helixsavings.com/index-2.html
185.83.214.222200 OK 4.2 kB URL HTTP/1.1 helixsavings.com/index-2.html
IP 185.83.214.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (706)
Hash e86c38850a6a0b48d7cbc29dbd76130d
92311768594a73e3afd260143cf7fcec46f3ec83
0b12ff0f474608a83d1167b06435a39ad63ba9d6f17b37be1ac551eb1453265a
Analyzer Verdict Alert fortinet Phishing
GET /index-2.html HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4215
Connection: keep-alive
X-Powered-By: PHP/7.1.33-52+ubuntu20.04.1+deb.sury.org+1
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: http://helixsavings.com
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15078
Expires: Wed, 29 Mar 2023 17:04:42 GMT
Date: Wed, 29 Mar 2023 12:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Wed, 29 Mar 2023 15:41:45 GMT
Date: Wed, 29 Mar 2023 12:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 29 Mar 2023 15:32:45 GMT
Date: Wed, 29 Mar 2023 12:53:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 12:28:09 GMT
content-type: application/json
age: 1515
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5+TYxscrJI/rs78j55Slx6OcOSy0wYp8WS3Axxw4kHeh+/3+meSRE/xaI0mpgFjqFfRC7AswfI4=
x-amz-request-id: V4JYY6X269EX0E1B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 11:56:37 GMT
age: 3407
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
helixsavings.com/css/bootstrap-custom.min.css
185.83.214.222200 OK 5.2 kB URL HTTP/1.1 helixsavings.com/css/bootstrap-custom.min.css
IP 185.83.214.222:0
File type ASCII text, with very long lines (25011), with no line terminators
Hash d06023a3a7739c3b7ba9904f83801a02
6c6d72f90df1ef41b0ec42d4fe0ac778d70ecf89
1334089a055032bbfe82c476f9a47ee9b3b5fcfbc41c7fbe81cf23bdc6a94132
GET /css/bootstrap-custom.min.css HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: text/css
Content-Length: 5219
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "61b3-5f5e9a784a67d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
helixsavings.com/css/parking2.min.css?v=6
185.83.214.222200 OK 3.6 kB URL HTTP/1.1 helixsavings.com/css/parking2.min.css?v=6
IP 185.83.214.222:0
File type ASCII text, with very long lines (20636), with no line terminators
Hash 5cf2b01f9651658e25089bf3cd23966d
180057cebbc65913dcb36114d2d79641a315a3e8
c18a4ab8c98ff4ce903823e7103783d1e20dfec722f5f2262ec1bb0d8f2354ad
Analyzer Verdict Alert fortinet Phishing
GET /css/parking2.min.css?v=6 HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: text/css
Content-Length: 3636
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "509c-5f5e9a784b61d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
helixsavings.com/js/global.js?v=1
185.83.214.222200 OK 815 B URL HTTP/1.1 helixsavings.com/js/global.js?v=1
IP 185.83.214.222:0
Hash b8ffea10ebb902712bcfa786a9cebbb7
8ae6d6f6517ce28302841048640a4414227ec8c2
65489ebee4804ab5870c1e451b13ee9c1677e6175211dc7e107d73b920516ec0
GET /js/global.js?v=1 HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: application/javascript
Content-Length: 815
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "7bb-5f5e9a785237d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 984b3c0a304f8ba2db01a3f12e8e001c
ac10ab39e5a267b6e6ebe04b951c79bbe36e725b
bffa1d1093e32717f3aec37b61f5979b86dc5e72233a9c7a1b04c94a37312710
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFFA1D1093E32717F3AEC37B61F5979B86DC5E72233A9C7A1B04C94A37312710"
Last-Modified: Mon, 27 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8943
Expires: Wed, 29 Mar 2023 15:22:27 GMT
Date: Wed, 29 Mar 2023 12:53:24 GMT
Connection: keep-alive
helixsavings.com/images/opt/domain_pay_right2.jpg
185.83.214.222200 OK 8.4 kB URL HTTP/1.1 helixsavings.com/images/opt/domain_pay_right2.jpg
IP 185.83.214.222:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 295x71, components 3\012- data
Hash d70c93ec48ac59e0d518fae522712948
beb4793cacc2958842ed1994f4d120ed09127291
16d744b5dc6039026db6e80e61251a3959ff1c098969f21887ffc81884cd908b
GET /images/opt/domain_pay_right2.jpg HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: image/jpeg
Content-Length: 8427
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "20eb-5f5e9a784e4fd"
Accept-Ranges: bytes
helixsavings.com/images/opt/domain_pay_left2.jpg
185.83.214.222200 OK 7.2 kB URL HTTP/1.1 helixsavings.com/images/opt/domain_pay_left2.jpg
IP 185.83.214.222:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 295x71, components 3\012- data
Hash 243c9a45b6e1b7189f881cd1f4ea4c10
994682a93d63068cdaeda8641e03a2e667354783
b891313c9bdc259c1b5b99361e86fbdf16d1256d481ce21d98cdd56e1074a37e
GET /images/opt/domain_pay_left2.jpg HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: image/jpeg
Content-Length: 7204
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "1c24-5f5e9a784e4fd"
Accept-Ranges: bytes
helixsavings.com/images/opt/css_sprites.png
185.83.214.222200 OK 15 kB URL HTTP/1.1 helixsavings.com/images/opt/css_sprites.png
IP 185.83.214.222:0
File type PNG image data, 180 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash b0315122446d6025e63cd553c7fe065c
85d8fa7450c94cc70ca28ad07fc31a9b12280199
f9fbc88487b65700e274cd9554e3e270e18b5c0085d75403ca079d4010bbfc29
GET /images/opt/css_sprites.png HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/css/parking2.min.css?v=6
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: image/png
Content-Length: 14784
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "39c0-5f5e9a784e4fd"
Accept-Ranges: bytes
fonts.googleapis.com/css?display=swap&family=Open+Sans:400,600
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Open+Sans:400,600
IP 142.250.74.106:0
Hash 29fe1e174a1c8f465c32b6ccde995852
dc28a2cd4d2f4d285c12afb23f7ff9450c51b113
b898ebfd8d304b0fecc2fd2c45c2b8fda28ee022de95407213eb045c342ab509
GET /css?display=swap&family=Open+Sans:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://helixsavings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 12:53:24 GMT
date: Wed, 29 Mar 2023 12:53:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cust-api.trustratings.com/api/v1/widget/epik.com?background=white&orientation=horizontal
136.243.10.248200 OK 1.9 kB URL HTTP/1.1 cust-api.trustratings.com/api/v1/widget/epik.com?background=white&orientation=horizontal
IP 136.243.10.248:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4449), with CRLF line terminators
Hash 67f271feb27dabb535d7639a5b7e0ed7
7760ad35d2bc9059b6f672de741a650f9feaff02
235d33780af0a1e8a1d639437d3d348a866330e0d3f8d3ba8a7406b3e41d6bc5
GET /api/v1/widget/epik.com?background=white&orientation=horizontal HTTP/1.1
Host: cust-api.trustratings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://helixsavings.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 29 Mar 2023 12:53:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
ETag: W/"2c20-RqAh0cErAln3DLHjBHk0dw2qo+8"
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48efedb30693e8deb4df73629b7eceb8
8bcf211c1c1624170bd01382f7a79cad21d6f074
dc9b1b08fc19a2e47b0387225f9bf5431e1842e224929f6e636ce54eb0d9fe9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC9B1B08FC19A2E47B0387225F9BF5431E1842E224929F6E636CE54EB0D9FE9C"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 29 Mar 2023 18:53:24 GMT
Date: Wed, 29 Mar 2023 12:53:24 GMT
Connection: keep-alive
helixsavings.com/index-2.html
185.83.214.222200 OK 4.2 kB URL HTTP/2 helixsavings.com/index-2.html
IP 185.83.214.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (706)
Hash e86c38850a6a0b48d7cbc29dbd76130d
92311768594a73e3afd260143cf7fcec46f3ec83
0b12ff0f474608a83d1167b06435a39ad63ba9d6f17b37be1ac551eb1453265a
Analyzer Verdict Alert fortinet Phishing
GET /index-2.html HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://helixsavings.com
Connection: keep-alive
Referer: http://helixsavings.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: text/html; charset=UTF-8
content-length: 4215
x-powered-by: PHP/7.1.33-52+ubuntu20.04.1+deb.sury.org+1
cache-control: max-age=2592000
access-control-allow-origin: http://helixsavings.com
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/js/lab.min.js
185.83.214.222200 OK 1.7 kB URL HTTP/1.1 helixsavings.com/js/lab.min.js
IP 185.83.214.222:0
File type ASCII text, with very long lines (4493), with no line terminators
Hash 8fad69de47e5fc77fca5fa1919633d5d
862db45036d4fa4cc12d1a86108cb2cf67ebfccb
2923bca21647bf9fc2819c28bf2536464f33a3bb76344cdb0740bf86477e917b
Analyzer Verdict Alert fortinet Phishing
GET /js/lab.min.js HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://helixsavings.com/index-2.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:25 GMT
Content-Type: text/javascript
Content-Length: 1742
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2023 12:06:10 GMT
ETag: "118d-5f5e9a78542bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48efedb30693e8deb4df73629b7eceb8
8bcf211c1c1624170bd01382f7a79cad21d6f074
dc9b1b08fc19a2e47b0387225f9bf5431e1842e224929f6e636ce54eb0d9fe9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC9B1B08FC19A2E47B0387225F9BF5431E1842E224929F6E636CE54EB0D9FE9C"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Wed, 29 Mar 2023 18:53:24 GMT
Date: Wed, 29 Mar 2023 12:53:25 GMT
Connection: keep-alive
helixsavings.com/index-2.html
185.83.214.222200 OK 4.2 kB URL HTTP/2 helixsavings.com/index-2.html
IP 185.83.214.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (706)
Hash e86c38850a6a0b48d7cbc29dbd76130d
92311768594a73e3afd260143cf7fcec46f3ec83
0b12ff0f474608a83d1167b06435a39ad63ba9d6f17b37be1ac551eb1453265a
Analyzer Verdict Alert fortinet Phishing
GET /index-2.html HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://helixsavings.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: text/html; charset=UTF-8
content-length: 4215
x-powered-by: PHP/7.1.33-52+ubuntu20.04.1+deb.sury.org+1
cache-control: max-age=2592000
access-control-allow-origin: http://helixsavings.com
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/css/bootstrap-custom.min.css
185.83.214.222200 OK 5.2 kB URL HTTP/2 helixsavings.com/css/bootstrap-custom.min.css
IP 185.83.214.222:0
File type ASCII text, with very long lines (25011), with no line terminators
Hash d06023a3a7739c3b7ba9904f83801a02
6c6d72f90df1ef41b0ec42d4fe0ac778d70ecf89
1334089a055032bbfe82c476f9a47ee9b3b5fcfbc41c7fbe81cf23bdc6a94132
GET /css/bootstrap-custom.min.css HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: text/css
content-length: 5219
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "61b3-5f5e9a784a67d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/css/parking2.min.css?v=6
185.83.214.222200 OK 3.6 kB URL HTTP/2 helixsavings.com/css/parking2.min.css?v=6
IP 185.83.214.222:0
File type ASCII text, with very long lines (20636), with no line terminators
Hash 5cf2b01f9651658e25089bf3cd23966d
180057cebbc65913dcb36114d2d79641a315a3e8
c18a4ab8c98ff4ce903823e7103783d1e20dfec722f5f2262ec1bb0d8f2354ad
Analyzer Verdict Alert fortinet Phishing
GET /css/parking2.min.css?v=6 HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: text/css
content-length: 3636
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "509c-5f5e9a784b61d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/images/parking2/bg/a18.jpg
185.83.214.222200 OK 70 kB URL HTTP/2 helixsavings.com/images/parking2/bg/a18.jpg
IP 185.83.214.222:0
File type gzip compressed data, max compression\012- data
Hash deecf13b8fb2d73d841f4efeeb75f1bf
0984cd6d9f510daf453995ec88b21f8c791bc229
8dbeda9b88f0977ee201d16ea706468b576c775e835ebdc65a1a756c4adfa6cf
GET /images/parking2/bg/a18.jpg HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/jpeg
content-length: 69830
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "110c6-5f5e9a784f49d"
accept-ranges: bytes
X-Firefox-Spdy: h2
helixsavings.com/images/epik-domain-names-dark.svg?v=1
185.83.214.222200 OK 1.7 kB URL HTTP/2 helixsavings.com/images/epik-domain-names-dark.svg?v=1
IP 185.83.214.222:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (883)
Hash d6648f138119f2662a68fb9bb2ac29b6
188d9e053a614862df4310a74a7f7f7e8aa03ea3
b29ac61cee98045930cef165d8e938a4ce95191eb169acba0472d817692ed5a5
GET /images/epik-domain-names-dark.svg?v=1 HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/svg+xml
content-length: 1717
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "df4-5f5e9a784b61d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/js/lab.min.js
185.83.214.222200 OK 1.7 kB URL HTTP/2 helixsavings.com/js/lab.min.js
IP 185.83.214.222:0
File type ASCII text, with very long lines (4493), with no line terminators
Hash 8fad69de47e5fc77fca5fa1919633d5d
862db45036d4fa4cc12d1a86108cb2cf67ebfccb
2923bca21647bf9fc2819c28bf2536464f33a3bb76344cdb0740bf86477e917b
Analyzer Verdict Alert fortinet Phishing
GET /js/lab.min.js HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: application/javascript
content-length: 1742
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "118d-5f5e9a78542bd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
helixsavings.com/js/global.js?v=1
185.83.214.222200 OK 815 B URL HTTP/2 helixsavings.com/js/global.js?v=1
IP 185.83.214.222:0
Hash b8ffea10ebb902712bcfa786a9cebbb7
8ae6d6f6517ce28302841048640a4414227ec8c2
65489ebee4804ab5870c1e451b13ee9c1677e6175211dc7e107d73b920516ec0
GET /js/global.js?v=1 HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: application/javascript
content-length: 815
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "7bb-5f5e9a785237d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helixsavings.com/images/opt/css_sprites.png
185.83.214.222200 OK 15 kB URL HTTP/2 helixsavings.com/images/opt/css_sprites.png
IP 185.83.214.222:0
File type PNG image data, 180 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash b0315122446d6025e63cd553c7fe065c
85d8fa7450c94cc70ca28ad07fc31a9b12280199
f9fbc88487b65700e274cd9554e3e270e18b5c0085d75403ca079d4010bbfc29
GET /images/opt/css_sprites.png HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/css/parking2.min.css?v=6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/png
content-length: 14784
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "39c0-5f5e9a784e4fd"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 984b3c0a304f8ba2db01a3f12e8e001c
ac10ab39e5a267b6e6ebe04b951c79bbe36e725b
bffa1d1093e32717f3aec37b61f5979b86dc5e72233a9c7a1b04c94a37312710
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFFA1D1093E32717F3AEC37B61F5979B86DC5E72233A9C7A1B04C94A37312710"
Last-Modified: Mon, 27 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8942
Expires: Wed, 29 Mar 2023 15:22:27 GMT
Date: Wed, 29 Mar 2023 12:53:25 GMT
Connection: keep-alive
cust-api.trustratings.com/api/v1/widget/epik.com?background=white&orientation=horizontal
136.243.10.248200 OK 1.9 kB URL HTTP/1.1 cust-api.trustratings.com/api/v1/widget/epik.com?background=white&orientation=horizontal
IP 136.243.10.248:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4449), with CRLF line terminators
Hash 67f271feb27dabb535d7639a5b7e0ed7
7760ad35d2bc9059b6f672de741a650f9feaff02
235d33780af0a1e8a1d639437d3d348a866330e0d3f8d3ba8a7406b3e41d6bc5
GET /api/v1/widget/epik.com?background=white&orientation=horizontal HTTP/1.1
Host: cust-api.trustratings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 29 Mar 2023 12:53:25 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
ETag: W/"2c20-RqAh0cErAln3DLHjBHk0dw2qo+8"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.zdassets.com/ekr/snippet.js?key=1546ebb5-45e1-49c4-94dc-4b5d44a6d66c
104.18.72.113200 OK 6.7 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=1546ebb5-45e1-49c4-94dc-4b5d44a6d66c
IP 104.18.72.113:0
File type ASCII text, with very long lines (23376), with no line terminators
Hash bf45bc8124d3e0e8513a156a1e2dfb1b
de4aacab7ddda39ac5dc53e53adadfda84e3312c
f895d56fab15c189c734b3de28e4e81d896b16dbdc9d77face8d2d02eb4c2207
GET /ekr/snippet.js?key=1546ebb5-45e1-49c4-94dc-4b5d44a6d66c HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: application/javascript
x-amz-id-2: vkl1julFjVVCeNmySgpr0CNRnNfJywI5yFKEAhmXoe/uWDYwbA4IhGFy+L8LmCWyQKx50gi/QJef+yScKd3Lnw==
x-amz-request-id: YZEQVQ41XEPXQ8NK
x-amz-replication-status: PENDING
last-modified: Fri, 17 Mar 2023 01:24:00 GMT
etag: W/"35755063f184195a50a9c07a2c71693a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
cf-cache-status: HIT
age: 53
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhyMc7OM1HTijIVy1ywY%2BvVwu099vhTgFv5gR0o04LnasyPCZn%2FsmhIS3ZoNmmu86M219VpmGaIdFSmq8fYWWOSjhUKDsNVHnYQx8v1nUQBOAmclCZXt0YYTK6bjIez91dTaDD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af84171cb5cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helixsavings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 440804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helixsavings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 440803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helixsavings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:43 GMT
expires: Sat, 23 Mar 2024 10:26:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 440802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
helixsavings.com/images/opt/domain_pay_left2.jpg
185.83.214.222200 OK 7.2 kB URL HTTP/2 helixsavings.com/images/opt/domain_pay_left2.jpg
IP 185.83.214.222:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 295x71, components 3\012- data
Hash 243c9a45b6e1b7189f881cd1f4ea4c10
994682a93d63068cdaeda8641e03a2e667354783
b891313c9bdc259c1b5b99361e86fbdf16d1256d481ce21d98cdd56e1074a37e
GET /images/opt/domain_pay_left2.jpg HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/jpeg
content-length: 7204
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "1c24-5f5e9a784e4fd"
accept-ranges: bytes
X-Firefox-Spdy: h2
helixsavings.com/images/opt/domain_pay_right2.jpg
185.83.214.222200 OK 8.4 kB URL HTTP/2 helixsavings.com/images/opt/domain_pay_right2.jpg
IP 185.83.214.222:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 295x71, components 3\012- data
Hash d70c93ec48ac59e0d518fae522712948
beb4793cacc2958842ed1994f4d120ed09127291
16d744b5dc6039026db6e80e61251a3959ff1c098969f21887ffc81884cd908b
GET /images/opt/domain_pay_right2.jpg HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/jpeg
content-length: 8427
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "20eb-5f5e9a784e4fd"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 12:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?display=swap&family=Open+Sans:400,600
142.250.74.106200 OK 3.4 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Open+Sans:400,600
IP 142.250.74.106:0
File type ASCII text, with very long lines (7001)
Hash 221622190ab37dfc456c8c48d6623533
a8578406e41f6a434131a14675b326b8dc2e0eae
42f7afc71a8efd8edf59feadda6edb0ee7850bb268496db7fa03ceb42b95337b
GET /css?display=swap&family=Open+Sans:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 12:53:25 GMT
date: Wed, 29 Mar 2023 12:53:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Last-Modified, Expires, ETag, Cache-Control, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 12:14:36 GMT
age: 2329
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
helixsavings.com/favicon.ico
185.83.214.222200 OK 371 B URL HTTP/2 helixsavings.com/favicon.ico
IP 185.83.214.222:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e5f93189ac5093e9d1ed772f149846f
1e79acdbfe0eb635aa0b1bcedf824e3d5853e263
0db3d154eaa39a840ed30269a08cac5cb5d279e8a768790f2393a79c96cfe85b
GET /favicon.ico HTTP/1.1
Host: helixsavings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/index-2.html
Cookie: __opix_uid=1-fulrdghy-lftoudz7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: image/vnd.microsoft.icon
content-length: 371
last-modified: Thu, 02 Mar 2023 12:06:10 GMT
etag: "47e-5f5e9a784b61d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10745
Expires: Wed, 29 Mar 2023 15:52:30 GMT
Date: Wed, 29 Mar 2023 12:53:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb870c9b6f494e40a53e48aa6136201d
b6ac94dae1c00da47f1ebf0d29efeba79b0a0057
5c78244e25cbe99e9fde1943ac5b7ee53b56bca2ed24b090005dff457c9c5408
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C78244E25CBE99E9FDE1943AC5B7EE53B56BCA2ED24B090005DFF457C9C5408"
Last-Modified: Tue, 28 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9621
Expires: Wed, 29 Mar 2023 15:33:46 GMT
Date: Wed, 29 Mar 2023 12:53:25 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.158.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.158.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6aaf1T8+idxI4ITm8K4N0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kT1HLXljxGBJaS5zYHUAlI1becY=
pixel.epik.com/pixel.gif?id=parking&uid=1-fulrdghy-lftoudz7&ev=pageload&ed=helixsavings.com&v=1&dl=https%3A%2F%2Fhelixsavings.com%2Findex-2.html&rl=http%3A%2F%2Fhelixsavings.com%2F&ts=1680094428406&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=helixsavings.com%20-%20contact%20with%20domain%20owner%20%7C%20Epik.com&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=
102.223.180.96200 OK 42 B URL HTTP/1.1 pixel.epik.com/pixel.gif?id=parking&uid=1-fulrdghy-lftoudz7&ev=pageload&ed=helixsavings.com&v=1&dl=https%3A%2F%2Fhelixsavings.com%2Findex-2.html&rl=http%3A%2F%2Fhelixsavings.com%2F&ts=1680094428406&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=helixsavings.com%20-%20contact%20with%20domain%20owner%20%7C%20Epik.com&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=
IP 102.223.180.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pixel.gif?id=parking&uid=1-fulrdghy-lftoudz7&ev=pageload&ed=helixsavings.com&v=1&dl=https%3A%2F%2Fhelixsavings.com%2Findex-2.html&rl=http%3A%2F%2Fhelixsavings.com%2F&ts=1680094428406&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=helixsavings.com%20-%20contact%20with%20domain%20owner%20%7C%20Epik.com&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign= HTTP/1.1
Host: pixel.epik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsavings.com
Connection: keep-alive
Referer: https://helixsavings.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 12:53:26 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Mon, 09 Jan 2023 14:22:48 GMT
Connection: keep-alive
ETag: "63bc2338-2a"
Expires: Wed, 29 Mar 2023 13:53:26 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
epikcs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
104.16.53.111204 No Content 0 B URL HTTP/2 epikcs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
IP 104.16.53.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088 HTTP/1.1
Host: epikcs.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://helixsavings.com/
Origin: https://helixsavings.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 12:53:26 GMT
access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
vary: Origin
x-zendesk-zorg: yes
x-request-id: 7af841785fb70b51-IAD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTr54QZKSjiaB1zBtpAgdualaGHNvRejko0C9tpzfQulOujhg1kGeg18%2BjVlE2GCYi7hgehCe3CrKPlUVAdvLgTrC%2Bs8nDBcvZ7qLWQLtQCn0HmpWvyNSSSxy9x%2FhyZKhhPhgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=43d5ff455dacf2d56de35721d99d4deacca588ca-1680094406; path=/; domain=.epikcs.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af841785fb70b51-OSL
X-Firefox-Spdy: h2
epikcs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
104.16.53.111200 OK 0 B URL HTTP/2 epikcs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
IP 104.16.53.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088 HTTP/1.1
Host: epikcs.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsavings.com/
Content-Type: application/json
Origin: https://helixsavings.com
Content-Length: 508
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin
x-zendesk-zorg: yes
x-request-id: 7af8417929050b51-IAD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okg6FpzWvkhEOxowuvAZUyPLbzjs3dA1uXtKEdI%2Frorw%2BWCBMVIz3U6%2BYFLy%2FOcf0kFJcWtd%2BMeUyqMA3BJEDreSco52r3XVH%2BfeC84cQyq5QBVZTRqlHy68T5VzCQMZFeVY0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=43d5ff455dacf2d56de35721d99d4deacca588ca-1680094406; path=/; domain=.epikcs.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af8417929050b51-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Wed, 29 Mar 2023 13:30:19 GMT
Date: Wed, 29 Mar 2023 12:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Wed, 29 Mar 2023 13:30:19 GMT
Date: Wed, 29 Mar 2023 12:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Wed, 29 Mar 2023 13:30:19 GMT
Date: Wed, 29 Mar 2023 12:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Wed, 29 Mar 2023 13:30:19 GMT
Date: Wed, 29 Mar 2023 12:53:27 GMT
Connection: keep-alive
static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js
104.18.72.113200 OK 208 kB URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js
IP 104.18.72.113:0
File type ASCII text, with very long lines (65307)
Size 208 kB (207846 bytes)
Hash 4b0dc89ba7c8886e17801bd62b914a3b
1f46a0ef41d5e3db93fedd6dcf5a6422e515d18a
f1adcebe67c1fe071c4f75fee6db2c6f86dcc8e090276654f9dfadbafa556a5e
GET /web_widget/latest/messenger/web-widget-main-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 7CY4gNg1wuGSkXub6xt2qyCix3qJeiVH0Eqkb5tUk1phdDCcURWUJm4z0JJJ1wSAqvow3D8kOBY=
x-amz-request-id: 4ANA9WW213ARX0HB
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"2a7a35aeef02762e024fd5bff30dbdea"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:24 GMT
x-amz-version-id: olOcPjsMbt2uLvftNUzm_18c3QOJ7v.2
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkpMTjnZGLpI4SxDcaTugN9vrE93DXZcSkAJD7CVuvTXnqkzFGykOpbTg4HcJdl5t%2FxQsDn8qzIFRmilBxoXnm31RCxyo2v%2BPu3te5n8Kb9mIIw1JFEd%2BLDWcq7%2FM8KWp9cy9wI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841769d5fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 54987
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 54532
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js
104.18.72.113200 OK 8.7 kB URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js
IP 104.18.72.113:0
File type ASCII text, with very long lines (12567), with no line terminators
Hash d260cee53e6dbd9dbc9e95024c053cc0
6eb29ecd576f9e896342a49fa97cd10f832c145c
3d3c070ff3a36e8d788f776d0ee6106df3d627b1715a8720196426921d5808aa
GET /web_widget/latest/messenger/web-widget-3487-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: TPPZjDfCmjIgXtYb5fSDMR7L65AWfnyeWlhCSR3APpCK8GeHCCV8dc9UUZnQKEyQo3at5Aoi280=
x-amz-request-id: VSW50D2CZ4WE372X
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"1ee21198c6e244c8d7bf3bacbc6faa0f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: oD6M2RuSVTp_VfDe7Mc22J.9_zrjrF1m
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoSlhilLpzDc0mSQg94jFqLG5zuCZeoTNop13MZNjteawnL1pEWL%2Bj8lq8SETWbMsTBgQcU0or3kHD2zCyOSHGT962CQifeeQzNjj35YIWN3Jtx6YiiC2RZWVD5MESQ6UPqcfQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841782824b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js
104.18.72.113200 OK 13 kB URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js
IP 104.18.72.113:0
File type Unicode text, UTF-8 text, with very long lines (15381), with no line terminators
Hash 9e10df114b56abca37b9849cf13d694f
55ba24ee52ffeb0af01cf2474a1d911bc35d9f1e
3ba5cd73828bcf029f0d724feb93e19646392f86d67d70c9700d7b91f3989ece
GET /web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: RYdXOOKy1HOtgMm47xOnJKo3dRijpuMMyO1zDXpqYGfBkoZqDJ87+CV25KodhDqSc/z8+nhbn44=
x-amz-request-id: PF8MPK7NAMWDBKEJ
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:27 GMT
etag: W/"8340513af1527c72129bdfd58adc8b99"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:26 GMT
x-amz-version-id: t3AJIslMO6V4cKu0AIZXQursbNfEozLo
cf-cache-status: HIT
age: 50173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DUAF7djh%2Bfdsy%2FXg0l7r3DHAiwQYgsTeQPeSMDPmvKONSOCnUfEljNzi9wojmQ42ehFyOP4%2BwWEbzt%2FDDHyyXy4vN2rIn5VQsHxQtHQ9ZhsxNc018%2Boc06geMgZ%2Bu%2BYwLy%2Frts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841781801b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 54570
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js
IP 104.18.72.113:0
GET /web_widget/latest/messenger/web-widget-4852-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: gmyPiIPiaHNKNt9QM+fEzjdKobmVbgGolEwOMh7QjVSuSpX4sqTR2CRhWSIOHLWuh6kEUWZy77g=
x-amz-request-id: VSWAP6674S1VA6CQ
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"b361c19a9af081b357568069aa583838"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: lCJr6G0FRoRJ3k9B7NLo_j8rphrHyr3h
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF2Xp1CdprJ%2Bz3Sq%2BAu5U3E1mvwHjO4pNGGGMUHcoSx%2B5H%2FQp9K0RyMRWqgF9ulRo8%2Fu7Js%2BywAtU8H3suXab1b90V2NKRWukJPCnHQGnME6k1A3kJ%2F8IfOfLvYNEgbaH2wQDd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af84178281cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-3789-660d3cb.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-3789-660d3cb.js
IP 104.18.72.113:0
GET /web_widget/latest/messenger/web-widget-3789-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: DnRzO4kZ2aL67eSj6ZrzqbA2DVNEqw53EI4vbzriZWMXdTvk3wkEbNlUqPBX661//his2bZScKs=
x-amz-request-id: VSW6M9HMY3N8E7M0
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"6af06a25e69c609f5b52830fc5e8a62d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:24 GMT
x-amz-version-id: aES7C0WvHMN3603MIPwjba4g3yfMyK.E
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt35DFNmFeE%2BDoEJ9sg1ZSZSHvuoq%2FPNr8YBqQN6RCFaSJRf3OYHFPJ1Sffw0%2BC3TeytrF1pRfkLSXuq6IDkMS4ADmFON6kKeZdk7Q4Rj6p27mxPZ9jaL3SFGzQy2m2u3MVpTlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841782826b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js
IP 104.18.72.113:0
GET /web_widget/latest/messenger/web-widget-3017-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Z0h1mXL70uJbSKY84MZUkL0ClBFu6c+nSOua+oCuPf20Sy5K231aBFbUuzVh55EY5fdYZgayqko=
x-amz-request-id: VSWBW6N0BZ8APV9P
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"40d0e2b632d1b990738af3991e0aecb1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: ina_PZ0M7y.dw_MpptgwKDF7jcD.KIMt
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6GYmRXl6RbICqJhE4LeQ%2BHVUQqdghJzLDzHJC9L8HuaEgZ1NvN7Z5XTxuLU%2BXC%2B%2F4XUO8iOcyPjXmOo3BxxRxmLV2YWWbJ%2F3EmKyFjB4LOLXtfa7QkGwg%2FECmllAO7pMP0B0nY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841782822b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/1546ebb5-45e1-49c4-94dc-4b5d44a6d66c
104.18.70.113200 OK 0 B URL HTTP/2 ekr.zdassets.com/compose/1546ebb5-45e1-49c4-94dc-4b5d44a6d66c
IP 104.18.70.113:0
GET /compose/1546ebb5-45e1-49c4-94dc-4b5d44a6d66c HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsavings.com
Connection: keep-alive
Referer: https://helixsavings.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"6fd8a06750a92113f4da9473c634bde0"
x-request-id: 7af841725936b4f7-SEA, 7af841725936b4f7-SEA
x-runtime: 0.004391
x-zendesk-zorg: yes
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM9DdVSW0uYsJL%2FD4mf10voDMtEaq5EIGNfs%2BpSwSQolzMo%2Fo0KuVYIEfaC5CXb7E6rfb4fRneg%2FHxn%2FkZ74Mp9N16sEIVx5pxXxOeYH7z4mDmszf2j1sfFUB6H1NIm15LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841725936b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Roboto:400,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Roboto:400,900
IP 142.250.74.106:0
GET /css?display=swap&family=Roboto:400,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://helixsavings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 12:53:24 GMT
date: Wed, 29 Mar 2023 12:53:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Roboto:400,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Roboto:400,900
IP 142.250.74.106:0
GET /css?display=swap&family=Roboto:400,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsavings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 12:53:25 GMT
date: Wed, 29 Mar 2023 12:53:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js
IP 104.18.72.113:0
GET /web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:25 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: gNSA5Gt4/K0ICYGAzIy9UajPykspKEpvgbLnLyBqWhLEmVM/1g9YG17rW5MbJycWvulAOIOZzfs2bUov//fjlw==
x-amz-request-id: YJT0A6KT9BJN81GW
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:52:42 GMT
etag: W/"9a22523a174d61325929e2f2b3281227"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:52:41 GMT
x-amz-version-id: sF00I9ZP2P.ZPdpa8jMGTZwYs_mUbya7
cf-cache-status: HIT
age: 50209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc%2FmJMDy1MBJJ5u7KNOE3kiND6DIwocQJTIGotxs%2Flk%2FlSW2rNclePutvsuUkkbqIAMuDJ0O7NFpdBb7t2qnIB3%2BNC1AsinfT0IbH6YQUXdl81g3fzQm6PPIld2Ulj58wJ6%2BW3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841747921b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
epikcs.zendesk.com/embeddable/config
104.16.53.111200 OK 0 B URL HTTP/2 epikcs.zendesk.com/embeddable/config
IP 104.16.53.111:0
GET /embeddable/config HTTP/1.1
Host: epikcs.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsavings.com/
Origin: https://helixsavings.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-68c59c775b-7vqk9
x-request-id: 7af8417589c60b51-IAD
x-runtime: 0.002811
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Wed, 29 Mar 2023 12:51:41 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTT98szxwKirL0mHLG%2BLYaXqqnrlZgac9bq%2BHuSb98Mxb8XvWOk3VI%2F7EE7Hjqaf%2FJUAgtD4TaMrnQlCxL42%2BPla2AZStZJi13Pb0uY%2FQC9uIl8SQXULbwrhSMPUu3FE47vEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=43d5ff455dacf2d56de35721d99d4deacca588ca-1680094406; path=/; domain=.epikcs.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af8417589c60b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/messenger/web-widget-6315-660d3cb.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/messenger/web-widget-6315-660d3cb.js
IP 104.18.72.113:0
GET /web_widget/latest/messenger/web-widget-6315-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 12:53:26 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: /cEGAu9qkZDaW3a0Y5R20PfFbxfSYD7jSNcAgIxGRTTC9uH5Z9u408u1+px6OjnWbbPVj03wtbA=
x-amz-request-id: VSWCSXJ998KTTHS2
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"f98270473d8b868d9890fe3be24a1a82"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: ZCYKjS6R0SvnZ2uXsM4yp4HqVDMCLho6
cf-cache-status: HIT
age: 50200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG47YBJMaY90UwaNpxI9EKNbn64ad74L24vuB4QCJfEWEGfcVib1paery0O%2BdZVD2BFmOrunBPFHqxPpqLR2TWy1xBa0BRfXgZw3gfRCTo3FPbAGG8Q0iKyi8JU7gjclPRbMCaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7af841782825b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2