helsi.me Open in urlscan Pro
172.67.8.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helsi.zt.ua/
Effective URL:
https://helsi.me/
Submission: On November 22 via api (November 22nd 2024, 10:24:02 pm UTC) from NL — Scanned from NL

Summary HTTP 76 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 76 HTTP transactions. The main IP is 172.67.8.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is helsi.me. The Cisco Umbrella rank of the primary domain is 743930.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.

This is the only time helsi.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.149.114.21 195.149.114.21	31044 (NICUA-AS ...) (NICUA-AS TOV DERGACHI.NET)
1 32	172.67.8.57 172.67.8.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
6	143.204.210.180 143.204.210.180	16509 (AMAZON-02) (AMAZON-02)
5	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
3	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	169.150.247.38 169.150.247.38	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	49.13.254.106 49.13.254.106	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.160.151.220 35.160.151.220	16509 (AMAZON-02) (AMAZON-02)
1	74.125.71.156 74.125.71.156	15169 (GOOGLE) (GOOGLE)
3	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.83.69.42 185.83.69.42	55081 (24SHELLS) (24SHELLS)
2	192.145.111.2 192.145.111.2	207522 (mygaru_au...) (mygaru_au Mygaru OU Private Limited Company)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	138.199.37.227 138.199.37.227	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	44.219.178.132 44.219.178.132	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	138.199.37.231 138.199.37.231	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
76	22

1 195.149.114.21 (Ukraine) 1 redirects

ASN31044 (NICUA-AS TOV DERGACHI.NET, UA)
PTR: ns10.uadns.com

helsi.zt.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.67.8.57 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

helsi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.210.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-180.fra53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-247-38.bunnyinfra.net

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 49.13.254.106 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.106.254.13.49.clients.your-server.de

s.nexinsight.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4506461758029824.ingest.us.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.69.42 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.145.111.2 (Ukraine)

ASN207522 (mygaru_au Mygaru OU Private Limited Company, EE)

ident.mygaru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.227 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 138-199-37-227.bunnyinfra.net

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.219.178.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-178-132.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.231 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 138-199-37-231.bunnyinfra.net

m2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	helsi.me 1 redirects helsi.me — Cisco Umbrella Rank: 743930	2 MB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 1935	48 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	437 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
4	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 19314 s2.getsitecontrol.com — Cisco Umbrella Rank: 31569 m2.getsitecontrol.com — Cisco Umbrella Rank: 73250	127 KB
3	nexinsight.com.ua s.nexinsight.com.ua	53 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	64 B
2	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 25615	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	mygaru.com ident.mygaru.com — Cisco Umbrella Rank: 499302	607 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4906	127 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
1	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	895 B
1	adtelligent.com s.adtelligent.com — Cisco Umbrella Rank: 6192
1	sentry.io o4506461758029824.ingest.us.sentry.io	300 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1510	169 B
1	helsi.zt.ua 1 redirects helsi.zt.ua	268 B
76	19

	Domain	Requested by
32	helsi.me	1 redirects helsi.me s.nexinsight.com.ua
6	cdn.segment.com	helsi.me cdn.segment.com
5	www.googletagmanager.com	www.google-analytics.com helsi.me www.googletagmanager.com
3	s.nexinsight.com.ua	helsi.me s.nexinsight.com.ua
3	www.google-analytics.com	helsi.me www.google-analytics.com
2	events.getsitectrl.com	s.nexinsight.com.ua s2.getsitecontrol.com
2	www.facebook.com
2	ident.mygaru.com	s.nexinsight.com.ua
2	www.google.co.uk
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	l.getsitecontrol.com	www.googletagmanager.com l.getsitecontrol.com
2	www.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com s.nexinsight.com.ua
1	fonts.gstatic.com	fonts.googleapis.com
1	m2.getsitecontrol.com
1	fonts.googleapis.com	s2.getsitecontrol.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	s.adtelligent.com	s.nexinsight.com.ua
1	o4506461758029824.ingest.us.sentry.io	s.nexinsight.com.ua
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	api.segment.io	cdn.segment.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	helsi.zt.ua	1 redirects
76	25

This site contains links to these domains. Also see Links.

Domain
onelink.to
play.google.com
apps.apple.com
appgallery.cloud.huawei.com
interfax.com.ua
www.unian.net
hromadske.radio
www.youtube.com
tsn.ua
24tv.ua
kyivcity.gov.ua
ain.ua
day.kyiv.ua
forms.gle
www.facebook.com
t.me
www.instagram.com

Subject Issuer	Validity	Valid
helsi.me WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2024-03-05` - `2025-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.nexinsight.com.ua Thawte RSA CA 2018	`2024-09-23` - `2025-09-20`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2024-11-13` - `2025-12-13`	a year	crt.sh
*.google.co.uk WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-11-17` - `2025-02-15`	3 months	crt.sh
ident.mygaru.com E5	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.getsitectrl.com Amazon RSA 2048 M03	`2024-10-16` - `2025-11-15`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://helsi.me/
Frame ID: 36AA04FFCE7105BFDB9919BAEBDE3B01
Requests: 81 HTTP requests in this frame

Frame: https://helsi.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 4C3DDE158B02162D08242BCF3D9CA17A
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fhelsi.me
Frame ID: 6103E8E7B109682EDF0F77F0E51B1BFA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16653257669?random=1732314236867&cv=11&fst=1732314236867&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z8812269534za200zb812269534&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelsi.me%2F&hn=www.googleadservices.com&frm=0&tiba=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&npa=0&pscdl=noapi&auid=579246007.1732314237&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6EE17465AFE828E3E67FFC50C59DD899
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-P1HBM76S7Y&gacid=1659833299.1732314236&gtm=45je4bk0v889446162za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=396545733
Frame ID: 88380D879044E2AB0838E426CE5772E1
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=908269
Frame ID: CE189EBD13B7E152721547F538E07A93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HELSI - інформаційна система для пацієнтів

Page URL History Show full URLs

http://helsi.zt.ua/ HTTP 307
https://helsi.zt.ua/ HTTP 301
https://helsi.me/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

76
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

22
IPs

4
Countries

2882 kB
Transfer

10425 kB
Size

18
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://onelink.to/wkwkt2
Title: Застосунок HelsiШвидше, зручніше, ще більше медичних сервісів та пропозицій у застосунку

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=helsi.me

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1536904940

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/ag/n/app/C104638825

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/news/pharmacy/416659.html
Title: В медичних установах організували комп'ютерні курси, на яких, в тому числі, навчали медиків як працювати в системі Helsi.

Search URL Search Domain Scan URL

URL: https://www.unian.net/kyiv/1884289-stolichnaya-vlast-obeschaet-vvedenie-elektronnoy-sistemyi-zapisi-k-vracham-do-kontsa-goda.html
Title: В Helsi передбачили можливість використання електронних направлень у інших поліклініках та у єдиній міській системі запису на МРТ та КТ.

Search URL Search Domain Scan URL

URL: https://hromadske.radio/v-odyn-klik/yak-pidpysaty-deklaraciyu-z-simeynym-likarem
Title: «Жодних черг. До лікарів київських поліклінік можна записатися в інтернеті» (аудіо)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zAx6lgdKksY&t=4m36s
Title: Медреформа: від класичних черг до запису онлайн за 2 хвилини, в сюжеті Вікна-новини.

Search URL Search Domain Scan URL

URL: https://tsn.ua/video/video-novini/do-elektronnogo-reyestru-pidklyuchili-pershiy-centr-mediko-sanitarnoyi-dopomogi.html
Title: До електронного реєстру підключили перший центр медико-санітарної допомоги.

Search URL Search Domain Scan URL

URL: https://24tv.ua/ru/vypusk_novostej_za_2000_popytki_nasiorva_sbezhat_medicinskaja_reforma_n827056
Title: Старт медичної реформи надав можливість онлайн запису до лікарів первинної ланки.

Search URL Search Domain Scan URL

URL: https://kyivcity.gov.ua/news/do_kintsya_roku_v_medichnikh_zakladakh_stolitsi_pratsyuvatime_elektronna_sistema_zapisu_do_likariv__mikola_povoroznik.html
Title: Результати роботи системи HELSI - протягом двох місяців у Подільському районі записалися до лікарів більше 23 000 разів.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=F6zdcKSUxJw
Title: Як обрати сімейного лікаря та записатись на прийом, не виходячи з дому?Детальніше в сюжеті "Сьогодні".

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=wC0JRoi3G9I&t
Title: Пацієнтам зручніше, лікарям — менше паперової роботи. Користувачі розповідають про свій досвід роботи з Helsi.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=hcvwocXXygY
Title: Уляна Супрун перевірила як працює система Helsi.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=GZ3qZwkHsEU&t=1s
Title: Як знайти усю необхідну інформацію про лікарів, графік роботи, адреси лікарень та записатись на прийом?

Search URL Search Domain Scan URL

URL: https://ain.ua/2018/10/24/istoriya-helsi-me/
Title: Битва з чергами: як сервіс Helsi.me за два роки виріс з 7 до 23 000 пацієнтів на день.

Search URL Search Domain Scan URL

URL: https://day.kyiv.ua/uk/news/301116-u-kyyevi-na-pryyom-do-likarya-mozhna-bude-zapysatysya-onlayn
Title: З січня 2016 року в Подільському районі столиці запустять "пілотний" проект щодо електронного запису на прийом до лікарів.

Search URL Search Domain Scan URL

URL: https://forms.gle/s9NUnWWxSuNDayuAA
Title: Заповнити заявку

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=helsi.me&referrer=utm_source%3Dhelsi.me%26utm_medium%3Dfooter%26utm_content%3Dbutton%26utm_campaign%3Ddownload

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1536904940?pt=122158482&ct=helsi.me_footer_download&mt=8

Search URL Search Domain Scan URL

URL: https://www.facebook.com/helsi.me

Search URL Search Domain Scan URL

URL: https://t.me/helsiua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@helsime/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helsi_ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helsi.zt.ua/ HTTP 307
https://helsi.zt.ua/ HTTP 301
https://helsi.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://helsi.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://helsi.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

76 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
helsi.me/
Redirect Chain

http://helsi.zt.ua/
https://helsi.zt.ua/
https://helsi.me/

32 KB
17 KB

226ms
191ms

Document
text/html

172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f20998cbbfc623f281a56841955a40761572748975fe3c057a6dedb00a432b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e6c53a0abff6709-AMS
content-encoding: br
content-type: text/html
date: Fri, 22 Nov 2024 22:23:55 GMT
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 22 Nov 2024 22:23:54 GMT
location: https://helsi.me
server: nginx
x-content-type-options: nosniff

GET
H2 200 open-sans-v20-latin_cyrillic-600.woff2
helsi.me/fonts/OpenSans/ 20 KB
20 KB 178ms
177ms Font
font/woff2 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/fonts/OpenSans/open-sans-v20-latin_cyrillic-600.woff2

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78f73da8940662f16aeb2c7e2bec94f5f2d266377263eb48f8bab2b6cf51af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://helsi.me
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-4eb4"
x-content-type-options: nosniff
cf-ray: 8e6c53a1ed766709-AMS
accept-ranges: bytes
content-length: 20148
date: Fri, 22 Nov 2024 22:23:55 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 open-sans-v20-latin_cyrillic-regular.woff2
helsi.me/fonts/OpenSans/ 19 KB
19 KB 59ms
59ms Font
font/woff2 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/fonts/OpenSans/open-sans-v20-latin_cyrillic-regular.woff2

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdb2e46ce7be00273368a16d259335bef2f15bd6acae757728f451ef54897a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://helsi.me
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-4c38"
x-content-type-options: nosniff
cf-ray: 8e6c53a1fd776709-AMS
accept-ranges: bytes
content-length: 19512
date: Fri, 22 Nov 2024 22:23:55 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 main.7a0a5bc4.js Show response
helsi.me/static/js/ 7 MB
1 MB 149ms
149ms Script
application/javascript 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/js/main.7a0a5bc4.js

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ef0b49c3e6545b3addb381877355207c57f1d753781a27470bcc3e90a2893a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-6ca0ae"
x-content-type-options: nosniff
cf-ray: 8e6c53a21d986709-AMS
date: Fri, 22 Nov 2024 22:23:55 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 main.1188c941.css
helsi.me/static/css/ 244 KB
50 KB 174ms
173ms Stylesheet
text/css 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/css/main.1188c941.css

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc773890952ae39b5a8a3f63e79c6d50b8bb985e3406d9cb2f23407ba0919c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-3cfdb"
x-content-type-options: nosniff
cf-ray: 8e6c53a21d976709-AMS
date: Fri, 22 Nov 2024 22:23:55 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 open-sans-v20-latin_cyrillic-700.woff2
helsi.me/fonts/OpenSans/ 20 KB
20 KB 63ms
63ms Font
font/woff2 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/fonts/OpenSans/open-sans-v20-latin_cyrillic-700.woff2

Requested by

Host: helsi.me
URL: https://helsi.me/static/css/main.1188c941.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e614839f256c977b2d3f601dbe79b1436bed57e825531b25b10ca22d187af74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://helsi.me
Referer: https://helsi.me/static/css/main.1188c941.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-4f1c"
x-content-type-options: nosniff
cf-ray: 8e6c53a3bf596709-AMS
accept-ranges: bytes
content-length: 20252
date: Fri, 22 Nov 2024 22:23:55 GMT
content-type: font/woff2
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca72e8a9a794912b9debdbaf248b5237b3b7fe216cadf0387e528f67c9aad27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
19ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: gzip
age: 3230
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 23:30:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 21:30:06 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/ 106 KB
30 KB 68ms
21ms Script
text/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js
Requested by: Host: helsi.me
URL: https://helsi.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c54658f558fd91e50f7bd8f231580b161f0c6e991c6b36e9157da7bff53743

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: SV_gPNkespoBe6bJaNPh8cqwyHFtHA6G
etag: W/"7c507034340efc5778a7d99ecac53255"
age: 26
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: UijmEoSDd0ZoOINiEM1jqPSklzhzSIt1CTLM9EBLCB5D3MrJmN0v7Q==
date: Fri, 22 Nov 2024 22:23:31 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Tue, 05 Nov 2024 20:48:42 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

main.js Show response
helsi.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 4C3D
Redirect Chain

https://helsi.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://helsi.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

20ms
20ms

Script
application/javascript

172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

379c429e07a0ddc39f73d177306ef54405538bf44cdabe8b0be246e7f93edec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-ray: 8e6c53a8eca96709-AMS
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare
x-content-type-options: nosniff

Redirect headers

cf-ray: 8e6c53a89c5f6709-AMS
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
content-length: 0
access-control-allow-origin: *
date: Fri, 22 Nov 2024 22:23:56 GMT
server: cloudflare

POST
H2 200 8e6c53a0abff6709 Show response
helsi.me/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4C3D 0
604 B 41ms
36ms XHR
text/plain 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helsi.me/cdn-cgi/challenge-platform/h/g/jsd/r/8e6c53a0abff6709
Requested by: Host: helsi.me
URL: https://helsi.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e6c53a99d5f6709-AMS
content-length: 0
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/ 1 KB
1 KB 58ms
19ms Fetch
application/json 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60def6dac47fabbf12c32ae1c2fe47f8615fc85e0a7aa97ea9c73029dacd6ba0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: Znk.aKrBRSSxieR2_n2uOTbjPR_xy3Hc
etag: W/"fe5ca6026fe0fa305898b8ad20c401e1"
age: 5438
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: QAckGpH9tHAzuJ3cW6myFElpg6hDLQEV61WMjX33gs6lhfsTnfguzA==
date: Fri, 22 Nov 2024 20:53:19 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 21:32:41 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
429 B 29ms
28ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1374980667&t=pageview&_s=1&dl=https%3A%2F%2Fhelsi.me%2F&ul=nl-nl&de=UTF-8&dt=HELSI.me%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BC%D0%B5%D0%B4%D0%B8%D1%87%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%BB%D1%96%D0%BA%D0%B0%D1%80%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1054866079&gjid=1721189651&cid=1659833299.1732314236&tid=UA-88433272-1&_gid=783313755.1732314236&_r=1&_slc=1&z=292196255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

bd07c6f7723d51e773ee0b8b62861b9540357ff5a1d7d11f903c18e3294bea31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://helsi.me/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://helsi.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 configurations Show response
helsi.me/api/ 210 B
307 B 62ms
62ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/configurations

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032df1214307b8dde04176333c8c406cb2c78860f0653f83584b1b497f692d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
cache-control: no-cache, no-store
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53a9bd7e6709-AMS
expires: Fri, 22 Nov 2024 22:23:55 GMT
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 favicon.ico
helsi.me/ 1 KB
408 B 58ms
57ms Other
image/x-icon 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01fd69511e03a6871465cb01ceb0483c3e9dc07e5d468e8af6f1638466499a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"673ca21a-47e"
x-content-type-options: nosniff
cf-ray: 8e6c53a9bd826709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/x-icon
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
103 KB 84ms
40ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVB86JBPHT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

335b3265c3bb3efacf6978db5807af9ec5df7e564fe55d5d28d3e5e26df25a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 22:23:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105231
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
4 KB 21ms
20ms Script
application/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: 7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age: 5609794
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Lx2p9vIIGa96ciTWrf_KjPB5r8zeFdjZLo_j_6U6Wd5n03_hqTY8Rw==
date: Thu, 19 Sep 2024 00:07:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 306 KB
107 KB 60ms
60ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: helsi.me
URL: https://helsi.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8d79613d61845db18f131b39f260d0175c669e6bc06500add760d5a7cfa906f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 22 Nov 2024 22:23:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109652
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 5001.47bc739e.chunk.js Show response
helsi.me/static/js/ 105 KB
34 KB 61ms
60ms Script
application/javascript 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/js/5001.47bc739e.chunk.js

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7c1e73927f941ec62be5a1d16df3dd187335881c968cb0db662cc7c373980ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-1a3c3"
x-content-type-options: nosniff
cf-ray: 8e6c53aa6e156709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 9562.1f41d077.chunk.js Show response
helsi.me/static/js/ 26 KB
7 KB 65ms
64ms Script
application/javascript 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/js/9562.1f41d077.chunk.js

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3af9f07ac294715ef4e9004328f412dec9c8ce51e09707260f2c6b909330ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-692b"
x-content-type-options: nosniff
cf-ray: 8e6c53aa6e166709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 MainPage.8363ecaa.chunk.css
helsi.me/static/css/ 33 KB
6 KB 52ms
52ms Stylesheet
text/css 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/css/MainPage.8363ecaa.chunk.css

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33aceb545369255750beea894fcc56fe9dbb8482fd31dd907ef943bf0e6f6719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-8494"
x-content-type-options: nosniff
cf-ray: 8e6c53aa6e146709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 MainPage.f6a53439.chunk.js Show response
helsi.me/static/js/ 101 KB
31 KB 66ms
65ms Script
application/javascript 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/static/js/MainPage.f6a53439.chunk.js

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f095329f7d33e1eb438fc504b4e23025d2d672cb40303864d0db67aa457ee8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca2df-1940e"
x-content-type-options: nosniff
cf-ray: 8e6c53aa6e176709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 helsi-logo.svg
helsi.me/img/ 5 KB
2 KB 154ms
154ms Image
image/svg+xml 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/helsi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8994e41bc1f603f16038ca07a13f59e7ec8fc4e116be484a210c964388b81c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca21a-12f8"
x-content-type-options: nosniff
cf-ray: 8e6c53aa6e1f6709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
x-frame-options: sameorigin

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7483a4f5f982ea1da9fe35169e2a98516ed65bfe583f9eccb2553809affbc97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 19ms
19ms Script
application/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age: 5778746
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 1y4RCbwMLYaRRlDYhi04rC1i0VkU_PQi0x09wRNYMVEGQsmfAXIAoA==
date: Tue, 17 Sep 2024 01:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 5843404183e0e2708588.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
3 KB 20ms
19ms Script
application/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/5843404183e0e2708588.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a773b748dfb8e650581f83aa0710f5bc72111a50ff444a178130966baf5abb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: BeGlCrnSBKmhmvU_3R1b2iilDSnSLIoO
etag: W/"bfcaa2bd88528e167572b789dfee5aa2"
age: 75080
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: _alzAfmm2W4UpeUSi4MHubrKwP-D7rIqqT9P17wHxwHXhmwHacu1gg==
date: Fri, 22 Nov 2024 01:32:37 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Mon, 11 Nov 2024 15:56:40 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 449cd4534726259c2a8c.js Show response
cdn.segment.com/next-integrations/actions/845/ 28 KB
9 KB 21ms
21ms Script
application/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/449cd4534726259c2a8c.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/5843404183e0e2708588.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c664e784d6cba355616ea0a6eb59603579a7b0e49fc4b9595264ba736aeccb4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: dPSbnhR_PxYlXl5ryq0tSp5dsfnivMuk
etag: W/"4e4e40c0ccc652a7cc4cef7c2146c1f5"
age: 64464
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 4EjtIdipVljj5kIKUv9uKeqvoBVLnT-EFJQ4ul4LDD-TaN7e9wmc1w==
date: Fri, 22 Nov 2024 04:29:33 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Mon, 11 Nov 2024 15:56:38 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 55ms
18ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVB86JBPHT&gtm=45je4bk0v9125951397za200&_p=1732314236450&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=nl-nl&sr=1600x1200&cid=1659833299.1732314236&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhelsi.me%2F&dt=HELSI.me%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BC%D0%B5%D0%B4%D0%B8%D1%87%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%BB%D1%96%D0%BA%D0%B0%D1%80%D1%96%D0%B2&sid=1732314236&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVB86JBPHT&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://helsi.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 69ms
27ms Ping
text/plain 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fhelsi.me%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=905625486.1732314237&auid=579246007.1732314237&npa=0&gtm=45He4bk0v812269534za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732314236691&tfd=1973&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 425 KB
134 KB 46ms
45ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P1HBM76S7Y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

18c0d877a96047614f5eebcec995995317c8f246eaec7bfd31ed6c4d1a70515d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 22:23:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137316
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 40ms
39ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16653257669&l=dataLayer&cx=c&gtm=45He4bk0v812269534za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b44e94e64c72381593113d94fb6cf49f670bd626087070ac99a8ea28ae36203e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 22:23:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93967
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 z4q69r9w.js Show response
l.getsitecontrol.com/ 433 B
1 KB 65ms
19ms Script
text/javascript 169.150.247.38
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/z4q69r9w.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 76741698143b2be73fbc649486a2d08d764b7efb71dab6fe9b198989d10d9fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "4ae0ff632be0401dfd797f62f9ee9a7d"
date: Fri, 22 Nov 2024 22:23:56 GMT
last-modified: Tue, 12 Nov 2024 10:15:49 GMT
cdn-cachedat: 11/20/2024 16:52:58
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-amz-id-2: /7tJXtpMQQohS96bQUe7zf55jHNMbZeJrGWhdDSpaP4zC8SVBoSGt96DjX4gtHagRYu8n2OJqpQ=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: public, max-age=0
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid: 2df9896e0b5e0ab46ac87975db581e33
cross-origin-resource-policy: cross-origin
cdn-pullzone: 89704
cdn-proxyver: 1.06
x-amz-request-id: 169R83EDHACH4HJX
access-control-allow-origin: *
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: NL
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 45ms
20ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-rnfvl1av' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-rnfvl1av' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4431, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0+lt8tNbgB/ayfCL7ZSmr39a3z21z60ohTPzEkEkL6F2D2jVx/5XAV4sAUjbgYi65SZQ2Zb/bvGcMF5Ka7VG0g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK / Show response
s.nexinsight.com.ua/ 171 KB
53 KB 104ms
42ms Script
text/javascript 49.13.254.106
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Requested by: Host: helsi.me
URL: https://helsi.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.13.254.106 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.106.254.13.49.clients.your-server.de
Software: NexInsight /
Resource Hash: edd39fc0273a47bdbbf0c5701d1eca3d9b6d281ee06c05d30b46faa9fc038f64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

X-Robots-Tag: noindex
Cache-Control: no-cache, no-store, must-revalidate;
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Expires: Thu, 21 Nov 2024 22:23:56 GMT
Access-Control-Allow-Origin: https://helsi.me
Content-Length: 53382
Date: Fri, 22 Nov 2024 22:23:56 GMT
Content-Type: text/javascript
Server: NexInsight

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 6103 0
0 62ms
19ms Document
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fhelsi.me

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7P8HN&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 265554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 20:38:02 GMT
expires: Wed, 19 Nov 2025 20:38:02 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 welcome_desktop.avif
helsi.me/img/juneHelsiPlusLanding/ 25 KB
25 KB 52ms
51ms Image
image/avif 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/juneHelsiPlusLanding/welcome_desktop.avif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71351a788efb7e2d849d447bc7255959be880822e7579f336eb45c6df958f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-651a"
x-content-type-options: nosniff
cf-ray: 8e6c53abaf696709-AMS
accept-ranges: bytes
content-length: 25882
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/avif
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 olha_yaroshenko.png
helsi.me/img/page-main/ 29 KB
29 KB 62ms
61ms Image
image/png 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/page-main/olha_yaroshenko.png

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95966c1c217bc21e1cb587e6c22f01bbb187f88c37a564b713b63ae53268bc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"673ca21a-72b5"
x-content-type-options: nosniff
cf-ray: 8e6c53abcf7c6709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
x-frame-options: sameorigin

GET
H2 200 search-doctors_bg.2d2cf52ba934e9d2a87f.png
helsi.me/static/media/ 74 KB
73 KB 23ms
23ms Image
image/png 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/static/media/search-doctors_bg.2d2cf52ba934e9d2a87f.png

Requested by

Host: helsi.me
URL: https://helsi.me/static/css/MainPage.8363ecaa.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb63b94b664edeea4580cf23ee77523ceaee95b3d3339f2453c5a4ee9ae6addc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/static/css/MainPage.8363ecaa.chunk.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=1800
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673ca2df-12750"
age: 33395
x-content-type-options: nosniff
cf-ray: 8e6c53abef986709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 19 Nov 2024 14:38:23 GMT
x-frame-options: sameorigin

GET
H2 200 statistics Show response
helsi.me/api/healthy/ 260 B
277 B 58ms
57ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/healthy/statistics

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47264f380e91054c25a95b0ef4c59a419e0fade5aac5e2d79776ef293f1c863d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53ac0fb96709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 list Show response
helsi.me/api/pa/ext/pharm/cart/ 88 B
132 B 68ms
67ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/pa/ext/pharm/cart/list?ver=2

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91a8f0fc6953e868ac922067a8fdf5ada6f48aa763aac4238008ea2cf8e34861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

TemporarySID: f88710b3-dd4c-46d4-9929-a18bd13d68b3
Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53ac0fc26709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/json; charset=utf-8
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 webHomepageFunnel Show response
helsi.me/api/content/TechnicalSettings/ 150 KB
107 KB 55ms
55ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/content/TechnicalSettings/webHomepageFunnel

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ef706e9471a5a6eea0be6e6cb361acd90191d07ba2cdf334eaca36be40ac87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53ac1fcd6709-AMS
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 banner Show response
helsi.me/api/ad/pis/desktop/ 851 B
553 B 175ms
175ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/ad/pis/desktop/banner?useInventory=true&placementCode=banner_12&userId=1659833299.1732314236

Requested by

Host: helsi.me
URL: https://helsi.me/static/js/main.7a0a5bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d96cd9b973e8ea1a1ef9c69a87cc4b8caca7f0374e99aa73b0be0e81ea14bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53ac68066709-AMS
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16653257669/ 6 KB
2 KB 82ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16653257669/?random=1732314236867&cv=11&fst=1732314236867&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z8812269534za200zb812269534&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelsi.me%2F&hn=www.googleadservices.com&frm=0&tiba=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&npa=0&pscdl=noapi&auid=579246007.1732314237&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16653257669&l=dataLayer&cx=c&gtm=45He4bk0v812269534za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5704ba3b0003c21e4548839030a43df45162a2eb3ec547046ad02c238fc2a1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2399
date: Fri, 22 Nov 2024 22:23:56 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16653257669
td.doubleclick.net/td/rul/ Frame 6EE1 0
0 91ms
36ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16653257669?random=1732314236867&cv=11&fst=1732314236867&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z8812269534za200zb812269534&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelsi.me%2F&hn=www.googleadservices.com&frm=0&tiba=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&npa=0&pscdl=noapi&auid=579246007.1732314237&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16653257669&l=dataLayer&cx=c&gtm=45He4bk0v812269534za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helsi.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 22:23:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 step_1.webp
helsi.me/img/v2_landings/ 13 KB
13 KB 60ms
58ms Image
image/webp 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/v2_landings/step_1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5256bd1e1db46e3575cf9d8361bd03d95337f984a9ca43c0da857a0844a07d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-34d6"
x-content-type-options: nosniff
cf-ray: 8e6c53acd8776709-AMS
accept-ranges: bytes
content-length: 13526
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/webp
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 step_2.webp
helsi.me/img/v2_landings/ 16 KB
16 KB 74ms
72ms Image
image/webp 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/v2_landings/step_2.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e0835e005d2d5d159f30848aa6d776ffbd5e393d732bf8861a16a1db85834e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-4006"
x-content-type-options: nosniff
cf-ray: 8e6c53acd8796709-AMS
accept-ranges: bytes
content-length: 16390
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/webp
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 step_3.webp
helsi.me/img/v2_landings/ 14 KB
14 KB 74ms
73ms Image
image/webp 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helsi.me/img/v2_landings/step_3.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da3a5de5e9807f60fca8bd559df6d868ff5d3f3b5f2f0d66760fa7991f7d4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
etag: "673ca21a-384a"
x-content-type-options: nosniff
cf-ray: 8e6c53acd87b6709-AMS
accept-ranges: bytes
content-length: 14410
date: Fri, 22 Nov 2024 22:23:56 GMT
content-type: image/webp
last-modified: Tue, 19 Nov 2024 14:35:06 GMT
server: cloudflare
x-frame-options: sameorigin

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
169 B 541ms
175ms Fetch
application/json 35.160.151.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pG13ZnV3rHI1ToAaHkR2dp2xqgDsBDSu/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-151-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://helsi.me
content-length: 21
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: application/json
vary: Origin

GET
H2 200 z4q69r9w.json Show response
l.getsitecontrol.com/ 74 KB
5 KB 211ms
163ms XHR
application/json 169.150.247.38
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/z4q69r9w.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/z4q69r9w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: b812b8c7e155091ffa517ede709ea330ee111790aa94c382f7d108673b61318c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cdn-status: 200
access-control-max-age: 3000
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "a02c52046e143aa7b4a04138e1f96bd0"
access-control-allow-methods: GET, HEAD
date: Fri, 22 Nov 2024 22:23:57 GMT
last-modified: Tue, 12 Nov 2024 10:15:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cdn-cache: REVALIDATED
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: U53HN2qCS36UU/QNgSS/iGLKrhLFg0QYE7NUVbfXletTSNMDfojdtm85nCi2+/1pJMYBV1z3PRw=
cdn-cachedat: 11/12/2024 10:15:55
cache-control: public, max-age=0
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-requestpullcode: 200
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid: e39ff09b708d5006eb348f21eba982ba
cross-origin-resource-policy: cross-origin
cdn-pullzone: 89704
cdn-proxyver: 1.06
x-amz-request-id: TDW4MNDY8048PETN
access-control-allow-origin: *
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1081
cdn-requestcountrycode: NL
x-amz-server-side-encryption: AES256

GET
H3 200 822362872778482 Show response
connect.facebook.net/signals/config/ 72 KB
15 KB 23ms
23ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/822362872778482?v=2.9.176&r=stable&domain=helsi.me&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

0596de03196be6a381716c3007b631ef2f41a70498a358130757ae5d1768ee9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-5xEoF4hk' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5xEoF4hk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=77, mss=1232, tbw=70883, tp=67, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: XkU9xC3y9agPvMvRbZ9SlEX9s5kid7RARyfak5D5HGRXseMGp8GrB2UdjNctMnS1ybJyldRmhGXK08rl9XcD0w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15114
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 22ms
16ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P1HBM76S7Y&gtm=45je4bk0v889446162za200&_p=1732314236450&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1659833299.1732314236&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732314237&sct=1&seg=0&dl=https%3A%2F%2Fhelsi.me%2F&dt=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2323
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1HBM76S7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://helsi.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
549 B 67ms
21ms Ping
text/plain 74.125.71.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P1HBM76S7Y&cid=1659833299.1732314236&gtm=45je4bk0v889446162za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1HBM76S7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.71.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wn-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://helsi.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8838 0
0 35ms
35ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-P1HBM76S7Y&gacid=1659833299.1732314236&gtm=45je4bk0v889446162za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=396545733

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1HBM76S7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helsi.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 22:23:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 89ms
46ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P1HBM76S7Y&cid=1659833299.1732314236&gtm=45je4bk0v889446162za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2042352650

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 22:23:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 / Show response
o4506461758029824.ingest.us.sentry.io/api/4507729579016192/envelope/ 2 B
300 B 63ms
18ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4506461758029824.ingest.us.sentry.io/api/4507729579016192/envelope/?sentry_key=1f860d66c31f92bda7a893ba221bd26c&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.93.0

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame CE18 0
0 70ms
17ms Document
text/html 185.83.69.42
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=908269
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.42 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash

Request headers

Referer: https://helsi.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://helsi.me
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 494
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Nov 2024 22:23:56 GMT
Permissions-Policy: browsing-topics=()
Server: Adtelligent
X-Robots-Tag: noindex
X-Server-Ip: 185.83.69.42
X-Server-Name: ads52
X-Tte: 79

POST
H/1.1 202
Accepted /
s.nexinsight.com.ua/ 0
390 B 28ms
27ms Ping
text/plain 49.13.254.106
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&e=i&cur=https%3A%2F%2Fhelsi.me%2F&ref=&lt=364
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.13.254.106 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.106.254.13.49.clients.your-server.de
Software: NexInsight /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

X-Robots-Tag: noindex
Cache-Control: no-cache, no-store, must-revalidate;
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Expires: Thu, 21 Nov 2024 22:23:57 GMT
Access-Control-Allow-Origin: https://helsi.me
Content-Length: 0
Date: Fri, 22 Nov 2024 22:23:57 GMT
Server: NexInsight

GET
H/1.1 200
OK id Show response
ident.mygaru.com/v2/ 138 B
607 B 47ms
47ms Fetch
application/json 192.145.111.2
mygaru_au Mygaru ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ident.mygaru.com/v2/id?p=81ca0eb9-84ac-4e23-97ea-36589ec41444
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.145.111.2 , Ukraine, ASN207522 (mygaru_au Mygaru OU Private Limited Company, EE),
Reverse DNS
Software: MyGaru /
Resource Hash: b6e75e52a15c8364d7e697d49608507be06cba6fe598a12fb60f4adc60e806f9

Request headers

Referer: https://helsi.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

Connection: Keep-Alive
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Access-Control-Allow-Origin: https://helsi.me
Content-Length: 138
Date: Fri, 22 Nov 2024 22:23:56 GMT
Content-Type: application/json
Server: MyGaru

OPTIONS
H/1.1 200
OK id
ident.mygaru.com/v2/ Frame 0
0 159ms
45ms Preflight 192.145.111.2
mygaru_au Mygaru ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ident.mygaru.com/v2/id?p=81ca0eb9-84ac-4e23-97ea-36589ec41444
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.145.111.2 , Ukraine, ASN207522 (mygaru_au Mygaru OU Private Limited Company, EE),
Reverse DNS
Software: MyGaru /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://helsi.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: OPTIONS,GET,POST,PUT,DELETE
Access-Control-Allow-Origin: https://helsi.me
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 22 Nov 2024 22:23:56 GMT
Server: MyGaru

GET
H2 200 ec7de815-639f-4279-ba8e-21e48bd25eeb
helsi.me/media/ 35 KB
35 KB 41ms
37ms Image
image/jpeg 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helsi.me/media/ec7de815-639f-4279-ba8e-21e48bd25eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa51a5d02603e7aefbe6c9e472c042dd82b4f4b2237dba85be5b73d91701692a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

x-cache-status: HIT
server: cloudflare
cache-control: max-age=1800
cf-bgj: h2pri
cf-cache-status: HIT
age: 44874
cf-ray: 8e6c53ae39fb6709-AMS
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: image/jpeg
content-disposition: attachment; filename=banner_12__1057x96__115163147.jpg; filename*=UTF-8''banner_12__1057x96__115163147.jpg
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 09:39:16 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed12fc80b609aaafb46fa25684cac4b958a301fa5871e74567a884125bfc4d91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8671c0490e92d9eec96cee982d457d89bea45e854ce9da74e60d8672a71e8896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aec2a6f936ad1fb42cbdf4ca315a068cf05f1e077c0769eb2203760a2e8c5c1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c63810d3d254e72ff2ecacaefbffadbd4ece5bda0462e8774eb60d2d485c62f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbeaea2e0ffb90709810009f8d94c5f6f54918d049f44703489032e2435824f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf65ca96e4224cc062eb6de1d150effc49acdf8fd256d08d0fe87e2b9ec08fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34fd7ff662fba240405e23e77ffdaa48ef448519613100feea8952c582342b89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90eb30ec2d4703c96b0fb9e238c18cb50fe09aa5bd6c045415125060b361d66d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 /
www.google.com/pagead/1p-user-list/16653257669/ 42 B
64 B 34ms
33ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16653257669/?random=1732314236867&cv=11&fst=1732312800000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z8812269534za200zb812269534&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelsi.me%2F&hn=www.googleadservices.com&frm=0&tiba=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&npa=0&pscdl=noapi&auid=579246007.1732314237&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dcOr9hY-BbecbFA8ayg2lcaxco7GZEA&random=2537130725&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 22:23:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/16653257669/ 42 B
64 B 32ms
31ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/16653257669/?random=1732314236867&cv=11&fst=1732312800000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z8812269534za200zb812269534&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fhelsi.me%2F&hn=www.googleadservices.com&frm=0&tiba=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&npa=0&pscdl=noapi&auid=579246007.1732314237&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dcOr9hY-BbecbFA8ayg2lcaxco7GZEA&random=2537130725&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 22:23:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 42ms
20ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=822362872778482&ev=PageView&dl=https%3A%2F%2Fhelsi.me&rl=&if=false&ts=1732314237174&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1732314237173.611141234227063004&pm=1&hrl=00b537&ler=empty&cdl=API_unavailable&it=1732314236985&coo=false&tm=1&cs_cc=1&cas=7819011924873461%2C6655507981185426&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4475, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 286ms
264ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=822362872778482&ev=PageView&dl=https%3A%2F%2Fhelsi.me&rl=&if=false&ts=1732314237174&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1732314237173.611141234227063004&pm=1&hrl=00b537&ler=empty&cdl=API_unavailable&it=1732314236985&coo=false&tm=1&cs_cc=1&cas=7819011924873461%2C6655507981185426&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440232996425817088"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: cCYpA3BscIAC+zLbsaPg9f5lvQpOHBaPOfKOWAdBTBMJlkXgzWbwTA3iq18lb6qMtXPm70zSByNT4u3oED55Yg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440232996425817088", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4843, tp=13, tpl=0, uplat=245, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 runtime.0e5d0b4.js Show response
s2.getsitecontrol.com/widgets/es6/ 153 KB
50 KB 72ms
25ms Script
text/javascript 138.199.37.227
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/z4q69r9w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 138-199-37-227.bunnyinfra.net
Software: BunnyCDN-DE1-860 /
Resource Hash: c7414c792b8c81e73b4281d4001e3123be930980614857d15ecebe7da7f42d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "9e19b6354dff8d3da3d88d0d265e7f5c"
date: Fri, 22 Nov 2024 22:23:57 GMT
last-modified: Mon, 13 May 2024 16:16:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: DkkIwfAhDt5aRtdVWxAjxuYkul6Rh4m+lK2oca9LO3I2HA9uVFFVJRYo0LKoW7zfjJyPYZODXJa9b9Q02ssTGI9//iN7Vv5r5D+P8LkoDlI=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=22809600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid: 2963d9e744ad7ad93499845e6be32edc
cross-origin-resource-policy: cross-origin
cdn-pullzone: 83560
cdn-proxyver: 1.04
x-amz-request-id: Y1CPMDA9NFF5WNET
access-control-allow-origin: *
cdn-cachedat: 09/24/2024 07:52:56
cdn-edgestorageid: 755
server: BunnyCDN-DE1-860
cdn-requestcountrycode: NL
x-amz-server-side-encryption: AES256

POST
H/1.1 202
Accepted /
s.nexinsight.com.ua/ 0
390 B 57ms
57ms Ping
text/plain 49.13.254.106
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&e=ident&otp=bSMBuV8wbODg6nUvDCQxdCEbZrx9mCW7Wbn5luolHDz8rMvWRdRgSSoLqIocvuh897p%2FWdqjstM9VNmR8g%3D%3D
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 49.13.254.106 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.106.254.13.49.clients.your-server.de
Software: NexInsight /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

X-Robots-Tag: noindex
Cache-Control: no-cache, no-store, must-revalidate;
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Expires: Thu, 21 Nov 2024 22:23:57 GMT
Access-Control-Allow-Origin: https://helsi.me
Content-Length: 0
Date: Fri, 22 Nov 2024 22:23:57 GMT
Server: NexInsight

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ 588 B
836 B 304ms
100ms Fetch
text/plain 44.219.178.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.178.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-178-132.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: 15c3e63256f4274f2de9a64e087f9cc745b9864921da4eafaac43a21841f4ebb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-length: 588
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: text/plain; charset=utf-8
server: Getsitecontrol
access-control-allow-headers: Content-Type,X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ 2 KB
895 B 73ms
27ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sora:400,700,900&display=swap

Requested by

Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

6b6132cfde9648b15f62a60a1225dd174b2095ef881b396a4b48bd102a81bd84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 22:23:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 22:02:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 0ba438e03a5bc19828fc533ece3db7d5_310939714.png
m2.getsitecontrol.com/images/253952/ 69 KB
70 KB 78ms
22ms Image
image/webp 138.199.37.231
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.getsitecontrol.com/images/253952/0ba438e03a5bc19828fc533ece3db7d5_310939714.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 138-199-37-231.bunnyinfra.net
Software: BunnyCDN-DE1-863 /
Resource Hash: 2713d591f7cfaf2477679b545630ebec42f9c192a05e1ef811cdda096a50f0b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-downloadsize: 657113
x-bo-version: 1.0.26
x-bo-server: DE-152
x-bo-compressionratio: 89.3%
x-bo-processingtime: 83
date: Fri, 22 Nov 2024 22:23:57 GMT
content-type: image/webp
x-bo-origindownloadtime: 681
cdn-cachedat: 11/22/2024 16:06:38
last-modified: Fri, 22 Nov 2024 16:06:40 GMT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cdn-requestid: d586a69df8d3d9a6c6bea4a4493460b1
cdn-pullzone: 84985
cdn-proxyver: 1.06
access-control-allow-origin: *
content-length: 70332
cdn-edgestorageid: 722
server: BunnyCDN-DE1-863
cdn-requestcountrycode: NL

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5fdfc11363d356caf899a2843762b92a29c86ea2c8ff5d6b4987567b10de8ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v12/ 24 KB
25 KB 49ms
20ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v12/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sora:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://helsi.me
Referer: https://fonts.googleapis.com/

Response headers

age: 260344
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 22:04:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 22:04:53 GMT
last-modified: Wed, 13 Sep 2023 22:16:06 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25064
x-xss-protection: 0
server: sffe

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 20ms
20ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1374980667&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhelsi.me%2F&ul=nl-nl&de=UTF-8&dt=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=getsitecontrol&ea=show&el=%D0%94%D0%B0%D0%B9%D0%B4%D0%B6%D0%B5%D1%81%D1%82%20%D0%BB%D0%B8%D1%81%D1%82%D0%BE%D0%BF%D0%B0%D0%B4%20%23429461&_u=KHBAAEABAAAAACAAI~&jid=&gjid=&cid=1659833299.1732314236&tid=UA-88433272-1&_gid=783313755.1732314236&z=2019511813

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

age: 23869
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 15:46:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H2 202 events
events.getsitectrl.com/api/v1/ 0
244 B 296ms
99ms Ping
text/plain 44.219.178.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events?ts=1732314237805&sid=64d57e629b864417&t=1732314237.08f7d4d13dfb774c7528e01fbd3c5c45.a24d5c45e4c8a5394a72724b419f6ae6&s=ebe2e36c5d75ae76996c67a9a232fd3c
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.178.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-178-132.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://helsi.me/

Response headers

cache-control: private, no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-length: 0
date: Fri, 22 Nov 2024 22:23:58 GMT
server: Getsitecontrol
access-control-allow-headers: Content-Type,X-Requested-With

GET
H2 200 city Show response
helsi.me/api/ 4 B
91 B 53ms
52ms XHR
text/plain 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/city

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53b569df6709-AMS
content-length: 4
date: Fri, 22 Nov 2024 22:23:58 GMT
content-type: text/plain
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 specialities Show response
helsi.me/api/healthy/ 130 KB
41 KB 62ms
62ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/healthy/specialities

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5483fb5e052fb7c94f47e064bcfb86d671ea01bc5ff9cef295ed9237566ad24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53b579e16709-AMS
date: Fri, 22 Nov 2024 22:23:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 settlements Show response
helsi.me/api/addressservice/ 2 KB
629 B 58ms
58ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/addressservice/settlements?search=*&showcaseOnly=true

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c97e7450154fb012312fecfb55ae87dc23e404d2695c219f6949523cf7465b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53b579e96709-AMS
date: Fri, 22 Nov 2024 22:23:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 settlements Show response
helsi.me/api/addressservice/ 2 KB
489 B 62ms
62ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/addressservice/settlements?search=%D0%9A%D0%B8%D1%97%D0%B2

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc30377acbe22f52bb7e7fe1dabaa0929926790957f9aa926f3752c4be5584a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53b5da3a6709-AMS
date: Fri, 22 Nov 2024 22:23:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: sameorigin

GET
H2 200 1 Show response
helsi.me/api/addressservice/settlements/ 139 B
169 B 66ms
66ms XHR
application/json 172.67.8.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helsi.me/api/addressservice/settlements/1

Requested by

Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.8.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8299ba1f156b15f9c62d416e68b23b7cbbdffcf7d596e1447a8dc8d65326fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://helsi.me/
Accept-Language: uk
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-version: 12
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6c53b64aa56709-AMS
date: Fri, 22 Nov 2024 22:23:58 GMT
content-type: application/json; charset=utf-8
server: cloudflare
x-frame-options: sameorigin

GET
DATA 200
OK truncated
/ 375 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d71c414a12227577ed779634db066f16c70f82b5ad76e9480a4735697fb51365

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 19ms
18ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVB86JBPHT&gtm=45je4bk0v9125951397za200&_p=1732314236450&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=nl-nl&sr=1600x1200&cid=1659833299.1732314236&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=2&dl=https%3A%2F%2Fhelsi.me%2F&dt=HELSI%20-%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B0%D1%86%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2&sid=1732314236&sct=1&seg=0&en=show&_ee=1&ep.event_category=getsitecontrol&ep.event_label=%D0%94%D0%B0%D0%B9%D0%B4%D0%B6%D0%B5%D1%81%D1%82%20%D0%BB%D0%B8%D1%81%D1%82%D0%BE%D0%BF%D0%B0%D0%B4%20%23429461&_et=1203&tfd=8148
Requested by: Host: s.nexinsight.com.ua
URL: https://s.nexinsight.com.ua/?sd=d084f87a-8da4-878a-a855-526e7a52656f&c=nxDef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://helsi.me/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://helsi.me
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 22:24:02 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helsi.me/	1970-01-21 01:13:20	Name: _gid Value: GA1.2.783313755.1732314236
.helsi.me/	1970-01-21 01:11:54	Name: _gat Value: 1
.helsi.me/	1970-01-21 09:57:30	Name: cf_clearance Value: N1Gelq80_MZYPMbWXdhiqUwAREhrca7y2oNvf5j.QQM-1732314236-1.2.1.1-car11FH.jokr9Gav7O6W__mQTB63Jn0LfIwZ08SL1fvMlrCTKg3bbIWyYl2Q8NzDF.30G3IPFbMGM9oAdEVMeuKur1Kyw6MdpoPCTUB8v3EP8LJlfi2IwleMt9Cg0Ha01zRg.rx8m.I.Q71wKprUZnsC52_u9vyPB4sH0iXijy1RpiTN1arcI6eLWZBqgxy170cTz1ZH8MFnGpF4MeYYTZrHkGfcoZnkMX6sXPZVfl0ChuNerMuhbGMqPoCklNnaPY1opq5hOTbgVxMAH_McehoNGqRicar_gf1CUe0PvMq6Z8xPQPi.hLZ_IkyqSN3aoB85.ZcOnlZ8gqmVi3gQyaM7ZEsMWch8zk.Dbl7hlNOo0VWbliejixkaO46GpLlx
helsi.me/	1969-12-31 23:59:59	Name: x-version Value: 12
.helsi.me/	1970-01-21 03:21:30	Name: _gcl_au Value: 1.1.579246007.1732314237
.helsi.me/	1970-01-21 09:57:30	Name: PIS_APP_CART_COOKIE_V5 Value: f88710b3-dd4c-46d4-9929-a18bd13d68b3
.helsi.me/	1970-01-21 09:57:30	Name: ajs_anonymous_id Value: 8a6ed746-40b5-46c1-808d-e39fc5d87a16
s.nexinsight.com.ua/	1969-12-31 23:59:59	Name: nisess Value: 190110553453974
.helsi.me/	1970-01-21 09:57:30	Name: analytics_session_id Value: 1732314236847
.helsi.me/	1970-01-21 09:57:30	Name: analytics_session_id.last_access Value: 1732314236847
.helsi.me/	1970-01-21 10:47:54	Name: _ga_P1HBM76S7Y Value: GS1.1.1732314237.1.0.1732314237.60.0.0
.helsi.me/	1970-01-21 10:47:54	Name: _ga Value: GA1.1.1659833299.1732314236
.doubleclick.net/	1970-01-21 10:33:30	Name: IDE Value: AHWqTUnU5jOAqhyfqzAEwRaEOK0yvS4ul2tWoiU7ZmEHcvsnLQBxZweaKvEQA2oe
.adtelligent.com/	1970-01-21 03:25:49	Name: vmuid Value: 7cf3158c9a42c3ba
.helsi.me/	1970-01-21 03:21:30	Name: _fbp Value: fb.1.1732314237173.611141234227063004
.nexinsight.com.ua/	1970-01-21 02:41:11	Name: vmuid Value: 7cf3158c9a42c3ba
p.nexinsight.com.ua/	1969-12-31 23:59:59	Name: nisess Value: 190110557853988
.helsi.me/	1970-01-21 10:47:54	Name: _ga_QVB86JBPHT Value: GS1.2.1732314236.1.0.1732314237.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
connect.facebook.net
events.getsitectrl.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
helsi.me
helsi.zt.ua
ident.mygaru.com
l.getsitecontrol.com
m2.getsitecontrol.com
o4506461758029824.ingest.us.sentry.io
region1.analytics.google.com
region1.google-analytics.com
s.adtelligent.com
s.nexinsight.com.ua
s2.getsitecontrol.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
138.199.37.227
138.199.37.231
142.250.184.226
142.250.185.132
142.250.186.106
142.250.186.163
143.204.210.180
157.240.252.13
157.240.252.35
169.150.247.38
172.217.16.200
172.217.16.206
172.67.8.57
185.83.69.42
192.145.111.2
195.149.114.21
216.239.32.36
34.120.195.249
35.160.151.220
44.219.178.132
49.13.254.106
74.125.71.156
01fd69511e03a6871465cb01ceb0483c3e9dc07e5d468e8af6f1638466499a2a
032df1214307b8dde04176333c8c406cb2c78860f0653f83584b1b497f692d2a
0596de03196be6a381716c3007b631ef2f41a70498a358130757ae5d1768ee9c
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15c3e63256f4274f2de9a64e087f9cc745b9864921da4eafaac43a21841f4ebb
18c0d877a96047614f5eebcec995995317c8f246eaec7bfd31ed6c4d1a70515d
1ca72e8a9a794912b9debdbaf248b5237b3b7fe216cadf0387e528f67c9aad27
1f095329f7d33e1eb438fc504b4e23025d2d672cb40303864d0db67aa457ee8c
2713d591f7cfaf2477679b545630ebec42f9c192a05e1ef811cdda096a50f0b5
2ef0b49c3e6545b3addb381877355207c57f1d753781a27470bcc3e90a2893a9
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
335b3265c3bb3efacf6978db5807af9ec5df7e564fe55d5d28d3e5e26df25a07
33aceb545369255750beea894fcc56fe9dbb8482fd31dd907ef943bf0e6f6719
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
34fd7ff662fba240405e23e77ffdaa48ef448519613100feea8952c582342b89
379c429e07a0ddc39f73d177306ef54405538bf44cdabe8b0be246e7f93edec9
3a3af9f07ac294715ef4e9004328f412dec9c8ce51e09707260f2c6b909330ff
3c97e7450154fb012312fecfb55ae87dc23e404d2695c219f6949523cf7465b0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47264f380e91054c25a95b0ef4c59a419e0fade5aac5e2d79776ef293f1c863d
48e0835e005d2d5d159f30848aa6d776ffbd5e393d732bf8861a16a1db85834e
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5483fb5e052fb7c94f47e064bcfb86d671ea01bc5ff9cef295ed9237566ad24b
5704ba3b0003c21e4548839030a43df45162a2eb3ec547046ad02c238fc2a1e2
5da3a5de5e9807f60fca8bd559df6d868ff5d3f3b5f2f0d66760fa7991f7d4f1
60def6dac47fabbf12c32ae1c2fe47f8615fc85e0a7aa97ea9c73029dacd6ba0
6b6132cfde9648b15f62a60a1225dd174b2095ef881b396a4b48bd102a81bd84
6cdb2e46ce7be00273368a16d259335bef2f15bd6acae757728f451ef54897a6
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
76741698143b2be73fbc649486a2d08d764b7efb71dab6fe9b198989d10d9fb5
7e614839f256c977b2d3f601dbe79b1436bed57e825531b25b10ca22d187af74
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c54658f558fd91e50f7bd8f231580b161f0c6e991c6b36e9157da7bff53743
8671c0490e92d9eec96cee982d457d89bea45e854ce9da74e60d8672a71e8896
8994e41bc1f603f16038ca07a13f59e7ec8fc4e116be484a210c964388b81c77
8d79613d61845db18f131b39f260d0175c669e6bc06500add760d5a7cfa906f5
90eb30ec2d4703c96b0fb9e238c18cb50fe09aa5bd6c045415125060b361d66d
91a8f0fc6953e868ac922067a8fdf5ada6f48aa763aac4238008ea2cf8e34861
95966c1c217bc21e1cb587e6c22f01bbb187f88c37a564b713b63ae53268bc7f
9a773b748dfb8e650581f83aa0710f5bc72111a50ff444a178130966baf5abb6
9d96cd9b973e8ea1a1ef9c69a87cc4b8caca7f0374e99aa73b0be0e81ea14bf2
a71351a788efb7e2d849d447bc7255959be880822e7579f336eb45c6df958f3b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec2a6f936ad1fb42cbdf4ca315a068cf05f1e077c0769eb2203760a2e8c5c1b
b0ef706e9471a5a6eea0be6e6cb361acd90191d07ba2cdf334eaca36be40ac87
b44e94e64c72381593113d94fb6cf49f670bd626087070ac99a8ea28ae36203e
b6e75e52a15c8364d7e697d49608507be06cba6fe598a12fb60f4adc60e806f9
b7483a4f5f982ea1da9fe35169e2a98516ed65bfe583f9eccb2553809affbc97
b812b8c7e155091ffa517ede709ea330ee111790aa94c382f7d108673b61318c
bbc30377acbe22f52bb7e7fe1dabaa0929926790957f9aa926f3752c4be5584a
bd07c6f7723d51e773ee0b8b62861b9540357ff5a1d7d11f903c18e3294bea31
c63810d3d254e72ff2ecacaefbffadbd4ece5bda0462e8774eb60d2d485c62f8
c664e784d6cba355616ea0a6eb59603579a7b0e49fc4b9595264ba736aeccb4d
c7414c792b8c81e73b4281d4001e3123be930980614857d15ecebe7da7f42d98
c78f73da8940662f16aeb2c7e2bec94f5f2d266377263eb48f8bab2b6cf51af7
c8299ba1f156b15f9c62d416e68b23b7cbbdffcf7d596e1447a8dc8d65326fb7
cdf65ca96e4224cc062eb6de1d150effc49acdf8fd256d08d0fe87e2b9ec08fd
d71c414a12227577ed779634db066f16c70f82b5ad76e9480a4735697fb51365
d7c1e73927f941ec62be5a1d16df3dd187335881c968cb0db662cc7c373980ef
dbeaea2e0ffb90709810009f8d94c5f6f54918d049f44703489032e2435824f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2f20998cbbfc623f281a56841955a40761572748975fe3c057a6dedb00a432b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5256bd1e1db46e3575cf9d8361bd03d95337f984a9ca43c0da857a0844a07d5
eb63b94b664edeea4580cf23ee77523ceaee95b3d3339f2453c5a4ee9ae6addc
ed12fc80b609aaafb46fa25684cac4b958a301fa5871e74567a884125bfc4d91
edd39fc0273a47bdbbf0c5701d1eca3d9b6d281ee06c05d30b46faa9fc038f64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5fdfc11363d356caf899a2843762b92a29c86ea2c8ff5d6b4987567b10de8ab
fa51a5d02603e7aefbe6c9e472c042dd82b4f4b2237dba85be5b73d91701692a
fc773890952ae39b5a8a3f63e79c6d50b8bb985e3406d9cb2f23407ba0919c11

helsi.me Open in urlscan Pro 172.67.8.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

0 %IPv6

19 Domains

25 Subdomains

22 IPs

4 Countries

2882 kBTransfer

10425 kBSize

18 Cookies

24 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

helsi.me Open in urlscan Pro
172.67.8.57 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

22
IPs

4
Countries

2882 kB
Transfer

10425 kB
Size

18
Cookies

76 HTTP transactions
12 data transactions