e144007fa92ead9e160af33eeeaeb"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7681ac262a6692b9-FRA
expires: Thu, 10 Nov 2022 20:55:07 GMT

GET
H2 200 5357668.js Show response
js.hs-banner.com/ Frame 5240 60 KB
15 KB 248ms
247ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5357668.js
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7de8f0077970bfdbec50e5d6c97e1cc3506edd24784a9f303308b1fc7fa290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
x-amz-version-id: RZBnlBpNt1851_yaV4y8utDssGz3c8CK
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: A3RRH5K6EJEEENTC
age: 12
x-amz-server-side-encryption: AES256
x-amz-id-2: 4xugz0BdlixEHSZpI3E9t7VFl81e3Ej1hZlIOVkzXUo+4jREQJmm+BHKF2b9yNy6WeHlrz0JTLc=
last-modified: Tue, 25 Oct 2022 20:36:16 GMT
server: cloudflare
etag: W/"bbd21005bb883c47c70d7238a48624a9"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://helm.life
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7681ac2628049b51-FRA
expires: Thu, 10 Nov 2022 20:57:19 GMT

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 117 KB
117 KB 33ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c6395bd7d093babcfcc0f4cdc0721a605974cd9fc5d04fa2692784b39f47f463

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:32 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119857
last-modified: Thu, 07 Oct 2021 14:44:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H3 200 AMLnZu_CZKrQitWbtvxw6K8JsOQf4Y6TNBwMn_Bm7HRc=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 28DB 3 KB
3 KB 63ms
13ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_CZKrQitWbtvxw6K8JsOQf4Y6TNBwMn_Bm7HRc=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

277352644ea9d95bc86ecd0dc7a45232c95a1905422c52276fbd600ecd3c7b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:20 GMT
x-content-type-options: nosniff
age: 12
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2622
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:18:25 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 28DB 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hk2rbQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 64 KB
64 KB 15ms
14ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1668135151&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2&id=o-ADoWCssdyu7feuPjkedo0JgsVopDpMo8Nnn0glkLLmC8&itag=251&source=youtube&requiressl=yes&mh=Sb&mm=31%2C26&mn=sn-5hnednss%2Csn-4g5edndd&ms=au%2Conr&mv=m&mvi=5&pl=44&initcwndbps=941250&spc=SFxXNiMy6oOmAESJ21iR3NYvJQlGkiQ&vprv=1&mime=audio%2Fwebm&ns=DH-oNIJtdDHMovD8bmS5_9wJ&gir=yes&clen=1094511&otfp=1&dur=61.861&lmt=1633617870889370&mt=1668113100&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pPGbCaH5GVosUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgLIMOQYu0ecWDLDabfPevYo_ONFVXJsaCXcfj7VBZYpYCIGFz6iI3BH8Svela6b1StYYi6diGT4EPvh0gU5RkrAff&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfeJDqM0bSY1cKQ-pwJ6_j4dnyNkG3e6xLGoXd5qvzckCIFug3Ko5Wl_7xHGbdU1I3JFclN77-hUQMXsR4d8ntHr8&alr=yes&cpn=u70SVmLQZSx0JqDh&cver=1.20221106.00.00&range=65910-131445&rn=4&rbuf=3677&pot=D4RFLm0R70q3hH3HysXHm8hkJPy2VN4yQqnU4v1PqOZdQfUcMF4A2OSPGT_YVq-qMlp2p-xsIUTDUtng17bq0SwFMoJSs1njj2zx-XAwnbEVPt1udarWbZiJIakEjTpcmHP26eg=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0dece4a1c6b8d7c992b44b83a5306fe21e249f5233875a5e2ab4a5dea2efb5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Thu, 07 Oct 2021 14:44:30 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 28DB 4 KB
3 KB 546ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 20:52:32 GMT

POST
H/1.1 204
No Content f9d051f404 Show response
bam-cell.nr-data.net/ins/1/ Frame 5240 0
681 B 170ms
170ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1759&ck=1&ref=https://meetings.hubspot.com/shonna/demos
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://meetings.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNhbwLPAmDU2qiVNeULF9u6k%2F%2BVgLbfWdCn7okJ6wz%2BrfbLgZTRwwqKgrKzOeSPXc277RCHYS6jgW5cI%2BBkllWTVmas2OhXPmEMbMw8JWsPb9vQJqWj%2FaQMHsgVy0orWl57LHdg8"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: https://meetings.hubspot.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7681ac25fb449273-FRA

POST
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/events/1/ Frame 5240 24 B
738 B 167ms
149ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1764&ck=1&ref=https://meetings.hubspot.com/shonna/demos
Requested by: Host: meetings.hubspot.com
URL: https://meetings.hubspot.com/shonna/demos?embed=true&parentHubspotUtk=3c2396edf0f7b02c3eea4b154e9e4c11&parentPageUrl=https://helm.life/virtual-halloween-parties/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://meetings.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 10 Nov 2022 20:52:32 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://meetings.hubspot.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrdecWuWwgzZQ1IVXXDMv1CovTOXKJqDHtjmPQIx2otO0hNbXgae%2F6V5XKE5oAuQk3sX%2FMFobHfzmdDJN6K77xvNjmhZh0NFx64IV5gLbe%2BNQp3VqxWTHgpYWxoRF5HzwweMOsb3"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7681ac261c33bb73-FRA
Content-Length: 24

GET
H3 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ Frame 5240 115 B
1 KB 151ms
135ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5357668&utk=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33446bffd18b801ea2b3640d6c877020c831f7ba3d4dc6a91b14c8487e5f04a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://meetings.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 63684572-8984-4167-909e-df56d37a2ab7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://meetings.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT2cjLNFWuOMeGtkE9UwXt1V4ruj%2Bfg810T4APkUJSgrBfc2ieeZGsktGL8Sq%2BoZ%2F%2Ff16oYPu4pedNSEjCPiwzZDOGsl8SZ0parUPhSS7guAPin5QkFBaT3vLGyTgmD9syqVM%2FR%2FT4i1Eu3J2FLB"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cf-ray: 7681ac268e669229-FRA
timing-allow-origin: *
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 5240 45 B
495 B 134ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=753e62b9-7c26-44b0-8447-bb079edc2c1d&ft=5&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1059085154&v=1.1&a=5357668&ccu=https%3A%2F%2Fmeetings.hubspot.com%2Fshonna%2Fdemos&r=https%3A%2F%2Fhelm.life%2F&pu=https%3A%2F%2Fmeetings.hubspot.com%2Fshonna%2Fdemos%3Fembed%3Dtrue%26parentHubspotUtk%3D3c2396edf0f7b02c3eea4b154e9e4c11%26parentPageUrl%3Dhttps%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&cts=1668113552401&vi=3c2396edf0f7b02c3eea4b154e9e4c11&nc=true&cc=15

Requested by

Host: helm.life
URL: https://helm.life/virtual-halloween-parties/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meetings.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 531cd821-3401-4a1c-9c85-f882ba75f050
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csqtVFe9AiDvAggeaFCH0xOS23iEftl0Fz9xc0Zg0UkgMwC%2BBDdQkT0p9HHQ7FBeFiUgrBQ1GuhkF7jJ6I7ykvkbFMOm972UqctWOMg9CSa55T%2FMemtAlzsjBITVhDBRWIZlv8IDOMj%2BQaA88FDz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7681ac268eb59b77-FRA
x-robots-tag: none

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 28DB 0
17 B 23ms
23ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=u70SVmLQZSx0JqDh&ver=2&cmt=0.011&fmt=134&fs=0&rt=1.206&euri=https%3A%2F%2Fhelm.life%2F&lact=1243&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=de_DE&cr=DE&len=61.861&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24230619%2C24287372%2C24292955%2C24293803%2C24406604%2C24407200%2C24407300%2C24408610%2C24413558&rtn=5&afmt=251&size=912%3A513&inview=1&muted=1&docid=Kp59zq9C2RE&ei=j2RtY_faKu-P6dsPkpaQ4AQ&plid=AAXtI_Oyatwxqkki&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKp59zq9C2RE%3Frel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DKp59zq9C2RE%26mute%3D1&list=TLGG6NsEAETekMYxMDExMjAyMg&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxTYUEzbm9yQng1Z08yellHaDlaMlh0aG9pdkQwVmlZSExaU2M2RGxWT0NGUWJWQVBta0tES2pKQzhrNkFuZ0tFS0ktVWpZVE1qa1k0VmE5YzFfZ0pJamFvR2lDc1VfRFcxcU9oTFhrNmFmMGxlejhOZUktV21UalREWnlqQnNsWXhhRVFoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 28DB 0
19 B 21ms
20ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=Kp59zq9C2RE&cpn=u70SVmLQZSx0JqDh&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 202 KB
203 KB 15ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f27aa763e8b2b4b6800f1bb8dda06a2959c15326baa30ffadd070adff1125a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:32 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207337
last-modified: Thu, 07 Oct 2021 14:44:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 28DB 52 KB
15 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 18:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 11 Nov 2022 18:56:01 GMT

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 132 KB
132 KB 15ms
15ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1668135151&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2&id=o-ADoWCssdyu7feuPjkedo0JgsVopDpMo8Nnn0glkLLmC8&itag=251&source=youtube&requiressl=yes&mh=Sb&mm=31%2C26&mn=sn-5hnednss%2Csn-4g5edndd&ms=au%2Conr&mv=m&mvi=5&pl=44&initcwndbps=941250&spc=SFxXNiMy6oOmAESJ21iR3NYvJQlGkiQ&vprv=1&mime=audio%2Fwebm&ns=DH-oNIJtdDHMovD8bmS5_9wJ&gir=yes&clen=1094511&otfp=1&dur=61.861&lmt=1633617870889370&mt=1668113100&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pPGbCaH5GVosUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgLIMOQYu0ecWDLDabfPevYo_ONFVXJsaCXcfj7VBZYpYCIGFz6iI3BH8Svela6b1StYYi6diGT4EPvh0gU5RkrAff&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfeJDqM0bSY1cKQ-pwJ6_j4dnyNkG3e6xLGoXd5qvzckCIFug3Ko5Wl_7xHGbdU1I3JFclN77-hUQMXsR4d8ntHr8&alr=yes&cpn=u70SVmLQZSx0JqDh&cver=1.20221106.00.00&range=131446-266829&rn=6&rbuf=7343&pot=D4RFLm0R70q3hH3HysXHm8hkJPy2VN4yQqnU4v1PqOZdQfUcMF4A2OSPGT_YVq-qMlp2p-xsIUTDUtng17bq0SwFMoJSs1njj2zx-XAwnbEVPt1udarWbZiJIakEjTpcmHP26eg=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2a5d5b920f80a7117672922448c1c0d4948eff545c91c35f88c6d350442a0a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135384
last-modified: Thu, 07 Oct 2021 14:44:30 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:32 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 28DB 28 B
54 B 32ms
30ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668113552965
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551369&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 10 Nov 2022 20:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 20:52:32 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/fcbhnieb
https://js.intercomcdn.com/shim.latest.js

18 KB
7 KB

477ms
8ms

Script
application/javascript

18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/shim.latest.js

Protocol

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0e65cee810015284f8f2b6b9bd18856834da9d1732689bcb13abdef4184db5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:51:16 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-version-id: G3JPU8WZRUaEPHHyS2RvFAaiAvUQvnvC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 79
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
last-modified: Thu, 10 Nov 2022 17:46:07 GMT
server: AmazonS3
etag: "d867cedbc234e04e92d34a54bf81e2c6"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: dGo7yRX63HBL7T2FcrhgsfhwBJMZjvN9X4IG-cJQf8cR7kkT-j_CsA==

Redirect headers

date: Wed, 09 Nov 2022 04:01:18 GMT
via: 1.1 91006f46dbd24a109160583f4b3c096a.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: BOM52-C1
age: 147077
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: dNDgaohze8ln3nYCD0aCMc1DWolR-Q3XiBNYXxrHhha_2ZmGgIXgew==

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
645 B 199ms
198ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1059085154&v=1.1&a=5357668&pu=https%3A%2F%2Fhelm.life%2Fvirtual-halloween-parties%2F&t=HELM+Life+-+Hallowe%27en+Events&cts=1668113553891&vi=3c2396edf0f7b02c3eea4b154e9e4c11&nc=true&u=77212298.3c2396edf0f7b02c3eea4b154e9e4c11.1668113553888.1668113553888.1668113553888.1&b=77212298.1.1668113553888&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helm.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ef478539-9fda-458b-bcbd-735351a18dbc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU%2FdyQHw04Ry5J5mEZSxNlLe5JyZO%2FpDcjRvw6bWk2yfnF%2Bfrm8tEnVoVgM0IbrfLt3rkBt6agZZ%2ByPdGQKB6oGnErpbw8GhNAXa1gQRB8SNSbke1CWrZ6FKiQDMtgMzHcUzpjfxPnn%2B2elwa07V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7681ac2fdca59137-FRA
x-robots-tag: none

GET
H3 200 frame-modern.f2b77e55.js Show response
js.intercomcdn.com/ Frame EFAA 450 KB
123 KB 24ms
10ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.f2b77e55.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fcbhnieb

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

235fa70f060321cc009444854f7a256835d595ccde0bd7647565a9a674216a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: vYTP9XtsR39M_77AJj6NmA.Bv_.9vJZx
date: Thu, 10 Nov 2022 19:46:17 GMT
x-amz-cf-pop: FRA60-P4
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 125242
last-modified: Thu, 10 Nov 2022 17:44:34 GMT
server: AmazonS3
etag: "28aef8146a73b5599615494099f0769f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Uqxo4-XxM28y95MWptDTkIRIbYXyhowqon-rwZAOHZZxN-bl93whzg==

GET
H3 200 vendor-modern.b38194e5.js Show response
js.intercomcdn.com/ Frame EFAA 236 KB
73 KB 22ms
9ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.b38194e5.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fcbhnieb

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9d719d45c2b2ff03bf363a40cda3a45b743fa97fd19b809b610698807f9850d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: PibgiIPe7LtMFc7FolrXwaWO3nQLsRJn
date: Thu, 10 Nov 2022 18:53:26 GMT
x-amz-cf-pop: FRA60-P4
age: 7149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74309
last-modified: Thu, 10 Nov 2022 14:51:29 GMT
server: AmazonS3
etag: "aed63d0fa235da260479a62daa1b21ce"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 8LFYRJt0HAj3wh0PsHb5PxKqcI2Q7yH_NoUq8KvwRPwIA0X7Nl14MQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame EFAA 3 KB
2 KB 677ms
479ms XHR
application/json 3.94.137.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f2b77e55.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.137.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-137-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b9d4a90c0cb4e7b79add9c6e032ac71b90473a31acf8524de229bbae821cca19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 10 Nov 2022 20:52:35 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0030b7455fa630838
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 003a1186kv1ubcetsh8g
x-runtime: 0.328858
server: nginx
etag: W/"b9d4a90c0cb4e7b79add9c6e032ac71b"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helm.life
x-intercom-version: ba24e27df50119cce88ea8cc2bcb655cf694da97
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1668113560
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 28DB 28 B
54 B 27ms
26ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668113554978
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551369&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 10 Nov 2022 20:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 20:52:34 GMT

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 219 KB
219 KB 15ms
14ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1668135151&ei=j2RtY_faKu-P6dsPkpaQ4AQ&ip=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2&id=o-ADoWCssdyu7feuPjkedo0JgsVopDpMo8Nnn0glkLLmC8&itag=251&source=youtube&requiressl=yes&mh=Sb&mm=31%2C26&mn=sn-5hnednss%2Csn-4g5edndd&ms=au%2Conr&mv=m&mvi=5&pl=44&initcwndbps=941250&spc=SFxXNiMy6oOmAESJ21iR3NYvJQlGkiQ&vprv=1&mime=audio%2Fwebm&ns=DH-oNIJtdDHMovD8bmS5_9wJ&gir=yes&clen=1094511&otfp=1&dur=61.861&lmt=1633617870889370&mt=1668113100&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pPGbCaH5GVosUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgLIMOQYu0ecWDLDabfPevYo_ONFVXJsaCXcfj7VBZYpYCIGFz6iI3BH8Svela6b1StYYi6diGT4EPvh0gU5RkrAff&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfeJDqM0bSY1cKQ-pwJ6_j4dnyNkG3e6xLGoXd5qvzckCIFug3Ko5Wl_7xHGbdU1I3JFclN77-hUQMXsR4d8ntHr8&alr=yes&cpn=u70SVmLQZSx0JqDh&cver=1.20221106.00.00&range=266830-490873&rn=7&rbuf=12152&pot=D4RFLm0R70q3hH3HysXHm8hkJPy2VN4yQqnU4v1PqOZdQfUcMF4A2OSPGT_YVq-qMlp2p-xsIUTDUtng17bq0SwFMoJSs1njj2zx-XAwnbEVPt1udarWbZiJIakEjTpcmHP26eg=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dbc4f898db1a3d2b90275940a7944e1a6bf8b65daa3fb798674a3af9837b7e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224044
last-modified: Thu, 07 Oct 2021 14:44:30 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:35 GMT

GET
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 28DB 721 KB
721 KB 15ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1685872f93f05d723c10beb25383b35249285fdbcef048b3c084159601161275

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 10 Nov 2022 20:52:35 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738100
last-modified: Thu, 07 Oct 2021 14:44:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 10 Nov 2022 20:52:35 GMT

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame 28DB 0
17 B 23ms
23ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=u70SVmLQZSx0JqDh&ver=2&cmt=3.789&fmt=134&fs=0&rt=5.001&euri=https%3A%2F%2Fhelm.life%2F&lact=5038&cl=486528943&state=playing&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=de_DE&cr=DE&len=61.861&rtn=15&afmt=251&idpj=-7&ldpj=-9&rti=5&size=912%3A513&inview=1&st=0&et=3.789&muted=1&docid=Kp59zq9C2RE&ei=j2RtY_faKu-P6dsPkpaQ4AQ&plid=AAXtI_Oyatwxqkki&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKp59zq9C2RE%3Frel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DKp59zq9C2RE%26mute%3D1&list=TLGG6NsEAETekMYxMDExMjAyMg&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxTYUEzbm9yQng1Z08yellHaDlaMlh0aG9pdkQwVmlZSExaU2M2RGxWT0NGUWJWQVBta0tES2pKQzhrNkFuZ0tFS0ktVWpZVE1qa1k0VmE5YzFfZ0pJamFvR2lDc1VfRFcxcU9oTFhrNmFmMGxlejhOZUktV21UalREWnlqQnNsWXhhRVFoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 delayplay Show response
www.youtube.com/api/stats/ Frame 28DB 0
17 B 21ms
21ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=u70SVmLQZSx0JqDh&ver=2&cmt=4.227&fmt=134&fs=0&rt=5.439&euri=https%3A%2F%2Fhelm.life%2F&lact=5476&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=de_DE&cr=DE&len=61.861&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24230619%2C24287372%2C24292955%2C24293803%2C24406604%2C24407200%2C24407300%2C24408610%2C24413558&afmt=251&size=912%3A513&inview=1&muted=1&docid=Kp59zq9C2RE&ei=j2RtY_faKu-P6dsPkpaQ4AQ&plid=AAXtI_Oyatwxqkki&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKp59zq9C2RE%3Frel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DKp59zq9C2RE%26mute%3D1&list=TLGG6NsEAETekMYxMDExMjAyMg&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxTYUEzbm9yQng1Z08yellHaDlaMlh0aG9pdkQwVmlZSExaU2M2RGxWT0NGUWJWQVBta0tES2pKQzhrNkFuZ0tFS0ktVWpZVE1qa1k0VmE5YzFfZ0pJamFvR2lDc1VfRFcxcU9oTFhrNmFmMGxlejhOZUktV21UalREWnlqQnNsWXhhRVFoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 28DB 0
19 B 26ms
26ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=u70SVmLQZSx0JqDh&ver=2&cmt=4.517&fmt=134&fs=0&rt=5.728&euri=https%3A%2F%2Fhelm.life%2F&lact=5766&cl=486528943&mos=1&volume=100&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=de_DE&cr=DE&len=61.861&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24230619%2C24287372%2C24292955%2C24293803%2C24406604%2C24407200%2C24407300%2C24408610%2C24413558&afmt=251&muted=1&docid=Kp59zq9C2RE&ei=j2RtY_faKu-P6dsPkpaQ4AQ&plid=AAXtI_Oyatwxqkki&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKp59zq9C2RE%3Frel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DKp59zq9C2RE%26mute%3D1&list=TLGG6NsEAETekMYxMDExMjAyMg&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBUEV3RWxTYUEzbm9yQng1Z08yellHaDlaMlh0aG9pdkQwVmlZSExaU2M2RGxWT0NGUWJWQVBta0tES2pKQzhrNkFuZ0tFS0ktVWpZVE1qa1k0VmE5YzFfZ0pJamFvR2lDc1VfRFcxcU9oTFhrNmFmMGxlejhOZUktV21UalREWnlqQnNsWXhhRVFoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Kp59zq9C2RE?rel=0&autoplay=1&loop=1&playlist=Kp59zq9C2RE&mute=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuMkxJNFliTGhUMCiPybWbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668113551548&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C912%2C513&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 20:52:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ws.zoominfo.com/	1970-01-20 16:07:29	Name: visitorId Value: 30379dcda84c66b9670929e37d951c5e3f8d743e72f6c9cdabb340586e34352e
.zoominfo.com/	1970-01-20 07:21:55	Name: __cf_bm Value: d7hKEt6XdRa2qjwsaUKtdVJZJ33VCu3xru_x4kt3UKc-1668113550-0-ASaQWI83sxuk+B9J1cnVpHL7/W56Rle3F2fQQ/dJzEK/dCrVc4Q63jdi5wE5tHjVPqJIQt0HqnPMlWR5TWAP7PY=
.helm.life/	1970-01-20 16:57:53	Name: _ga Value: GA1.2.2105834485.1668113551
.helm.life/	1970-01-20 07:23:19	Name: _gid Value: GA1.2.856852877.1668113551
.helm.life/	1970-01-20 07:21:53	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: CbprRUDWOYQ
.youtube.com/	1970-01-20 11:41:05	Name: VISITOR_INFO1_LIVE Value: n2LI4YbLhT0
.hubspot.com/	1970-01-20 07:21:55	Name: __cf_bm Value: aGYDMq0wuEBgR7I708YINiD1DGx3xL921UQtoQWGWy8-1668113551-0-AaQrrU0+FlOIuAIrw1KBCNyPZ2fGH8uItVrWAI5KJAImaON11zLHnlAHOZluCHvDBbWuvARnOvbL8NVbZKyQHwo=
.helm.life/	1970-01-20 09:31:29	Name: _gcl_au Value: 1.1.322494487.1668113552
.doubleclick.net/	1970-01-20 07:21:54	Name: test_cookie Value: CheckForPermission
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: db8ca0cf7dfda82a
helm.life/	1970-01-20 11:41:05	Name: __hstc Value: 77212298.3c2396edf0f7b02c3eea4b154e9e4c11.1668113553888.1668113553888.1668113553888.1
helm.life/	1970-01-20 11:41:05	Name: hubspotutk Value: 3c2396edf0f7b02c3eea4b154e9e4c11
helm.life/	1969-12-31 23:59:59	Name: __hssrc Value: 1
helm.life/	1970-01-20 07:21:55	Name: __hssc Value: 77212298.1.1668113553888
.helm.life/	1970-01-20 13:50:43	Name: intercom-id-fcbhnieb Value: 6d8ab2cf-6058-427c-ba47-d4e6f6f9d7d6
.helm.life/	1970-01-20 07:31:58	Name: intercom-session-fcbhnieb Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d5ce84b32ca3a7c57fdbbc7860a756b0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://helm.life/virtual-halloween-parties/img/team/dom_a.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://helm.life/virtual-halloween-parties/img/team/anu_rana_headshot.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2459647.fs1.hubspotusercontent-na1.net
aorta.clickagy.com
api-iam.intercom.io
api.hubapi.com
app.hubspot.com
bam-cell.nr-data.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
helm.life
hemsync.clickagy.com
id.rlcdn.com
jnn-pa.googleapis.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.intercomcdn.com
ka-f.fontawesome.com
kit.fontawesome.com
meetings.hubspot.com
rr5---sn-5hnednss.googlevideo.com
static.doubleclick.net
static.hsappstatic.net
sync.crwdcntrl.net
t.sidekickopen10.com
tags.clickagy.com
track.hubspot.com
widget.intercom.io
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
151.101.194.137
162.247.241.2
18.66.147.3
2001:4860:4802:38::178
2606:4700:4400::6812:2128
2606:4700:4400::6812:228d
2606:4700:4400::6812:2a5e
2606:4700:4400::ac40:9a55
2606:4700::6810:5805
2606:4700::6810:650c
2606:4700::6811:180e
2606:4700::6811:47b0
2606:4700::6811:72b0
2606:4700::6811:82ab
2606:4700::6811:8d2
2606:4700::6811:cccc
2606:4700::6811:d5cc
2606:4700::6812:1634
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e6::ac40:cb1c
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400e:1b::a
3.94.137.4
34.253.58.124
35.244.174.68
44.195.195.43
52.43.222.191
52.5.136.4
54.182.0.80
02bc058249916a359b0b47f70248556a6b5c52989cfa86ec1cf17c397148cff2
0896a995a58651a2c33a9dab1597ca65bfd2a9d7e5d481e7d9fb44fa33054b53
09a00a8e7005af0468efac8b8656d50ac598f0d8d1e92a182b32c265dde5afe9
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0dece4a1c6b8d7c992b44b83a5306fe21e249f5233875a5e2ab4a5dea2efb5fb
0e65cee810015284f8f2b6b9bd18856834da9d1732689bcb13abdef4184db5b4
0eae7231d93fbf73b16ac716b448ae52cd5fe8b97c8e84882f47f95120f55f9f
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
12edd8a4a3e9f7c361be53652828835ec307ffa46cc9b8eedc72e72480462fc7
1324b9070ba75cca6096c3ad994df9a5e83b149dfb236353cd0b26c0af5b0109
1685872f93f05d723c10beb25383b35249285fdbcef048b3c084159601161275
16caee8ff7c3b2ed977a8b8a12475ab62c4f22c0f97050a5961a99d9c74c0632
183948c42e176851ca1cc2b1acd406243807b340ae445526605c5dc8043931f2
1bc2b312c1294a8c6c87a24ca0a94a45083cba653bd397161af254c60e8b1236
1c7de8f0077970bfdbec50e5d6c97e1cc3506edd24784a9f303308b1fc7fa290
235fa70f060321cc009444854f7a256835d595ccde0bd7647565a9a674216a72
236c55cd1f6df5469afb5ad60cafcd291dd63e3898fce14ce8e75fd776564c8b
247cbd411c06a43d997e83209d3e56322e57541be449ab69538fd1da3f88e2cc
277352644ea9d95bc86ecd0dc7a45232c95a1905422c52276fbd600ecd3c7b7a
2a5d5b920f80a7117672922448c1c0d4948eff545c91c35f88c6d350442a0a8e
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb08a17f92d700f8a35fbebe13d318a8f513bcdc87e0b97aeebcf8237359372
33446bffd18b801ea2b3640d6c877020c831f7ba3d4dc6a91b14c8487e5f04a9
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43308f3538dddf254d7c15352fcdf9812d870feb678a8111bb1814cd9804751c
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c59568d0910e070f81e4f29256bcd83e5fa9217230e2eeb5b2f1cce66f15d0c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f90bb23123116189eb771dd97c64d841c43c7b863ac9027ee391b3b5bc16f0c
501e6e561c45ee5b4d3344703256c8db41bb1a1beb66dcd15973de26ea0c205e
502cd97205649cba31150b6f37fd78c65028438cf4bad4a7bbc60ec0711de1bb
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5636dc6e0365d1aee575140d3e19a41295b41b10879ebe76a46564563a677d23
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022
58c442d8b27a0d475d79e7954c803eef7cc32fa2b94762d7c43a27728c1c4fc0
58d3e662070696cf07261a66aaa2b29c89a5bcc2514526e6eb19c71aa7d18146
5a066e57c89e4cf2ea0802c9cdcddca76e81ecbe27444e054e0d732c9f19663c
5a5678ed87a2f11f1907a6d2d76dce2073d20f6fdcdd4fa2f7530953793a7aa9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b0d1ac78f0c09d7b379a4d6db30718a3f991168ceb195b5166a737ce1612680
63714209a5703810baf8660094891ab5ee850cf8f7b455e618d57c146d5017a0
653bcde9850edeb9c388b0d546fd489aa884fb4006d59bd12401a906bb95ba39
6618dc010686090925cee7f83247ec3e172b653e90cde2034b676446bd2de569
668f42e0d474e55967b3175602a720703b6bbcda1f00d9897aad830269956938
66a98daa2ba7710ef8526045a99acb9a742f72214b9ba27f17c1b5c0fbe1deea
6771b989935dfa794a17deed9a412caceb36a4fe11a186b168ab8c09dc389ecf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6da7d3a58aff125390c0d4c65de704c3f5e8814575dc75443689d18f48b827b9
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e2f03db8e7c912eb17352c131a41470149fba42a9c2d674c79a952740454bc7
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b
83d7b11e82afabb29b5a86e940c68111d2048c43b41be89b68f3c5d45188fa5c
83f13bdf82c47961458b1871ec3517cc71f0d81a3dd45162450c925d85c725f6
845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b1ac3fe7331075d7af2da807be77785b35930ca1f4d9cb728a68ecca22a49ab
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
8fff00e4cea37cc50b900dcf559ffc48a98e276d5e9a94f9961b6b9820fa2707
924586812c11fff1043fcdc56f33f89cd7454b6fcecb8ccf3abaaffc37e0a96c
9594d8ebd07d1c8e3dfa91de55eda90aafa2dbf39005dff86e9f27e68c3a6b23
96aaaa52a09f732bf412087a74fc996f527a730cd2d62eb9630483a179beaac3
9a5787483b47c31fac3f6c511a5593cfce7c6d5fcb2b8022d441bc0975ca6e4a
9b0f508d72b0c80492449bb1c05415bcf973a7593dcb9dfd4c34d5aa206fe886
9d719d45c2b2ff03bf363a40cda3a45b743fa97fd19b809b610698807f9850d1
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a25a76398588aa00c46e293494be8d81baa977946d533994227f02018887ec57
a262a4011292c89b0b5e3c4b1f83afaee38cabc344d5a90623f41e336126d565
a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6
a454a4b3e4d023b8be1280b6b0d3c30eb86035ead2a2bc1e42e50c393f65f94c
a7bdadbdbc5d982af1dfbc9c02b8b0cdacaa166b325ad0d8d7589a985516dc03
a9cd338f0e049592083b551f5632cd6215a09cf715f3059c7ab5215665691d86
a9e21aabfb0d3fc97aa4309a5832d8a4dceaae1772e72423f2014f423de9c6d0
aa3d7c036c53cc0c40ad2617a84bf2f8901f18c1cd23ad036b0caa29e8534cd0
abf2106d020423c4d6c2d4d14a4f7e6cb19c1c782bb7d10df37e38abcfc5c688
adca4721e086e45bbc67bfa2913475050fdd84ae84c4aba1f7ef4698ee33655b
b315188d391b0a6bd0ce3891ff88dca7529e1aabe1dc1e6c0ae7b904c5a6f6c0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c1b6acd3a74df28e8d7ff204651fb7efdc7c1878b464281a25688ab83dc9ec
b5ddcca55f7bdf5fa511eb8d484d7562de92deef8adb799d081b731e65ef1a32
b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83
b9d4a90c0cb4e7b79add9c6e032ac71b90473a31acf8524de229bbae821cca19
bb22aade2f8cbfc096c09da285e2cd541e5f256b3a0890090c8a043eb6d4b147
bc8ab51796237ffaf77fe0d6f9a68d0d9653f396fb740f925ed3a778390f6457
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c101f28c086534bd16ac9fcc428b3b3bbd4d3b05cd161275d77fa5ebadcf37ce
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c2d013f9c8acf6568b1a3451a7032ffe6dc3f78d285bcb13066d118f1206c37d
c3f5b657696652d1164c1855207d3db4d3c9c208bc06088adabff95c5dc6cd8a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6395bd7d093babcfcc0f4cdc0721a605974cd9fc5d04fa2692784b39f47f463
c744600ad8c7afcc07f4f98375704353691018947a2394feccde305c747e6548
cfb1c5a8563de2b1a6a7c47ce402c759408e3639a100ea619c10a8a78ab75659
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbc4f898db1a3d2b90275940a7944e1a6bf8b65daa3fb798674a3af9837b7e6d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc26bd45cff8e8215383a82bfdfdf943541753e126401fadd54182f5a16ce8c6
de0bd9fcb54fbf3244b784fb2f44a4123e21db4e52c5fe89ff8806bc0c3eb487
e04ebdeb5f53cea1569b361d1a9e6707c8a7b542a1e7c9553eee6918649e8f08
e12e73667132b78599304c60781bcae9bb2352eec79a570b4011d1dab5395640
e28b8fa2de5f5d3adc6c7ca61ae38969d27c77303183603adf495db7069c4201
e394b8ce18c3257c0c90c751eea70255778b4fb454c5c3ee19cf0a0515e41d6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae
ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee17049557bee505d278dc8c2071846d4f3c115152fa629bf38e297bb22057e7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf
f27aa763e8b2b4b6800f1bb8dda06a2959c15326baa30ffadd070adff1125a0b
f3b5df87804320565c1355709555a83deb20e04883d66d805b8d34b638b92313
f46c4aba0827fcb0947a0bda7a76cb3662c8ff3bb8f22e2ed192731ba72c0a94
f4f00816cba425a15af1023b5fdb83da58074bc5c29c608254789f59db7da65a
f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492
f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
feeb9209142d7624172daec0b47b39b5adc0ecf62013b66659cc22cadb87300c

helm.life Open in urlscan Pro 52.43.222.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

97 %HTTPS

75 %IPv6

32 Domains

42 Subdomains

40 IPs

3 Countries

19881 kBTransfer

24729 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helm.life Open in urlscan Pro
52.43.222.191 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

97 %
HTTPS

75 %
IPv6

32
Domains

42
Subdomains

40
IPs

3
Countries

19881 kB
Transfer

24729 kB
Size

17
Cookies

147 HTTP transactions
2 data transactions