www.helm.yt Open in urlscan Pro
2606:4700:3034::6815:5f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helm.yt/
Effective URL:
https://www.helm.yt/
Submission: On April 25 via api (April 25th 2022, 1:39:04 pm UTC) from GB — Scanned from GB

Summary HTTP 78 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 78 HTTP transactions. The main IP is 2606:4700:3034::6815:5f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.helm.yt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time www.helm.yt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	2606:4700:303... 2606:4700:3034::6815:5f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
17	2606:4700:303... 2606:4700:3037::ac43:860a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::ac43:2522	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	167.99.86.109 167.99.86.109	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	52.41.155.243 52.41.155.243	16509 (AMAZON-02) (AMAZON-02)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.36 143.204.98.36	16509 (AMAZON-02) (AMAZON-02)
1	34.216.95.44 34.216.95.44	16509 (AMAZON-02) (AMAZON-02)
11	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
78	21

7 2606:4700:3034::6815:5f2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

helm.yt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.helm.yt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3037::ac43:860a (United States)

ASN13335 (CLOUDFLARENET, US)

www.helm.yt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:2522 (United States)

ASN13335 (CLOUDFLARENET, US)

w.chatlio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.99.86.109 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

c3.api.helm.yt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.41.155.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-155-243.us-west-2.compute.amazonaws.com

api.chatlio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-36.fra50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.95.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-95-44.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	helm.yt 2 redirects helm.yt www.helm.yt c3.api.helm.yt	1010 KB
16	chatlio.com w.chatlio.com — Cisco Umbrella Rank: 68529 api.chatlio.com — Cisco Umbrella Rank: 77933	123 KB
11	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2238	260 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 964 q.stripe.com — Cisco Umbrella Rank: 6249 m.stripe.com — Cisco Umbrella Rank: 910	73 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 346	12 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1019	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	500 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	113 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3476	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11184	53 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 6637	13 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 103	17 KB
78	15

	Domain	Requested by
22	www.helm.yt	www.helm.yt cdn.ravenjs.com
11	res.cloudinary.com
11	w.chatlio.com	www.helm.yt w.chatlio.com
5	api.chatlio.com	cdn.ravenjs.com
5	www.google-analytics.com	www.helm.yt cdn.ravenjs.com
3	js.stripe.com	www.helm.yt js.stripe.com
3	bat.bing.com	www.helm.yt bat.bing.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	www.helm.yt
2	www.facebook.com	www.helm.yt
2	c3.api.helm.yt	cdn.ravenjs.com
2	connect.facebook.net	www.helm.yt connect.facebook.net
2	helm.yt	2 redirects
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	cdn.ravenjs.com
1	www.google.co.uk	www.helm.yt
1	www.google.com	www.helm.yt
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.clickcease.com	www.helm.yt
1	cdn.ravenjs.com	www.helm.yt
1	www.googleadservices.com	www.helm.yt
78	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
studiorotate.com
goo.gl
chatlio.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-04`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
chatlio.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-04-19` - `2022-08-05`	4 months	crt.sh
c3.api.helm.yt R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.chatlio.com Amazon	`2021-05-06` - `2022-06-04`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.helm.yt/
Frame ID: 48EA2E3CC1E9871EE2277AF3040CBA2B
Requests: 69 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: 5E74944BA1270FC50BCBE2EB21DBC1ED
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 686D8A7E2A5F612483EB62EDC53C96F0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yachting Holidays, Tailored to You | HELM

Page URL History Show full URLs

http://helm.yt/ HTTP 301
https://helm.yt/ HTTP 301
https://www.helm.yt/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

78
Requests

100 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

1712 kB
Transfer

15872 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helmyachting

Search URL Search Domain Scan URL

URL: https://twitter.com/Helm_yt

Search URL Search Domain Scan URL

URL: https://instagram.com/helm.yt

Search URL Search Domain Scan URL

URL: http://studiorotate.com/
Title: Site Credit

Search URL Search Domain Scan URL

URL: https://goo.gl/2R3Yfg
Title: See more reviews on Google

Search URL Search Domain Scan URL

URL: https://chatlio.com/
Title: Chatlio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helm.yt/ HTTP 301
https://helm.yt/ HTTP 301
https://www.helm.yt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.helm.yt/
Redirect Chain

http://helm.yt/
https://helm.yt/
https://www.helm.yt/

18 KB
6 KB

140ms
117ms

Document
text/html

2606:4700:3034::6815:5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b4618b2e0e41a7dda7df4408219276ad68798a499667ddcbbfcfbc378f7452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public,s-maxage=21600
cf-cache-status: DYNAMIC
cf-ray: 70177b58fecb83a8-MXP
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Apr 2022 13:38:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjqa7vL2Dhq6j77XRHwHpqX8%2FMvXmUivLfIhUisJRfVU3hBPHqLZMadjn1MgCihyGwv3AMgDS3HhM2rx9MgiuxrfQmqWrm4wKkGT7i3bF%2FbwxkcZ%2BkGtvEShdCCba1hOi2E1Fz2m0Gwh7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70177b581c7183a8-MXP
content-type: text/html
date: Mon, 25 Apr 2022 13:38:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.helm.yt/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCJdi4NMur4sD%2FePiWOp1CMgxR7V0rg%2BH7XcPswJA7eLkYxk87v2zjKxtZtfCbCvkD2zp8dDKr5AnZyFl84hROdR0A%2BTLT%2BolTifz60YIQLd2q9GMIddCaJ5WflKTeUww8eDC2ai"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bundle.css
www.helm.yt/a/ 324 KB
49 KB 116ms
116ms Stylesheet
text/css 2606:4700:3034::6815:5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/a/bundle.css?v=1649947143964

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a863d546411dedf08132a3bd75d9756a412c665ba0a5099ff1e9fcda8916f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Apr 2022 14:37:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQRRuG0NkSh3V%2BMwwIuS9V4ABEjGW2Lj7xj3KJIQ%2BQiWDLWTlGf58rRI380YjI3Ku%2B3qKV468tlpw%2FFtZBnPZlpujaPKNHktIBxrTgY5uzwu4goAzTfoUs3vCFrrseZeZvibZqQyLqOQjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b59d8e783a8-MXP

GET
H2 200 united-kingdom.svg
www.helm.yt/a/flags/ 1 KB
899 B 120ms
119ms Image
image/svg+xml 2606:4700:3034::6815:5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/flags/united-kingdom.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389482df813bd9b04fdead73eb42ca25b45744c7defeeb08a6f4e727e742f657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rey%2BLqg%2BPZ9A5Opw96lMiv76MGtwKKLgsqJjpeVvvXX0AdBg5SE7TguuN6PFyGcSwJjNX2bM1VoO71M39cPFDO9%2B6pKTKSulcqlbXcK7JRazQ%2BKwlaZ8mi%2FzpHkqG4Bmq2Rebx4bAK%2FIvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b59d8eb83a8-MXP

GET
H2 200 british-marine.png
www.helm.yt/a/ 5 KB
5 KB 179ms
179ms Image
image/png 2606:4700:3034::6815:5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/british-marine.png

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643d75a3ec79a577e0466495d233c61db53710a818eeb8fd0634c4fd29f97261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4974
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbnm1TWrY%2BSgGgYtjyJIFpEiIyyE7fMR6KxnEce8bCQ3H2EYkP%2BzhVNx0AvV3yRfcAfvHd7F6cvcnquUAbpwx9CM1%2FJldZizo5rYvBhj8vqsmYL8kjMIkziTj8xgwCUzWqruzcIR7qyabw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b59d8ef83a8-MXP

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 162ms
65ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17225
x-xss-protection: 0
server: cafe
etag: 16958488767326041532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 13:38:55 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.24.0/ 34 KB
13 KB 200ms
63ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.24.0/raven.min.js
Requested by: Host: www.helm.yt
URL: https://www.helm.yt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: cdf8e625ffac73bd4c0f117e3adda42425566086086661162573790004b63fd7

Request headers

Referer: https://www.helm.yt/
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 09:36:29 GMT
server: Fastly
age: 26870
etag: "8d44edf90f25d914c0eb467a39e4d210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13138

GET
H2 200 client.js Show response
www.helm.yt/a/ 3 MB
792 KB 133ms
132ms Script
application/javascript 2606:4700:3034::6815:5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/a/client.js?v=1649947143964

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee99ebc09cd74adaf824ce2c0c88f9c9b618c1d7b516eacaff6b116643535df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Apr 2022 14:39:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usftYNVEW2rwfDJcxAaIqKS4RwUwjDLtby8fAiX8q1bOcAj4yOArkUr6uHvfM%2FLXEEFbvSgaWCdhtKuFs2Dsxrbhyg5DPZOGfngiIoXFlDTVp6ZYUxF64NkfjOM7S2g9TBSn9ZaCRoDkQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b59d8ed83a8-MXP

GET
H3 200 dropdown-off.svg
www.helm.yt/a/ 141 B
695 B 236ms
236ms Image
image/svg+xml 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/dropdown-off.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5158cf5bb20189c4335f6caa942e80f2c4a10b5dae82bcb6a722bbfd3bbfac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc%2FsIvExue5siTMA72I0MS38a%2FGte9EXRINqS5Gy31L8ropNSTpSO2kFkRAHkEbhwK%2F5R%2BJlqV7MWvQ3wL3L4sAAclonWi8kSel%2BOiOo1Ml5YHU2Bs6KD0YOav8ydvs%2FcfVe02qEZrXzjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b5abeb083be-MXP

GET
H3 200 replica-regular.woff2
www.helm.yt/a/ 24 KB
25 KB 111ms
111ms Font
font/woff2 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/a/replica-regular.woff2

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b569518851e9df5fabc36fe228db62890b12756233907254287697142d1e55b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24804
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Apr 2022 14:37:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4%2BXAtVBdTGhsw87%2FOJxR2zQvb6VdAi71fYPO0q%2B6ty0QpIkaD%2F3mVIbygs1Ri3sleSN4IiuHc4vSWzwN%2B7v1EOo7oVdra9c0cYEhy%2By6e41kgpTpo2B8JsZ4s0iLg3mYsh7DAvCambPNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b5abeb283be-MXP

GET
H3 200 freight-black.woff2
www.helm.yt/a/ 49 KB
50 KB 234ms
234ms Font
font/woff2 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/a/freight-black.woff2

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a7f253002006350333d4946b706e3227cc8d99855baeb484e8b0b2d121819d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50602
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Apr 2022 14:37:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4bgiQusn1ESdj3O29c%2FUCGot7Zwpi5xrV7ZRnE1vDWkg4xsoV8Yt2jvxAxQGHrolnQhrfwyY4JHnic3x%2FzxvvjFCLvspNDuG0ebAs1o4BfnGdazSVa3DoqWEUQ9Tr8%2BjVH0VFCf0VSAWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b5abeb483be-MXP

GET
H3 200 freight-regular.woff2
www.helm.yt/a/ 48 KB
49 KB 172ms
172ms Font
font/woff2 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/a/freight-regular.woff2

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e31f7d26f474eaacbd4d2c043de1f21f79c497e8c3b1def07b9a780c011544fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49124
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Apr 2022 14:37:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h03IcvAFofFNT59trZ%2F9iOmhrNeCxUHsx6YkVqvp5HWdZG7%2F1i0Q8H9h9c2Te0oUuCHL1JR14Z1I9TX12hAwTwPRtcGbsSoi8%2FT5ijjRcEraLGYAzWNmQgJb8zJOe9avWynosZ23tEwKug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b5abeb683be-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 245
date: Mon, 25 Apr 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 25 Apr 2022 15:34:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 133ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: GED1pnWjkh7JPItXybdCLrpeg0w86K7WrQ1m5gdGSnLVjk9Xg2aQKHfgszYsC1XB3k4QDUbLZVem4MwurefasA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 25 Apr 2022 13:38:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 162 KB
53 KB 233ms
82ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81277
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Apr 2022 08:24:39 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"28691-5dce97dc888a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi4TIIsTWx2skgLIL5ChxtEX129mShTcoaDImlSzKbrRFpth2W%2FyRrFWz9gVrWJnQW4zUNnCJFM%2FFDKkxpfp4sZH%2BuzExWBRa8u4REM1JU55L8aTT%2BVZAZbPCT63VvZU8yOYyuxVS2Hpk4Nz29MF73M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 70177b5bd86ee8eb-MXP
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Tue, 24 May 2022 15:04:17 GMT

GET
H2 200 w.chatlio-widget.js Show response
w.chatlio.com/ 2 KB
1 KB 162ms
56ms Script
application/javascript 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/w.chatlio-widget.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8395f37fc30d447640101fa4b2c9a31da5b159a2b28fa6d8513bdaa4dad0f6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:55 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 6
cf-polished: origSize=1692
fly-request-id: 01FZ1CBDF1GSN3VKF5JVAQVR7C-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"614cc9a1-69c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=30
cf-ray: 70177b5b8fef2355-ZRH
cf-bgj: minify

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 129ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB93495D8A2C4A3B9B8D4E5D6051DC05 Ref B: LTSEDGE0918 Ref C: 2022-04-25T13:38:55Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 25 Apr 2022 13:38:55 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/946091198/ 2 KB
2 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946091198/?random=1650893935813&cv=9&fst=1650893935813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.helm.yt%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b01c6dc654c8ad9829241ac4da45112c40dd82f42b5bea05455dfda68d7d4b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 %20137037064.js Show response
bat.bing.com/p/action/ 0
118 B 197ms
196ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/%20137037064.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A62C216AC8244CB6A4FFBB39368D2EE6 Ref B: LTSEDGE0918 Ref C: 2022-04-25T13:38:55Z
date: Mon, 25 Apr 2022 13:38:55 GMT
x-cache: CONFIG_NOCACHE

GET
H3 200 1203261599702225 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 227ms
184ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1203261599702225?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6b6f3ca65484cb156c74546ecb829059fcbb53337277a9f60172337ef7c91f0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ZLTf9BZf/9sFgcMaWxLsvjN9AtMLDPj9dtUwoNOFG3OquzxjZw3cuz4NbfJ82gIfZYNUCEw8no5vHu5ous+dGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 25 Apr 2022 13:38:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1650893936153
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 w.chatlio-widget.js Show response
w.chatlio.com/v4/ 60 KB
17 KB 166ms
106ms Script
application/javascript 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/w.chatlio-widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74611653c48c84b1b5b64eeb929bbb40d4db305e7005bbdbfc7cec599ffe8c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=61875
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01FZ1CN3TF6DHSNTP2B0JNHY4B-fra
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"614cc9a1-f1b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=30
cf-ray: 70177b5c4ffd23df-ZRH
cf-bgj: minify

GET
H2 200 /
www.google.com/pagead/1p-user-list/946091198/ 42 B
548 B 148ms
55ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/946091198/?random=1650893935813&cv=9&fst=1650891600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.helm.yt%2F&fmt=3&is_vtc=1&random=703357632&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:38:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/946091198/ 42 B
548 B 147ms
52ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/946091198/?random=1650893935813&cv=9&fst=1650891600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.helm.yt%2F&fmt=3&is_vtc=1&random=703357632&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:38:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 131ms
48ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1936505432&t=pageview&_s=1&dl=https%3A%2F%2Fwww.helm.yt%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=572111524&gjid=795518972&cid=1531740105.1650893936&tid=UA-69741431-1&_gid=68435653.1650893936&_r=1&_slc=1&z=1767156921

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 13:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.helm.yt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 home Show response
www.helm.yt/api/ 7 KB
3 KB 1641ms
1640ms Fetch
application/json 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/api/home

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03655a41b88baf217824ed837e98726b64e25f4434bc7850b3d12d5377de967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e34gQsGuiA5bLGLW4EDTQjiux3aCHlQAkSzT97WxdpGn4dVWRtL9Y2MpwxH18J27eIPHITixD33%2BryfHhCCtfKAc6XeTdTAYNduihsw7bpLve67p2PtHCaCy3LEV4iIEjjJcpG4dwjlJwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public,s-maxage=21600
cf-ray: 70177b5d4dd883be-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 297 KB
71 KB 177ms
30ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/client.js?v=1649947143964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

396f26b4b27f1ea50f587d40722491546b5fbc1d7bfb4c8479d83183370b141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: HIT
content-length: 71824
etag: "fc3e646e0a1fc74eefbff5ebb5f83249"
x-request-id: d86233e2-ce73-4b01-b56c-4d1d1dc9521e
x-served-by: cache-lcy19221-LCY
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 17:32:16 GMT
server: Fastly
date: Mon, 25 Apr 2022 13:38:56 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 availability-rules Show response
c3.api.helm.yt/ 2 KB
682 B 222ms
120ms XHR
application/json 167.99.86.109
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://c3.api.helm.yt/availability-rules

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.99.86.109 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

d181c687d04047b54213c7fa0f5c1bae5f3a899712dd29a545984d91327c8ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 exchange-rates Show response
c3.api.helm.yt/ 2 KB
539 B 180ms
78ms XHR
application/json 167.99.86.109
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://c3.api.helm.yt/exchange-rates

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.99.86.109 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

53015604ff6b3416998515dc6f75df6ec570b64e24a72685f454cfb479f1ca9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block

GET
H3 200 me Show response
www.helm.yt/ 41 B
575 B 151ms
150ms XHR
application/json 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/me

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e131e1be786419ebbc60482fc14d387918fc311995c95ed011fc6eb7d4bdf7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DhYjo0EZvP8ANs%2BJop0iuOhqj9EKo%2BMQYA9TE6ruOcqYCtQOxrij4Vx89BEbU2b5Xt2ffnf5CvDaH83%2FRaQtUjVHrMzPOSBnmqR5KzBrRqyypfi3x9KjbXvzwL7v2KINQgPd60vOlz2lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: public,s-maxage=21600
cf-ray: 70177b5d5e0783be-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-69741431-1&cid=1531740105.1650893936&jid=572111524&gjid=795518972&_gid=68435653.1650893936&_u=IEBAAEAAAAAAAC~&z=1349297594

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Apr 2022 13:38:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.helm.yt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 chatlio.min.80ec1f7e.js Show response
w.chatlio.com/v4/vendor/ 189 KB
55 KB 99ms
99ms Script
application/javascript 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/vendor/chatlio.min.80ec1f7e.js

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d509647355554ef40404702c699ffabf05024c889cedcb330406a3926ef05469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 1587777
cf-polished: origSize=194250
fly-request-id: 01G014XJHPMDNYYDKN8REFR60Z-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"614cc9a1-2f6ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=63072000
cf-ray: 70177b5dba2023df-ZRH
cf-bgj: minify

GET
H3 200 main.ca09a626.css
w.chatlio.com/v4/ 26 KB
6 KB 54ms
53ms Stylesheet
text/css 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/main.ca09a626.css

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3da2e6ff1f163f8ccd78e837f47603dd4270fb0fe41e18ebe2b6a73966258439

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 19320982
cf-polished: origSize=26372
fly-request-id: 01FFGN73AEA7KACD6EGMVSA2W2
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Sep 2021 19:31:33 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"613fa715-6704"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=63072000
cf-ray: 70177b5dba2123df-ZRH
cf-bgj: minify

GET
H3 200 sidebar.1151ed33.css
w.chatlio.com/v4/ 773 B
586 B 54ms
54ms Stylesheet
text/css 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/sidebar.1151ed33.css

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d45f86a0c1fbc9bf8dbc77f5a98b26fbcce1b15612e4bfbf80df6fbac487b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
via: 1.1 fly.io
vary: Accept-Encoding
cf-cache-status: HIT
age: 188328
fly-request-id: 01G1AVHA5VFQ1V8JK4TX07C1GB-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: W/"614cc9a1-305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=63072000
cf-ray: 70177b5dba2223df-ZRH
cf-bgj: minify

GET
H3 200 emojione-1.4.1.min.2f0e13b4.js Show response
w.chatlio.com/v4/vendor/ 73 KB
18 KB 61ms
60ms Script
application/javascript 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/vendor/emojione-1.4.1.min.2f0e13b4.js

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ffbec309cd5c739a84c98fb472c9eda8d9d3660045ff4067430e4c4e698b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19593874
cf-polished: origSize=74987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6EEGBRMP92MRM6V3
x-amz-id-2: UOPTdhOoyi4oQQTTULJ/XmtEuBHQZiKiA3xx1FGRE1AcJgLuE7JFvN+zZFtSvoqZyXN4VMMsb68=
last-modified: Wed, 16 Jan 2019 17:34:11 GMT
server: cloudflare
etag: W/"2f0e13b47f7a5985e3b672cb914c3e9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=63072000
cf-ray: 70177b5dba2423df-ZRH
cf-bgj: minify

GET
H2 204 0
bat.bing.com/action/ 0
175 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=%20137037064&Ver=2&mid=51ce479d-ce9d-46f7-af1d-5490a7020f15&sid=0dd52d10c49d11ec9289cfb41878c9ed&vid=0dd52750c49d11ecbf9b5137540dfb1a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.helm.yt%2F&r=&lt=1186&evt=pageLoad&msclkid=N&sv=1&rn=317454

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91C609554BE84A2BA4617CAC06D499F1 Ref B: LTSEDGE0918 Ref C: 2022-04-25T13:38:56Z
date: Mon, 25 Apr 2022 13:38:55 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 122ms
41ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203261599702225&ev=PageView&dl=https%3A%2F%2Fwww.helm.yt%2F&rl=&if=false&ts=1650893936277&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650893936276.164024237&it=1650893935946&coo=false&rqm=GET

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 25 Apr 2022 13:38:56 GMT

GET
H3 200 home Show response
www.helm.yt/api/ 7 KB
3 KB 1662ms
1661ms Fetch
application/json 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/api/home

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03655a41b88baf217824ed837e98726b64e25f4434bc7850b3d12d5377de967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD6fu1Y39z5AzuFM1R7gg39KnWl318MgD74HaOHdVE128LivBdes6ubach%2F9I1tSqdvJcYXdvAtceanCHYORbrxq1dCR8bMbj9ChOu%2Bf5FDz%2B3OtTKqGgon5uWlv9LOqux%2FhYAqw01Vkhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public,s-maxage=21600
cf-ray: 70177b5e68e683be-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 home Show response
www.helm.yt/api/ 7 KB
3 KB 1596ms
1595ms Fetch
application/json 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/api/home

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03655a41b88baf217824ed837e98726b64e25f4434bc7850b3d12d5377de967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iS0mDwgGIxEXyBocYFvnOrxNQ4ibiWHApufzXz9289xfWm8oq8%2BCd9Hm080Ivfr1KGW66RvEwABB7O%2BzlylPs0VCSyZBtr%2BA68jC6yuCWmPbVeIcauPbrEVaw2ps0PP0H%2F4lm2o7SHorQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public,s-maxage=21600
cf-ray: 70177b5e78f783be-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1936505432&t=pageview&_s=2&dl=https%3A%2F%2Fwww.helm.yt%2F&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1531740105.1650893936&tid=UA-69741431-1&_gid=68435653.1650893936&z=1121426160

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 15:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78686
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1936505432&t=pageview&_s=3&dl=https%3A%2F%2Fwww.helm.yt%2F&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1531740105.1650893936&tid=UA-69741431-1&_gid=68435653.1650893936&z=1175535112

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 15:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78686
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 home Show response
www.helm.yt/api/ 7 KB
3 KB 1615ms
1615ms Fetch
application/json 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.helm.yt/api/home

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03655a41b88baf217824ed837e98726b64e25f4434bc7850b3d12d5377de967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPkmJ0alvQ9VhUCxdVRGDQigAHHNVxnZA6JdZB8vTPQ9522PhNGCM4pODORixUdYWXUqA4KJ52%2BhxmIYey%2B5ElvVT4BT57Jy9ETIS4YCMp2gHsLYUK%2F%2F4kb9doeRJONh6lb03lYLyck6DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public,s-maxage=21600
cf-ray: 70177b5e893183be-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1936505432&t=pageview&_s=4&dl=https%3A%2F%2Fwww.helm.yt%2F&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1531740105.1650893936&tid=UA-69741431-1&_gid=68435653.1650893936&z=444541995

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 15:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78686
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 new Show response
api.chatlio.com/v1/p/visitor/session/ 17 B
892 B 588ms
192ms XHR
application/javascript 52.41.155.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/p/visitor/session/new

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.155.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-155-243.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
x-chatlio-at: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE2NTA5MDExMzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.XJFIz1PGXSvLzVc2Vfi98BpxJuOMicem5-veEsXUmGw
x-content-type-options: nosniff
x-chatlio-vsuuid: 7af3bf0a-5c85-4b07-ac9b-1946e12844e8
content-length: 17
x-chatlio-rt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE3MTM5NjU5MzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.l1s9ToQExrnx-r3At8GSOmVoMERcH0qfwjFQUY8w11I
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
content-security-policy: default-src 'none'; frame-ancestors 'none'
access-control-allow-headers: Content-Type, Authorization
expires: -1

GET
H2 200 m-outer-23335cd0c833d03926d94e8fb5cb0381.html Show response
js.stripe.com/v3/ Frame 5E74 240 B
552 B 30ms
30ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.helm.yt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1712807
cache-control: max-age=31536000
content-encoding: br
content-length: 140
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 25 Apr 2022 13:38:56 GMT
etag: "23335cd0c833d03926d94e8fb5cb0381"
last-modified: Tue, 05 Apr 2022 17:50:14 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 546665
x-content-type-options: nosniff
x-request-id: 77f5d91c-4b73-4eb7-855e-70790085478f
x-served-by: cache-lcy19221-LCY

POST
H2 200 csp-report
q.stripe.com/ Frame 5E74 0
347 B 565ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.helm.yt
URL: https://www.helm.yt/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 4
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5E74 1 KB
773 B 30ms
29ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 24
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: 997e4609-04df-40cd-bf62-10e913b5ea08
x-served-by: cache-lcy19221-LCY
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 17:50:29 GMT
server: Fastly
date: Mon, 25 Apr 2022 13:38:56 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 686D 930 B
2 KB 155ms
41ms Document
text/html 143.204.98.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-36.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 64
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 25 Apr 2022 13:37:54 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-id: rIPoh_-Evq6S-qmcQa431kTr9I4uil8uKco4wIMLoOOfJvRu9wtgKA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 686D 0
120 B 371ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
x-envoy-upstream-service-time: 4
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 686D 86 KB
14 KB 46ms
46ms Script
text/javascript 143.204.98.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-36.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
date: Mon, 25 Apr 2022 13:38:50 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: Fh06UkBXX-iWNgLpw4rrS94zDSq8OZS4X5ePLJCLRfW8Wds8ydG7EA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 83ms
41ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203261599702225&ev=Microdata&dl=https%3A%2F%2Fwww.helm.yt%2F&rl=&if=false&ts=1650893936826&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22HELM%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650893936276.164024237&it=1650893935946&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 25 Apr 2022 13:38:56 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 686D 156 B
523 B 554ms
186ms XHR
application/json 34.216.95.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.95.44 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-95-44.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

00f71ec1d0a22b2c0b018f333c3dd8315782df8d92771eb43bd9747188cf7971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 200 register
api.chatlio.com/v1/v/visitor/ Frame 0
0 180ms
180ms Preflight
text/plain 52.41.155.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.155.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-155-243.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.helm.yt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow: POST, OPTIONS
content-length: 0
content-security-policy: default-src 'none'; frame-ancestors 'none'
content-type: text/plain; charset=utf-8
date: Mon, 25 Apr 2022 13:38:57 GMT
expires: -1
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 register Show response
api.chatlio.com/v1/v/visitor/ 4 KB
2 KB 202ms
202ms XHR
application/json 52.41.155.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/register

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.155.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-155-243.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3a5f9665a7931d07071e25fc2d904f87acc8f40361731321178e13230ecb40a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE2NTA5MDExMzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.XJFIz1PGXSvLzVc2Vfi98BpxJuOMicem5-veEsXUmGw
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization
x-frame-options: DENY
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
cache-control: max-age=30, no-transform, public
content-security-policy: default-src 'none'; frame-ancestors 'none'
strict-transport-security: max-age=31536000
vary: Accept-Encoding
expires: -1

GET
H2 204 ack Show response
api.chatlio.com/v1/v/visitor/token/ 0
354 B 188ms
187ms XHR
text/plain 52.41.155.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=7af3bf0a-5c85-4b07-ac9b-1946e12844e8&ceUuid=ad84811c-63f5-44e5-7e5a-609ae849805c

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.155.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-155-243.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE2NTA5MDExMzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.XJFIz1PGXSvLzVc2Vfi98BpxJuOMicem5-veEsXUmGw
Referer: https://www.helm.yt/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
content-security-policy: default-src 'none'; frame-ancestors 'none'
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Authorization
expires: -1

OPTIONS
H2 200 ack
api.chatlio.com/v1/v/visitor/token/ Frame 0
0 181ms
180ms Preflight
text/plain 52.41.155.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=7af3bf0a-5c85-4b07-ac9b-1946e12844e8&ceUuid=ad84811c-63f5-44e5-7e5a-609ae849805c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.155.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-155-243.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.helm.yt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow: GET, HEAD, OPTIONS
content-length: 0
content-security-policy: default-src 'none'; frame-ancestors 'none'
content-type: text/plain; charset=utf-8
date: Mon, 25 Apr 2022 13:38:57 GMT
expires: -1
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 bubbles.8573a0d0.png
w.chatlio.com/v4/images/ 528 B
969 B 56ms
55ms Image
image/webp 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w.chatlio.com/v4/images/bubbles.8573a0d0.png

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/main.ca09a626.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852d249f77ccfe3d3593bd1ffa076f491c1e93788124276a95624f35d354b7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.chatlio.com/v4/main.ca09a626.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
via: 1.1 fly.io
vary: Accept
cf-cache-status: HIT
age: 170538
cf-polished: origFmt=png, origSize=697
fly-request-id: 01G1BCG9BNMZ0KQF7GMBD01YNX-fra
content-disposition: inline; filename="bubbles.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 528
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: "614cc9a1-2b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 70177b64ed8523df-ZRH
cf-bgj: imgq:85,h2pri

GET
H3 200 Lato-regular.7d31788b.woff2
w.chatlio.com/v4/fonts/Lato-regular/ 16 KB
16 KB 131ms
81ms Font
font/woff2 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/fonts/Lato-regular/Lato-regular.7d31788b.woff2

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/main.ca09a626.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://w.chatlio.com/v4/main.ca09a626.css
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
via: 1.1 fly.io
cf-cache-status: MISS
access-control-max-age: 3000
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16436
fly-request-id: 01G1GF4P4HS8QS5VHQJ83J6P1W-fra
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: "614cc9a1-4034"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=63072000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 70177b653c38cc3e-ZRH

GET
H3 200 tinycon.min.06c92f12.js Show response
w.chatlio.com/v4/vendor/ 3 KB
2 KB 54ms
53ms Script
application/javascript 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/vendor/tinycon.min.06c92f12.js

Requested by

Host: w.chatlio.com
URL: https://w.chatlio.com/v4/w.chatlio-widget.js?loader-version=549d4da

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a5c7fab1980ae5ce68df7e7532c849e82a3eb897980be101c4136baf8c0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19593871
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BF52JFKRVRPY3QXM
x-amz-id-2: Ca6K2kGlPi0XdutqFE3E6lD3Qa7jZyDSc8+eJXa5BGkaugkOgVZCkNEy3eQqf8UzFWddv9ETyxI=
last-modified: Wed, 16 Jan 2019 17:34:11 GMT
server: cloudflare
etag: W/"06c92f12f90d5ac2f5e6c6cbda7f2913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=63072000
cf-ray: 70177b64fd9423df-ZRH
cf-bgj: minify

GET
H3 200 agent.fb216e61.png
w.chatlio.com/v4/images/ 282 B
727 B 63ms
63ms Image
image/webp 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w.chatlio.com/v4/images/agent.fb216e61.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c3943d540b88fafa0ea2f16db73dc3aa858e7686d727191142870a5e747c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
via: 1.1 fly.io
vary: Accept
cf-cache-status: HIT
age: 23426
cf-polished: qual=85, origFmt=jpeg, origSize=900
fly-request-id: 01G1FRSSMJPZSACFGHG6HGGDYM-fra
content-disposition: inline; filename="agent.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 282
last-modified: Thu, 23 Sep 2021 18:38:25 GMT
server: cloudflare
cross-origin-resoure-policy: cross-origin
etag: "614cc9a1-384"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 70177b64fd9923df-ZRH
cf-bgj: imgq:85,h2pri

GET
H3 206 water-drips-single16.a8269a82.mp3
w.chatlio.com/v4/media/ 2 KB
2 KB 57ms
56ms Media
audio/mpeg 2606:4700:10::ac43:2522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w.chatlio.com/v4/media/water-drips-single16.a8269a82.mp3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2522 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69a4be2e6abb1ff0cf43d59bbfbdb52e7bea0bb2ef2569fbf50772ac0e4d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.helm.yt/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19593871
Content-Range: bytes 0-1880/1881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BF56DFRC2KXC6S9S
x-amz-id-2: /ofvYJYztsTdVF/6H/9LStQ6i7C5KoHBrW9K5/jC5q5MxtDuVmtDP09a3hHmSHCXPm7we68esiQ=
last-modified: Wed, 16 Jan 2019 17:34:11 GMT
server: cloudflare
etag: "c1248285ef476d2941fe332dddd84089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: audio/mpeg
cache-control: max-age=63072000
Content-Length: 1881
cf-ray: 70177b64fd9d23df-ZRH

GET
H3 200 favicon.ico
www.helm.yt/a/ 1 KB
867 B 117ms
116ms Image
image/vnd.microsoft.icon 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2c175a0c9b12dbfae465a385fb0050bb7e609bf74622fa22227e506f53d4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.helm.yt/
Origin: https://www.helm.yt
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 15:16:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtsJMFShEL2wDFCtjMN6m6hFyIyEjsLdgPZaaqsjXQAznnUh5RqdR4b214sHAexBv30FoA%2FjEUdSWOqSfLB42so60bzS2eHxJqx51VeLCmitG75H4aFnrwmQDmu4s5QP%2BydBYK%2FGiV3wpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b655ca883be-MXP

GET
H3 200 british-marine.png
www.helm.yt/a/ 5 KB
5 KB 104ms
104ms Image
image/png 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/british-marine.png

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/client.js?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643d75a3ec79a577e0466495d233c61db53710a818eeb8fd0634c4fd29f97261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4974
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSi33gfmVNkUdIYuP6xMwLWaW6qe3WGsyp3m1vk4qCrLmWNtX5hYfCe2SWYTY5AZhqABD74hWWh4Wni%2BQwH5lOMrRezAS2oAJNVTewrIsnlNHO3z2MnimTrPqlycdIM6sJexb5UmsaMlNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b67bae783be-MXP

GET
H3 200 tick-primary.svg
www.helm.yt/a/ 178 B
717 B 151ms
150ms Image
image/svg+xml 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/tick-primary.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbbaec20f45f4a7276d9aec7f72924591e3cf53f9a917814a0d49a538269680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoovhIaYjsZsepmSFlM01v6kAsDpVac8gGPvQpYSfAM7ejHB%2BBa1IEAFfBgJUCSjDVGklhjqCIKYiIGPXhT8RPGfZX0UkC4gSxNHQiOzeqE3W69qB492uP1TrNbLeKP%2BvFfH5uGtuf%2BNvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b67baf383be-MXP

GET
H3 200 logo-primary.svg
www.helm.yt/a/ 830 B
951 B 116ms
116ms Image
image/svg+xml 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/logo-primary.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661508a5074d1eb03239a8b964e9e6a4cba7ffec6036355b5f76725067f55076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLNobUdGKl1psIpbU6AroFzeJTJAsLCtLNkRiWnz57G8vz%2Bd1Kk41wIw%2BnMkiZ%2Fkef2pLlrJ0DrWZ5wzP%2BnepeVtg5hLmpKNIqS0mbsj9uUn0xKHofL1oqaqd2dAonDKHo1%2FE7dETxrR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b67bafa83be-MXP

GET
H3 200 icon-primary.svg
www.helm.yt/a/ 1 KB
1 KB 112ms
111ms Image
image/svg+xml 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/icon-primary.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af8cb715efddc36a393b5ea8ae4d1f31ffaa945827e616eeb5b67861403714b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBqHFIrFEjHOemR86BeZt6v2b9EIhuise4uKBREl8QX%2B8UPp7fa1cjjd0wK%2Bvkuvcrd02KetbaDD9dpLIg6xRuCGg6gXlx17SuP0x6ewU7J7fh1cDbUEhHxBGozMcExIEfRdzbPgK7z9SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b67bafe83be-MXP

GET
H3 200 tick-off.svg
www.helm.yt/a/ 175 B
711 B 129ms
128ms Image
image/svg+xml 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/tick-off.svg

Requested by

Host: www.helm.yt
URL: https://www.helm.yt/a/bundle.css?v=1649947143964

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e19d15ea5c70973ef6257882a3f4f1c6c4907849ad2f6e91fef3fbe62d2de7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/a/bundle.css?v=1649947143964
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2PsmRe3TIISJuWjyJuqW566mFUx1njXRV0HwGpaei65FoAJuuo1QF9w78gpSxxwgq0t4R8MBm3oGFcRS68c8tgI6xdR6oxkkCWgrF%2F50KEzbX8chNgLZCmwelablVhnEUxFBWTQ%2F9Sjog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=1200
cf-ray: 70177b67bb0083be-MXP

GET
H2 200 Paklinski.islands.jpg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 22 KB
22 KB 213ms
75ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Paklinski.islands.jpg?mtime=20181108155723&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0a751af58745de0af6996c8b9085d1376184f1cf92d961468298086c84499916

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Paklinski.islands.webp"
server-timing: fastly;dur=3;cpu=2;start=2022-04-25T13:38:58.034Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 22128
last-modified: Mon, 28 Jun 2021 08:37:28 GMT
server: Cloudinary
etag: "3244376ef824158b5cd88aa961532c6d"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Shirley-heights-view-flowers.jpeg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 39 KB
39 KB 201ms
63ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Shirley-heights-view-flowers.jpeg?mtime=20200804140610&focal=49.33%25+45.55%25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b57a4938197e73a77810ffd618f62f6b0ff23d72bb45e1c1a4d0679a7854936a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Dec 2021 15:49:08 GMT
server: Cloudinary
etag: "7579a15b0970a497a13c44c48dad8bff"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-04-25T13:38:58.034Z;desc=hit,rtt;dur=60
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 39535

GET
H2 200 Sunreef.8016.jpg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 23 KB
23 KB 212ms
75ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Sunreef.8016.jpg?mtime=20190807153214&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

78492ce6d83e6c0a19986aa6624e7d8954643b367aa94f4f5047017d20a43293

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Sunreef.8016.webp"
server-timing: fastly;dur=3;cpu=1;start=2022-04-25T13:38:58.034Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 23306
last-modified: Tue, 18 May 2021 12:30:11 GMT
server: Cloudinary
etag: "4350f00e067eb3e9b7981d0ee6b2aaf2"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Naoussa-sunset.jpeg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 21 KB
21 KB 212ms
74ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Naoussa-sunset.jpeg?mtime=20191112170737&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ae0782eddba8baf21b1458e8d725a377bd80cf64c61e0bd5d4b5fd38c0dae1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Naoussa-sunset.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-04-25T13:38:58.034Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 21584
last-modified: Thu, 23 Dec 2021 20:43:34 GMT
server: Cloudinary
etag: "a3d018080cb8cf049058e1b888b05e94"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Sopers-Hole-BVI.jpeg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 16 KB
16 KB 201ms
63ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Sopers-Hole-BVI.jpeg?mtime=20200312111855&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

caf0371c487898551c861cfc5b773e4c706aec00bffdf0027ea0a06b9da43424

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Sopers-Hole-BVI.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-04-25T13:38:58.035Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 16364
last-modified: Tue, 29 Jun 2021 15:40:54 GMT
server: Cloudinary
etag: "b4bf4f09976b4d58c04e0bd12811df12"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Dufour-48-LER11_2021-12-30-150037_alsm.JPG
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 16 KB
17 KB 212ms
74ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Dufour-48-LER11_2021-12-30-150037_alsm.JPG?mtime=20211230150037&focal=49.87%25+54.29%25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7444e1c5bfbe9f6fc5122c516e6f760f028970bb4a54282da429bd8fc62fe4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Dufour-48-LER11_2021-12-30-150037_alsm.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-04-25T13:38:58.035Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 16776
last-modified: Thu, 30 Dec 2021 15:49:09 GMT
server: Cloudinary
etag: "a9eedbe790f77c9a577a4ed2c75b0627"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 HELM-PHOTO-copy.jpeg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 21 KB
21 KB 124ms
123ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/HELM-PHOTO-copy.jpeg?mtime=20190110123442&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

00f9700f33769f9a1291c32fcc1585e6b8990686bdd99fbc2fd19cf2e1666e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="HELM-PHOTO-copy.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-04-25T13:38:58.053Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 21192
last-modified: Tue, 18 May 2021 12:30:14 GMT
server: Cloudinary
etag: "e98fbbec30e5d012ab8767de52a1b25c"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Zlatni-Rat-wide.jpg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 21 KB
21 KB 124ms
123ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Zlatni-Rat-wide.jpg?mtime=20190523153441&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9356e1188be0b686c9872920cbf07caf0685e2b9c15010970a8465512ca8d294

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Zlatni-Rat-wide.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-04-25T13:38:58.053Z;desc=hit,rtt;dur=60
vary: Save-Data
content-length: 21304
last-modified: Tue, 18 May 2021 12:30:11 GMT
server: Cloudinary
etag: "daccb9f2dd379d90c2b12bdff6518e9a"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BVI-dinghy-dock-sunset.jpg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 28 KB
28 KB 124ms
124ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/BVI-dinghy-dock-sunset.jpg?mtime=20190801165409&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bec96eeb4d7340debee20004fee854f842c5d81380f9aec7aad9d8a6e221f466

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="BVI-dinghy-dock-sunset.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-04-25T13:38:58.093Z;desc=hit,rtt;dur=59
vary: Save-Data
content-length: 28378
last-modified: Tue, 18 May 2021 12:30:11 GMT
server: Cloudinary
etag: "5883df130a7ab105f186d70d41d01560"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Hvar-Croatia.jpeg
res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/ 52 KB
52 KB 125ms
124ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/helmyt/image/upload/w_525,h_250,c_fill,q_auto,f_auto/site/images/Hvar-Croatia.jpeg?mtime=20170203110854&focal=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

012a4cdd3fee6128595e1dd033d489460edcd019e9a01d3003a1c16ba7dd0260

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 12:30:11 GMT
server: Cloudinary
etag: "4dd019873ee3c5ebe4e216267c7fd394"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-04-25T13:38:58.093Z;desc=hit,rtt;dur=59
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 53152

GET
H3 200 traveller.png
www.helm.yt/a/ 3 KB
3 KB 107ms
107ms Image
image/png 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/traveller.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e915c1c166418843d283c6558767555431fe26b4ffb0ef4b60e794c631f387be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2933
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qsvblqA4ZN7G%2Fge4msudq%2BRO%2FlzvoJLGxhD8xvQvfwA1I9uuVvaCapsIQBmtIi%2FhCrua%2FAnmKPKvA8xMh%2FFCyPeWjC1l1zx%2BTDB9%2F8fIFNaeWI%2FcwmqT7K84cXWLS76xk9X8%2FYGAWL4Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b67db6683be-MXP

GET
H3 200 luxury-collection.png
www.helm.yt/a/ 2 KB
3 KB 119ms
119ms Image
image/png 2606:4700:3037::ac43:860a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.helm.yt/a/luxury-collection.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:860a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2523e679f215ff8a77afe29247f78c29c3dcb36ba4b31f1c9c074d9bcfa34969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.helm.yt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 13:38:57 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2063
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:26:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sI0h8h9oKY8YDwWV7dLgn2cLU6eQP1NC30bD30IzjLs7fAe3fifMVt97E7Bc3m1lyYyhhAGnOALp1WwI4twKsoAlczv2s0g4mG0kto7AwTleza4APVvbezlt06ADMInknIHYdTicP%2B%2FEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 70177b67db6a83be-MXP

GET
H2 206 Helm-yachting-holidays.mp4
res.cloudinary.com/helmyt/video/upload/w_1650,h_1200,c_fill,q_auto,vc_auto,ac_none/site/images/ 10 MB
0 769ms
769ms Media
video/mp4 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/helmyt/video/upload/w_1650,h_1200,c_fill,q_auto,vc_auto,ac_none/site/images/Helm-yachting-holidays.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.helm.yt/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 25 Apr 2022 13:38:58 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-22305149/22305150
server-timing: fastly;dur=667;cpu=1;start=2022-04-25T13:38:58.093Z;desc=miss,rtt;dur=59,cloudinary;dur=126;start=2022-04-25T13:38:58.466Z
vary: Save-Data
Content-Length: 22305150
last-modified: Tue, 18 May 2021 12:30:58 GMT
server: Cloudinary
etag: "703abdad48d8a7f65e05a14ec69e7f1d"
strict-transport-security: max-age=604800
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 11:56:29	Name: MUID Value: 3E005842BB396612189A49D3BAC267B1
.doubleclick.net/	1970-01-20 02:34:54	Name: test_cookie Value: CheckForPermission
.helm.yt/	1970-01-20 20:06:05	Name: _ga Value: GA1.2.1531740105.1650893936
.helm.yt/	1970-01-20 02:36:20	Name: _gid Value: GA1.2.68435653.1650893936
.helm.yt/	1970-01-20 02:34:53	Name: _gat Value: 1
.helm.yt/	1970-01-20 02:36:20	Name: _uetsid Value: 0dd52d10c49d11ec9289cfb41878c9ed
.helm.yt/	1970-01-20 11:56:29	Name: _uetvid Value: 0dd52750c49d11ecbf9b5137540dfb1a
.helm.yt/	1970-01-20 04:44:29	Name: _fbp Value: fb.1.1650893936276.164024237
.facebook.com/	1970-01-20 04:44:29	Name: fr Value: 00N0SVfvHArYaL3Fl..BiZqRw...1.0.BiZqRw.
.helm.yt/	1969-12-31 23:59:59	Name: chatlio_uuid--ad84811c-63f5-44e5-7e5a-609ae849805c Value: 7af3bf0a-5c85-4b07-ac9b-1946e12844e8
.helm.yt/	1969-12-31 23:59:59	Name: chatlio_rt--ad84811c-63f5-44e5-7e5a-609ae849805c Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE3MTM5NjU5MzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.l1s9ToQExrnx-r3At8GSOmVoMERcH0qfwjFQUY8w11I
.helm.yt/	1969-12-31 23:59:59	Name: chatlio_at--ad84811c-63f5-44e5-7e5a-609ae849805c Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiJhZDg0ODExYy02M2Y1LTQ0ZTUtN2U1YS02MDlhZTg0OTgwNWMiLCJleHAiOjE2NTA5MDExMzYsImlhdCI6MTY1MDg5MzkzNiwidnNVVUlEIjoiN2FmM2JmMGEtNWM4NS00YjA3LWFjOWItMTk0NmUxMjg0NGU4In0.XJFIz1PGXSvLzVc2Vfi98BpxJuOMicem5-veEsXUmGw
m.stripe.com/	1970-01-20 20:06:05	Name: m Value: ea333c61-357a-46d7-ada7-ca16533b866cefd12e
.www.helm.yt/	1970-01-20 11:20:29	Name: __stripe_mid Value: df1fd8d7-a1fe-4f23-af12-c958561c226e8eb576
.www.helm.yt/	1970-01-20 02:34:55	Name: __stripe_sid Value: c53b7840-8460-4ea0-b111-00a2c257df163023b7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.chatlio.com
bat.bing.com
c3.api.helm.yt
cdn.ravenjs.com
connect.facebook.net
googleads.g.doubleclick.net
helm.yt
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
res.cloudinary.com
stats.g.doubleclick.net
w.chatlio.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.helm.yt
142.250.186.162
143.204.98.36
151.101.64.176
167.99.86.109
2606:4700:10::ac43:2522
2606:4700:3034::6815:5f2
2606:4700:3037::ac43:860a
2620:1ec:c11::200
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::2004
2a00:1450:400c:c0b::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42::393
2a06:98c1:3120::7
34.216.95.44
52.41.155.243
54.187.159.182
00f71ec1d0a22b2c0b018f333c3dd8315782df8d92771eb43bd9747188cf7971
00f9700f33769f9a1291c32fcc1585e6b8990686bdd99fbc2fd19cf2e1666e56
012a4cdd3fee6128595e1dd033d489460edcd019e9a01d3003a1c16ba7dd0260
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0a751af58745de0af6996c8b9085d1376184f1cf92d961468298086c84499916
0e19d15ea5c70973ef6257882a3f4f1c6c4907849ad2f6e91fef3fbe62d2de7a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a7f253002006350333d4946b706e3227cc8d99855baeb484e8b0b2d121819d
1af8cb715efddc36a393b5ea8ae4d1f31ffaa945827e616eeb5b67861403714b
2523e679f215ff8a77afe29247f78c29c3dcb36ba4b31f1c9c074d9bcfa34969
28ffbec309cd5c739a84c98fb472c9eda8d9d3660045ff4067430e4c4e698b10
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
389482df813bd9b04fdead73eb42ca25b45744c7defeeb08a6f4e727e742f657
396f26b4b27f1ea50f587d40722491546b5fbc1d7bfb4c8479d83183370b141f
3a5f9665a7931d07071e25fc2d904f87acc8f40361731321178e13230ecb40a1
3b569518851e9df5fabc36fe228db62890b12756233907254287697142d1e55b
3da2e6ff1f163f8ccd78e837f47603dd4270fb0fe41e18ebe2b6a73966258439
5158cf5bb20189c4335f6caa942e80f2c4a10b5dae82bcb6a722bbfd3bbfac94
53015604ff6b3416998515dc6f75df6ec570b64e24a72685f454cfb479f1ca9e
54b4618b2e0e41a7dda7df4408219276ad68798a499667ddcbbfcfbc378f7452
5a4a5c7fab1980ae5ce68df7e7532c849e82a3eb897980be101c4136baf8c0e3
643d75a3ec79a577e0466495d233c61db53710a818eeb8fd0634c4fd29f97261
661508a5074d1eb03239a8b964e9e6a4cba7ffec6036355b5f76725067f55076
66c3943d540b88fafa0ea2f16db73dc3aa858e7686d727191142870a5e747c20
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7444e1c5bfbe9f6fc5122c516e6f760f028970bb4a54282da429bd8fc62fe4e7
74611653c48c84b1b5b64eeb929bbb40d4db305e7005bbdbfc7cec599ffe8c33
78492ce6d83e6c0a19986aa6624e7d8954643b367aa94f4f5047017d20a43293
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8395f37fc30d447640101fa4b2c9a31da5b159a2b28fa6d8513bdaa4dad0f6e4
852d249f77ccfe3d3593bd1ffa076f491c1e93788124276a95624f35d354b7a9
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8d45f86a0c1fbc9bf8dbc77f5a98b26fbcce1b15612e4bfbf80df6fbac487b96
9356e1188be0b686c9872920cbf07caf0685e2b9c15010970a8465512ca8d294
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ae0782eddba8baf21b1458e8d725a377bd80cf64c61e0bd5d4b5fd38c0dae1ff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01c6dc654c8ad9829241ac4da45112c40dd82f42b5bea05455dfda68d7d4b86
b3c414806e659b347c31f9205558d257b959cb5a465ba7c83943a3a8ca6aa59f
b57a4938197e73a77810ffd618f62f6b0ff23d72bb45e1c1a4d0679a7854936a
b69a4be2e6abb1ff0cf43d59bbfbdb52e7bea0bb2ef2569fbf50772ac0e4d44f
bec96eeb4d7340debee20004fee854f842c5d81380f9aec7aad9d8a6e221f466
bee99ebc09cd74adaf824ce2c0c88f9c9b618c1d7b516eacaff6b116643535df
c03655a41b88baf217824ed837e98726b64e25f4434bc7850b3d12d5377de967
c8a863d546411dedf08132a3bd75d9756a412c665ba0a5099ff1e9fcda8916f9
caf0371c487898551c861cfc5b773e4c706aec00bffdf0027ea0a06b9da43424
cdf8e625ffac73bd4c0f117e3adda42425566086086661162573790004b63fd7
d181c687d04047b54213c7fa0f5c1bae5f3a899712dd29a545984d91327c8ebf
d509647355554ef40404702c699ffabf05024c889cedcb330406a3926ef05469
dbbaec20f45f4a7276d9aec7f72924591e3cf53f9a917814a0d49a538269680e
e131e1be786419ebbc60482fc14d387918fc311995c95ed011fc6eb7d4bdf7d6
e31f7d26f474eaacbd4d2c043de1f21f79c497e8c3b1def07b9a780c011544fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e915c1c166418843d283c6558767555431fe26b4ffb0ef4b60e794c631f387be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5
f6b6f3ca65484cb156c74546ecb829059fcbb53337277a9f60172337ef7c91f0
fa2c175a0c9b12dbfae465a385fb0050bb7e609bf74622fa22227e506f53d4dc

www.helm.yt Open in urlscan Pro 2606:4700:3034::6815:5f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

67 %IPv6

15 Domains

21 Subdomains

21 IPs

4 Countries

1712 kBTransfer

15872 kBSize

15 Cookies

6 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.helm.yt Open in urlscan Pro
2606:4700:3034::6815:5f2 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

1712 kB
Transfer

15872 kB
Size

15
Cookies

78 HTTP transactions
0 data transactions