zerossl.ocsp.sectigo.com/
172.64.149.23 727 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 39c2e5c6e8b44005483f24c772a6ea52
eeabf5645bde20ad9a9e8c9f2b2f48e749f7374d
e9475be0e828c079e53aa2505d0bc5a7fd7842debcb6bb85da6ddd3b60f7ce9a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 May 2024 14:50:14 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 10:09:00 GMT
Expires: Tue, 07 May 2024 10:08:59 GMT
Etag: "eeabf5645bde20ad9a9e8c9f2b2f48e749f7374d"
Cache-Control: max-age=500924,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87d095317a211c02-OSL
helixsleep.com/privacy?utm_campaign=2024__MDS__Email_1&utm_content=2024__mds__email_1_message_b&utm_medium=email&utm_source=zaius&zm64_id=cmJlY2tAc2hlcGFyZHN0ZWVsLmNvbQ==
167.172.14.23301 Moved Permanently 390 B URL User Request GET HTTP/1.1 helixsleep.com/privacy?utm_campaign=2024__MDS__Email_1&utm_content=2024__mds__email_1_message_b&utm_medium=email&utm_source=zaius&zm64_id=cmJlY2tAc2hlcGFyZHN0ZWVsLmNvbQ==
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash a9a406c448c9e0d4bc6c801f78db7164
d44006a78edc83e44abab704ef3b68c802057d02
30ac1767e746b221c3c135282f600ccb973df4e2e7b20c400ecfe190fbd33ff6
GET /privacy?utm_campaign=2024__MDS__Email_1&utm_content=2024__mds__email_1_message_b&utm_medium=email&utm_source=zaius&zm64_id=cmJlY2tAc2hlcGFyZHN0ZWVsLmNvbQ== HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: nginx
content-type: text/html; charset=UTF-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=RY1JVkGjsxZY~JNJxZTb1OuYWM63cG2YyNzNhxMa0SUu5en2Q~Jk98g8HBUUplOHgY1hsBkoD9HRv0dmYaotrVedaReMRSLQTZyufHAwsaH~AM1QRYMTbhsMSD7VHK2I; Max-Age=31536000; Domain=.helixsleep.com; Path=/; Secure; SameSite=Lax
date: Wed, 01 May 2024 14:50:14 GMT
location: https://helixsleep.com/pages/privacy
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
transfer-encoding: chunked
helixsleep.com/pages/privacy
167.172.14.23200 OK 76 kB URL User Request GET HTTP/1.1 helixsleep.com/pages/privacy
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (809)
Hash 38aa5f794105154dee470db1ea0c4d97
2cb5023718722d6e2a421036669293f1cff87225
bbbcdfa4743f23e19ecce9a7133e9a43fa5790b0247ba59f9e3db72d73f8a669
GET /pages/privacy HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: datadome=RY1JVkGjsxZY~JNJxZTb1OuYWM63cG2YyNzNhxMa0SUu5en2Q~Jk98g8HBUUplOHgY1hsBkoD9HRv0dmYaotrVedaReMRSLQTZyufHAwsaH~AM1QRYMTbhsMSD7VHK2I
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
date: Wed, 01 May 2024 14:50:14 GMT
request-id: f114e4f9-7722-4582-9981-46a7125b03c2
x-robots-tag: all
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; Max-Age=31536000; Domain=.helixsleep.com; Path=/; Secure; SameSite=Lax
XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; expires=Sat, 11 May 2024 14:50:15 GMT; Max-Age=864000; path=/; secure; samesite=lax
stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; expires=Sat, 11 May 2024 14:50:15 GMT; Max-Age=864000; path=/; httponly; samesite=lax
strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; expires=Sat, 26 Apr 2025 14:50:14 GMT; Max-Age=31103999; path=/; secure; httponly; samesite=lax
strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9; expires=Sat, 26 Apr 2025 14:50:14 GMT; Max-Age=31103999; path=/; secure; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
transfer-encoding: chunked
helixsleep.com/helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5
167.172.14.23200 OK 30 kB URL GET HTTP/1.1 helixsleep.com/helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 391e2057b30816388cf116d486262aa5
9c4e713256404306e3372fd80793f0045b4d6bfa
49dc71d6fc9384c1052ec000e03f6d595b1a9145b546bb17950e68d2cbe39bad
GET /helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:15 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 16:34:56 GMT
vary: Accept-Encoding
etag: W/"662a8630-27bcf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
transfer-encoding: chunked
helixsleep.com/vendor/equalweb/css/equalweb.css
167.172.14.23200 OK 47 B URL GET HTTP/1.1 helixsleep.com/vendor/equalweb/css/equalweb.css
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
Hash d32ef9af2e834ddfba91af7250b1842f
396f64d3c9124812b4d13f429383079d08b85681
01b45e664331d13608e3f162fbb5d917a88a7b0f03fe3d8a1c02aa90b3d3752b
GET /vendor/equalweb/css/equalweb.css HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:15 GMT
content-type: text/css
content-length: 47
last-modified: Thu, 25 Apr 2024 16:35:14 GMT
etag: "662a8642-2f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
cmp.osano.com/AzyzxlTvcbPa24v4f/ba2e3af1-9210-4142-a2d3-8bdb89d0792e/osano.js
108.157.229.87200 OK 63 kB URL GET HTTP/2 cmp.osano.com/AzyzxlTvcbPa24v4f/ba2e3af1-9210-4142-a2d3-8bdb89d0792e/osano.js
IP 108.157.229.87:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subject*.osano.com
Fingerprint19:94:CF:1F:C5:46:88:1E:E2:4A:57:C3:F7:26:EA:B0:8A:E2:50:02
ValidityWed, 18 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65473)
Hash 513e787aa196e62f5e57193ef380e7a9
063739cd0d7921e7b7fed42dfa244238334019d7
12930180dd926e448ac478df2a1618c5d34b4e1b3396f6f2ef93e44c35df7220
GET /AzyzxlTvcbPa24v4f/ba2e3af1-9210-4142-a2d3-8bdb89d0792e/osano.js HTTP/1.1
Host: cmp.osano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 63028
server: CloudFront
date: Wed, 01 May 2024 14:50:15 GMT
etag: "9ab4eaa26fd114fc5126dab81bc56dc7"
last-modified: Thu, 21 Mar 2024 14:33:39 GMT
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 3130c9b603e4215bb05d32cd39e3843c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Tg0OmPuLM5dZ_-1J0_7aC1CcnmDTt4qY9KrEurUuWSQGJEX3exdwvQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
vary: Origin
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash 9ac4e954882b445917e9416995af3eee
c7b17302e86da87ca26d49b3f4dff3377bd57235
5e187d7ce799a158f624fd7a9ae476010326cd3c89ae40828fce191164c94d05
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 01 May 2024 14:50:15 GMT
Last-Modified: Wed, 01 May 2024 13:06:30 GMT
Server: ECAcc (ska/F73A)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3LPNLEPrXgSolc80A8SoAbLVnrZ0LXKcsOXzvcf3vFC0F99a2OCgGQ==
Age: 6225
helixsleep.com/vendor/livewire/livewire.js?id=90730a3b0e7144480175
167.172.14.23200 OK 46 kB URL GET HTTP/1.1 helixsleep.com/vendor/livewire/livewire.js?id=90730a3b0e7144480175
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (53585)
Hash 0e377e741f7d57da94c0d5aed41693cd
f2619196a61c34b00491f62774a84f778134b974
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
GET /vendor/livewire/livewire.js?id=90730a3b0e7144480175 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 16:35:14 GMT
vary: Accept-Encoding
etag: W/"662a8642-2aae3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
transfer-encoding: chunked
helixsleep.com/helix-sleep/js/app.js?id=1e0abbe5800fcfc1b7de14dd2c5d76a7
167.172.14.23200 OK 66 kB URL GET HTTP/1.1 helixsleep.com/helix-sleep/js/app.js?id=1e0abbe5800fcfc1b7de14dd2c5d76a7
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65475)
Hash 1e0abbe5800fcfc1b7de14dd2c5d76a7
17c33a62534991acc33bfcd0417538c4cc27b80f
c9dd91284b38c0d7df741d2be78782ef929fdf7235aa1d63b276bd9fb2222aca
GET /helix-sleep/js/app.js?id=1e0abbe5800fcfc1b7de14dd2c5d76a7 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 16:34:52 GMT
vary: Accept-Encoding
etag: W/"662a862c-36558"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
transfer-encoding: chunked
helixsleep.com/fonts/nunito-sans-v15-latin-700.woff2?b10b66301caf3f433b7d304da31584bf
167.172.14.23200 OK 14 kB URL GET HTTP/1.1 helixsleep.com/fonts/nunito-sans-v15-latin-700.woff2?b10b66301caf3f433b7d304da31584bf
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 13800, version 1.0
Hash b1dbfae82af26241582369e39889929a
e3dc6d64ebb928128ed3f742114fd92672193cdd
584b7ea76630df7ed8b8b8c96cf3fdb9971dff1eebf294b493f561a808eabc3c
GET /fonts/nunito-sans-v15-latin-700.woff2?b10b66301caf3f433b7d304da31584bf HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:16 GMT
content-type: font/woff2
content-length: 13800
last-modified: Thu, 25 Apr 2024 16:32:19 GMT
etag: "662a8593-35e8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
helixsleep.com/fonts/nunito-sans-v15-latin-300.woff2?1463ac457db1d4afa3a3f40467ea3278
167.172.14.23200 OK 14 kB URL GET HTTP/1.1 helixsleep.com/fonts/nunito-sans-v15-latin-300.woff2?1463ac457db1d4afa3a3f40467ea3278
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 13724, version 1.0
Hash 561d401d959b578cba366dd708b5daad
748f95e67be056d09374ed3eb9f481fe24b0e74f
b5b7090adec01fe538f614831a5b06096a80f095d9f4096911410e7f867dbfcc
GET /fonts/nunito-sans-v15-latin-300.woff2?1463ac457db1d4afa3a3f40467ea3278 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:16 GMT
content-type: font/woff2
content-length: 13724
last-modified: Thu, 25 Apr 2024 16:32:19 GMT
etag: "662a8593-359c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-NZKZRXC
142.250.74.168200 OK 128 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NZKZRXC
IP 142.250.74.168:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File type JavaScript source, ASCII text, with very long lines (37754)
Size 128 kB (128460 bytes)
Hash 9e66aec66e3a5409cf137aac0162686e
383b3bba761c370045509f1db243c6b661fa3c98
d6466fc185b6eaaf593e475f91c057f7140a3dabd0108f95617d5028f5e8056d
GET /gtm.js?id=GTM-NZKZRXC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 14:50:16 GMT
expires: Wed, 01 May 2024 14:50:16 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 128460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
helixsleep.com/fonts/nunito-sans-v15-latin-900.woff2?487fe4434881b3922c74d206cafd17df
167.172.14.23200 OK 14 kB URL GET HTTP/1.1 helixsleep.com/fonts/nunito-sans-v15-latin-900.woff2?487fe4434881b3922c74d206cafd17df
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 13972, version 1.0
Hash f2bea68eb1be74f499839dbc9789e955
500eb40fb8225402044e830e6b363ca66e231e32
47257cb846c449c015c125754a901717db4e69a5d9d89d7d3d4a00903e15a553
GET /fonts/nunito-sans-v15-latin-900.woff2?487fe4434881b3922c74d206cafd17df HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/helix-sleep/css/app.css?id=391e2057b30816388cf116d486262aa5
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:16 GMT
content-type: font/woff2
content-length: 13972
last-modified: Thu, 25 Apr 2024 16:32:19 GMT
etag: "662a8593-3694"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
cdn.equalweb.com/core/3.0.0/accessibility.js
104.26.12.95200 OK 13 kB URL GET HTTP/2 cdn.equalweb.com/core/3.0.0/accessibility.js
IP 104.26.12.95:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectequalweb.com
FingerprintD5:68:EB:BD:47:52:95:A8:8C:5A:FA:64:B2:8E:7C:D9:F0:B4:C7:A7
ValiditySun, 31 Mar 2024 01:06:39 GMT - Sat, 29 Jun 2024 01:06:38 GMT
File type JavaScript source, ASCII text, with very long lines (34573), with no line terminators
Hash 7cfd1c0a66e93dddc4a621b884936532
3370a759aa2dcd5a6fdc98dd1ae9721d430fdbf3
079042fbafba3d4712b389a3fc3aa50c889afd39a9154cc06a106b65e2aa508a
GET /core/3.0.0/accessibility.js HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:16 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Sun, 28 Feb 2021 12:13:32 GMT
etag: W/"03e5d21cbdd71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-frame-options: deny
content-security-policy: default-src 'self' ;
cf-cache-status: HIT
age: 76327
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkwyAvoZkGLBNybdrSzhbsbsDoq3TfEpP4Dp9%2Be0dgWWuuu3L9stoBKuxA2ugGA56lRWZXClzvCRMFPqIudKKvBd6Ie0sJjcdJnOB1lhag4V8zhve3mBOTEeY%2BUF0rW9W80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d0953d5f4b0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
shopify-gtm-suite.getelevar.com/getelevar/3.16.0/dl-custom-pages.js
34.120.58.162200 OK 9.8 kB URL GET HTTP/2 shopify-gtm-suite.getelevar.com/getelevar/3.16.0/dl-custom-pages.js
IP 34.120.58.162:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectshopify-gtm-suite.getelevar.com
FingerprintAB:DE:7D:48:DD:D6:59:38:FE:D0:56:56:A0:89:90:55:11:83:59:9E
ValiditySat, 13 Apr 2024 23:41:09 GMT - Sat, 13 Jul 2024 00:35:03 GMT
File type JavaScript source, ASCII text, with very long lines (17239)
Hash ee1c3b241878c4651b6ab9131f638304
160cb81ceea86ec333c15b76693f5b76291ec344
2061fc4862578a68cf34664d53450cd36ff22cf256173aa869631354ca38755d
GET /getelevar/3.16.0/dl-custom-pages.js HTTP/1.1
Host: shopify-gtm-suite.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-goog-generation: 1714486004653161
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9762
content-encoding: gzip
x-goog-hash: crc32c=yKt62w==, md5=QKXIbGip0ZOYP7/qwjzTRA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 9762
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: ABPtcPowJTh3UAtvSy17F3rVkUJwRkH7NCzyHB-KlF5haUEvX3nkfTF3FIjJUhXgjg6tFKLgW1XOGFZtXw
server: UploadServer
date: Tue, 30 Apr 2024 14:19:27 GMT
expires: Wed, 30 Apr 2025 14:19:27 GMT
cache-control: no-transform
last-modified: Tue, 30 Apr 2024 14:06:44 GMT
etag: "40a5c86c68a9d193983fbfeac23cd344"
content-type: text/javascript
age: 88249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
helixsleep.com/images/helix-sleep/apple-touch-icon.png
167.172.14.23200 OK 984 B URL GET HTTP/1.1 helixsleep.com/images/helix-sleep/apple-touch-icon.png
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash e0cecf7fdb432e3aba16348e93340292
0f2ac049996b9fcc01b74c8b85e42a7f74b2f9aa
6d2df8550d55477207d8717b05464f540a24bcd67099b5b29a16b4fefd6e1e2b
GET /images/helix-sleep/apple-touch-icon.png HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:16 GMT
content-type: image/png
content-length: 984
last-modified: Thu, 25 Apr 2024 16:32:19 GMT
etag: "662a8593-3d8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
cdn.equalweb.com/style/btncolor.css
104.26.12.95200 OK 752 B URL GET HTTP/2 cdn.equalweb.com/style/btncolor.css
IP 104.26.12.95:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectequalweb.com
FingerprintD5:68:EB:BD:47:52:95:A8:8C:5A:FA:64:B2:8E:7C:D9:F0:B4:C7:A7
ValiditySun, 31 Mar 2024 01:06:39 GMT - Sat, 29 Jun 2024 01:06:38 GMT
File type ASCII text, with CRLF line terminators
Hash 1fd7ae86134b19fa7b7fa31c4d8be511
7c5b00544cef5408f8eb0c894faa0ef16ac8a0f6
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
GET /style/btncolor.css HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:16 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-frame-options: deny
content-security-policy: default-src 'self' ;
cf-cache-status: HIT
age: 76320
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GKVp90dbZRkaVfyJn3P1EOXBcYO3pFjNP8JSodUvzeZHCFN8J5Y9Lus2Yfz%2FsIhR4lCA8RjjzezbT1BTkS6RovZ0NUaLfJinfwtWik4bz4q%2FX1sH%2B78bT%2FOaYNAJD4H88Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d0953ea8440b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1igp3oop3iho5.cloudfront.net/v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js
108.157.232.28200 OK 38 kB URL GET HTTP/2 d1igp3oop3iho5.cloudfront.net/v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js
IP 108.157.232.28:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 8e09d81a006b075b23c89fa938d9f39a
62c610a904c3ae6162473c34caf94e9972f7c48a
35ad8340dcb626912429270e7a990841d78a5f8ccfb39831dd4a7ed86ebeabf1
GET /v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js HTTP/1.1
Host: d1igp3oop3iho5.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Mon, 26 Feb 2024 12:29:16 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8q0OqXtBTwOKp4KKXXTfT4e1s0_gEcKM
server: AmazonS3
content-encoding: gzip
date: Wed, 01 May 2024 08:14:35 GMT
etag: W/"02e39f316194901f03a2c2364228694f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ipjieVuz7ifpjbkGb2GxHCukUzjqBWGI6pFZYPHel_neaSE1VeSWpA==
age: 23742
X-Firefox-Spdy: h2
cdn.equalweb.com/assets/scripts/locale.js
104.26.12.95200 OK 10 kB URL GET HTTP/2 cdn.equalweb.com/assets/scripts/locale.js
IP 104.26.12.95:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectequalweb.com
FingerprintD5:68:EB:BD:47:52:95:A8:8C:5A:FA:64:B2:8E:7C:D9:F0:B4:C7:A7
ValiditySun, 31 Mar 2024 01:06:39 GMT - Sat, 29 Jun 2024 01:06:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (26970), with no line terminators
Hash 83a537a8e0357d2878933f729c7e7bd6
3dca39a52254933c1c6520aeb69277d4c30fce7a
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
GET /assets/scripts/locale.js HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:16 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
etag: W/"80d59982334d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-frame-options: deny
content-security-policy: default-src 'self' ;
cf-cache-status: HIT
age: 76320
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUCqiW6XQMfSBiH7kjuBE8YcnXaTCyxo4vwKSH3xUosgMrn1ImdONKbt7enjNZEJfGEZ6%2B3SOW5izz9kncuoupXbGiZzAZQkslgTLtTkaW300vd7uYegB5C2haCXZDKltmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d0953eb84b0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=AW-954616282&l=dataLayer&cx=c
142.250.74.168200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=AW-954616282&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File type JavaScript source, ASCII text, with very long lines (4179)
Hash 394380cd0ec64be0d0f3331e1cfb002b
37fbcc49ea80d1a7c4161ce72ff86ae3a31e8732
02108239118b6f7ca69376ab91b975322a52be2fef50f27e69d2af68e5e13711
GET /gtag/destination?id=AW-954616282&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 14:50:17 GMT
expires: Wed, 01 May 2024 14:50:17 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtag/destination?id=AW-810216059&l=dataLayer&cx=c
142.250.74.168200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=AW-810216059&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File type JavaScript source, ASCII text, with very long lines (4179)
Hash 0802d07a0452480ab0d2982008ef5a10
4ac9f373e28b64eb7fcef001029a81f8616634b2
792257869ba19b2ffb92afb9c9c05a5082b577093f8ac620226ced575ac9025b
GET /gtag/destination?id=AW-810216059&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 14:50:17 GMT
expires: Wed, 01 May 2024 14:50:17 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.equalweb.com/style/default.css
104.26.12.95200 OK 2.9 kB URL GET HTTP/2 cdn.equalweb.com/style/default.css
IP 104.26.12.95:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectequalweb.com
FingerprintD5:68:EB:BD:47:52:95:A8:8C:5A:FA:64:B2:8E:7C:D9:F0:B4:C7:A7
ValiditySun, 31 Mar 2024 01:06:39 GMT - Sat, 29 Jun 2024 01:06:38 GMT
File type ASCII text, with very long lines (11257), with no line terminators
Hash 1d8a2d3999f61bfb64c672793ed6e134
52d0efeb0681bd08615354ce725b7d457350f293
73f15b4f49ab793e521ac0bb242445e36ff3b912e1d3fbbf01e35085dde606a1
GET /style/default.css HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:16 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Wed, 08 Nov 2023 16:49:52 GMT
etag: W/"0b8e0976312da1:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-frame-options: deny
content-security-policy: default-src 'self' ;
cf-cache-status: HIT
age: 62541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWExUyhnj%2BW%2B2LOLS4%2FN4rNRn0rVNlueelQdrSUnecfZm2IStk%2BV3vKu8ZOagUT%2FBBAR7M3zyZuMo6GuWFBWMbp%2BYE8q8UAWG86h%2BxZEZIHdr4NZyi%2BOFqsydYvZhr9eRYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d0953ea8410b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=251437a1-bd84-48a1-bb87-1c0d5ac4ee8d
104.18.70.113200 OK 9.1 kB URL GET HTTP/2 static.zdassets.com/ekr/snippet.js?key=251437a1-bd84-48a1-bb87-1c0d5ac4ee8d
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (10187), with no line terminators
Hash c0053b411b753138af468db1bd3b19f3
7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
GET /ekr/snippet.js?key=251437a1-bd84-48a1-bb87-1c0d5ac4ee8d HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:15 GMT
content-type: application/javascript
x-amz-id-2: z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
x-amz-request-id: 16EJPM9K30XP37FF
x-amz-replication-status: COMPLETED
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
etag: W/"c0053b411b753138af468db1bd3b19f3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
cf-cache-status: HIT
age: 53
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VL7hZDCtRbMEvj4rABrJaolLGDVBMp8laVVFWsOGwXCDdj6vYemVuqCfQhZRy7okFVuh%2FLhfaiQRt2QfL7c6pJqQcDMcWcqpRUR9p1kOHjg226ecnjHSPqUajjMkkkFhtA43cmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09537f9ff56af-OSL
content-encoding: br
X-Firefox-Spdy: h2
data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd
44.208.37.64200 OK 43 B URL GET HTTP/1.1 data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd
IP 44.208.37.64:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subjectadxcel-ec2.com
Fingerprint48:5D:5E:FD:66:68:6D:5C:C9:60:FC:9D:0B:F6:6F:F1:5F:97:AA:E4
ValidityMon, 18 Sep 2023 00:00:00 GMT - Thu, 17 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash a5098c60b3b0c879a2c7af6c68b7b53f
939f40be7f1aaf623f62886de4aaba3886df9b65
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
GET /pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd HTTP/1.1
Host: data.adxcel-ec2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
hits.getelevar.com/base/hit?source_url=https%253A%252F%252Fhelixsleep.com%252Fpages%252Fprivacy×tamp=1714575017&signature=b0d3V3piUWJQVWdYOVhEZjJYWDF5Z25KeG1zYmRmcWo6ZDJmNzY2N2ItYjlmYy00NzczLTkxZjEtNDI2OTExYjQyZWU4OmRsX3VzZXJfZGF0YQ%3D%3D&shop=helixsleep.myshopify.com
34.117.180.246204 No Content 0 B URL OPTIONS HTTP/2 hits.getelevar.com/base/hit?source_url=https%253A%252F%252Fhelixsleep.com%252Fpages%252Fprivacy×tamp=1714575017&signature=b0d3V3piUWJQVWdYOVhEZjJYWDF5Z25KeG1zYmRmcWo6ZDJmNzY2N2ItYjlmYy00NzczLTkxZjEtNDI2OTExYjQyZWU4OmRsX3VzZXJfZGF0YQ%3D%3D&shop=helixsleep.myshopify.com
IP 34.117.180.246:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjecthits.getelevar.com
FingerprintFA:51:E3:5B:CF:9D:86:FF:DC:96:D3:F7:5E:DB:F2:D1:C6:99:7C:37
ValidityFri, 12 Apr 2024 09:29:52 GMT - Thu, 11 Jul 2024 10:23:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /base/hit?source_url=https%253A%252F%252Fhelixsleep.com%252Fpages%252Fprivacy×tamp=1714575017&signature=b0d3V3piUWJQVWdYOVhEZjJYWDF5Z25KeG1zYmRmcWo6ZDJmNzY2N2ItYjlmYy00NzczLTkxZjEtNDI2OTExYjQyZWU4OmRsX3VzZXJfZGF0YQ%3D%3D&shop=helixsleep.myshopify.com HTTP/1.1
Host: hits.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Content-Type: application/json
Content-Length: 654
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
x-cloud-trace-context: ada4788f0ee44d8143bd135a8da69f90
date: Wed, 01 May 2024 14:50:17 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jumbe.zaius.com/v2/zaius.gif?resolution=1280x1024&color_depth=24-bit&viewport=1280x1024&source=direct&medium=none&java=0&language=en-us&character_set=utf-8&server_response_time=410&page_download_time=202&hostname=helixsleep.com&page=%2Fpages%2Fprivacy&title=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&u=778690535&vuid=2b137228-5cf1-4280-87a5-1d0951a9f674&new_user=1&zaius_js_version=2.4.1&tracker_id=0KKs7Iw9DiYaFM7bIJwmTg&event_type=pageview&data_source_type=sdk&data_source=JavaScript&data_source_instance=helixsleep.com&data_source_version=2.4.1&idempotence_id=371d5761-e062-4a9e-9722-9affe59bc5ba
54.80.249.13202 Accepted 35 B URL GET HTTP/2 jumbe.zaius.com/v2/zaius.gif?resolution=1280x1024&color_depth=24-bit&viewport=1280x1024&source=direct&medium=none&java=0&language=en-us&character_set=utf-8&server_response_time=410&page_download_time=202&hostname=helixsleep.com&page=%2Fpages%2Fprivacy&title=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&u=778690535&vuid=2b137228-5cf1-4280-87a5-1d0951a9f674&new_user=1&zaius_js_version=2.4.1&tracker_id=0KKs7Iw9DiYaFM7bIJwmTg&event_type=pageview&data_source_type=sdk&data_source=JavaScript&data_source_instance=helixsleep.com&data_source_version=2.4.1&idempotence_id=371d5761-e062-4a9e-9722-9affe59bc5ba
IP 54.80.249.13:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subject*.zaius.com
Fingerprint66:E2:32:08:C8:90:DC:9F:EF:2F:CC:64:8E:3F:AF:3C:2E:E5:16:47
ValidityMon, 19 Jun 2023 00:00:00 GMT - Tue, 16 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /v2/zaius.gif?resolution=1280x1024&color_depth=24-bit&viewport=1280x1024&source=direct&medium=none&java=0&language=en-us&character_set=utf-8&server_response_time=410&page_download_time=202&hostname=helixsleep.com&page=%2Fpages%2Fprivacy&title=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&u=778690535&vuid=2b137228-5cf1-4280-87a5-1d0951a9f674&new_user=1&zaius_js_version=2.4.1&tracker_id=0KKs7Iw9DiYaFM7bIJwmTg&event_type=pageview&data_source_type=sdk&data_source=JavaScript&data_source_instance=helixsleep.com&data_source_version=2.4.1&idempotence_id=371d5761-e062-4a9e-9722-9affe59bc5ba HTTP/1.1
Host: jumbe.zaius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Wed, 01 May 2024 14:50:18 GMT
content-type: image/gif
content-length: 35
server: istio-envoy
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPoCjl3qJ4RZC7m8jZvGAiFlyHyfeyy7hTRekMrAQY4gWWpxhFbzgF1NfPmdDpbmYU32KqBzIKDQGw
server: UploadServer
date: Wed, 01 May 2024 14:50:18 GMT
expires: Wed, 01 May 2024 15:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 01 May 2024 15:50:18 GMT
date: Wed, 01 May 2024 14:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPpwb9RNxAvfc52U8bNwRf_unt7VdoqqqWGy_VW2D-ExmCnJjhRqeVcI-pMkD3XW3floiUpEdU6v5g
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=3&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=3&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=3&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 01 May 2024 15:50:18 GMT
date: Wed, 01 May 2024 14:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPpMbgWxMuGn2AToZyRZ_1O8Lp1VXd-s8wQqaS__mVCLgyWonD0IkP9g3iJsDnsdtT5OiZ6EKgxMaw
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=gtm.js&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=gtm.js&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=gtm.js&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPq--8C7ZsDjU8_dAJIq0kwHKdA4V8NtMTaqdx_KIXpx1ZZf32KJVwRBF0VZAo47Z0bSXpn9J7kiLA
server: UploadServer
date: Wed, 01 May 2024 14:50:18 GMT
expires: Wed, 01 May 2024 15:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 01 May 2024 15:50:18 GMT
date: Wed, 01 May 2024 14:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPoS3fsZMQ6AZ8rCn8dtsnB596F3o6k0Uhug3Gl8BBNNJi0iSb9fv-3ah_V_HMY-N4jqWGSKWD8buA
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/2 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPo_upUBWzQGh2eURozRfnjrDCJv3ja-mb3t1AKQSQEqq7OOwBHMLhQDnCH6a2uqU00482KtB42dKw
server: UploadServer
date: Wed, 01 May 2024 14:50:18 GMT
expires: Wed, 01 May 2024 15:50:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=37596&tdr=&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term=value
34.238.149.65200 OK 5.9 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=37596&tdr=&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term=value
IP 34.238.149.65:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (22612), with no line terminators
Hash 272cd7252029acbd5711c187db8e1560
85feafcb89d3e9629f227184ab433799adf23264
6e486de44796e7b0790a8984325afe504a96611ed249d913e55adcd1b754b6eb
GET /spx?dxver=4.0.0&shaid=37596&tdr=&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Wed, 01 May 2024 14:50:18 GMT
x-envoy-upstream-service-time: 2
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
ocsp.starfieldtech.com/
192.124.249.36 2.1 kB IP 192.124.249.36:0
Hash a342fab4381cf646b05fdad12d79546e
bd61630dff61dba879a980dc1d5fcc1065904dad
20273becf1f785f0f8ba2c2caaaf516af4e19299d9620da11bba1563600bf314
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 May 2024 14:50:18 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 May 2024 12:34:14 GMT
Expires: Thu, 02 May 2024 12:34:14 GMT
ETag: "bd61630dff61dba879a980dc1d5fcc1065904dad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.zdassets.com/web_widget/messenger/latest/web-widget-15178-7bc1c0f.js
104.18.70.113200 OK 4.8 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-15178-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (12531), with no line terminators
Hash 30cd804708caa9949248913ba8f11137
1f10d46d82f94b20609cfd955f2ddd6236d21420
e6d6b877a6e65b87c7eaada4f2e8ee780d5749e21a0b31a42dd843f50b74cf03
GET /web_widget/messenger/latest/web-widget-15178-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: HMIflAK/iPWxphdlvNeCUvclLYoj+mvXpDHa6tbh3ikAtfH/Kt+x8We7nbG8RLfphu8ASmL4s88C2SfETE0Rpw==
x-amz-request-id: DKWJ1ZHR7X4F6WDQ
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:36 GMT
etag: W/"30cd804708caa9949248913ba8f11137"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:35 GMT
x-amz-version-id: 2HcNSYrwF4nmwUJUJvgVhxrgkT6qyOzm
cf-cache-status: HIT
age: 77022
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=003nVmHNn9QsKjIJLLf7cQR5fIlgX5iGfNVUbZtCe4R0HiA0isCrJXmD9fiqiIZbIgFjcGr9sWkd%2BLCsXOIUq06hwueqJ3eMpDlwn6HktXCKAXqMterMr37DxMSGHSTO4lEAeTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547fff256af-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7bc1c0f.js
104.18.70.113200 OK 20 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (18016), with no line terminators
Hash 3ac3100c0ffed8d435c31e09d2196883
4a034cb40bb20a8a1323ce89e5b7bc98f7a2d1d3
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mbU811k/ke7iB1r45HmcMwHgvh8kN9E9sRl4eMG/0K2MLT+hcAipus8m0JeNgKrH4tO3MDO4Fpw=
x-amz-request-id: DKWKWY7EYSDTY0JC
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:45 GMT
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:44 GMT
x-amz-version-id: Pqq5depyzV0eh0laMyX._YPJQ2ernPin
cf-cache-status: HIT
age: 81154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQK7vrjnR%2BLhiiijKA6Vcb66ELwXDMFtju6VrIjrEphzIgchz7iuh0Fzcnn%2B%2FeZJvqcm5GpKbcEvN0lYn8s%2BDQ0qTos%2FdX1uDsx%2BfCn5duh21IrraTYBhbSgilvYK%2FbpfRgERpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547ffcd56af-OSL
content-encoding: br
X-Firefox-Spdy: h2
52.22.50.55/is
52.22.50.55200 OK 32 B IP 52.22.50.55:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerSectigo Limited
Subject52.22.50.55
Fingerprint54:CB:1C:88:45:D1:4F:2B:B2:DB:D5:7B:0B:B2:7D:9F:A0:80:3D:75
ValidityFri, 26 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f76d4bc159de61142d9fda6145c17cca
f1bce1ddeaaa19f57ebc7b4629da388cee4ad322
e7b819204f6b2b2658fa5fba5ecccf2242c67d02fa6b65690fe6a663514f8b79
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 52.22.50.55
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/3 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPoQbYHWZEsdkMUTpO_tZmYT5zv6L1lfQjymg8t2HrY0ocDWzUiXQ8h6VMvMM_oe7z6KGg
server: UploadServer
date: Wed, 01 May 2024 14:50:19 GMT
expires: Wed, 01 May 2024 15:50:19 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.load&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/3 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.load&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.load&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Wed, 01 May 2024 15:50:19 GMT
date: Wed, 01 May 2024 14:50:19 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPo4oSlgtYlFCrnmEot3ubWxFH6qlYASwe7TI3mEFGUxyIgZ57Og7DbLI4ZKyE7Q918yyw
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.starfieldtech.com/
192.124.249.23 2.1 kB IP 192.124.249.23:0
Hash a342fab4381cf646b05fdad12d79546e
bd61630dff61dba879a980dc1d5fcc1065904dad
20273becf1f785f0f8ba2c2caaaf516af4e19299d9620da11bba1563600bf314
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 May 2024 14:50:19 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 May 2024 12:34:14 GMT
Expires: Thu, 02 May 2024 12:34:14 GMT
ETag: "bd61630dff61dba879a980dc1d5fcc1065904dad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.zdassets.com/web_widget/messenger/latest/web-widget-92795-7bc1c0f.js
104.18.70.113200 OK 3.5 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-92795-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (14044), with no line terminators
Hash 8dacd87b4c48f734bef8b1d2179cf0a8
d00bf482803ae6ce6da708838b92ec0cd838d8d2
9e6a4d9e16ce4da30f229293ef16fbdd906a6d7579d9090e6c83236db665c18c
GET /web_widget/messenger/latest/web-widget-92795-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ArvWc1yuTqe/WVjk37lS+kEO6jdZyIciiLzRNRIeg0EHO7Zbxg4zrjCBRF5coULRO893rKW76OQ=
x-amz-request-id: ZQ9QW50VQEW3Z764
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:43 GMT
etag: W/"8dacd87b4c48f734bef8b1d2179cf0a8"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:42 GMT
x-amz-version-id: VqXB39TxxRyQBgdUUulygv8iZIIl.U6A
cf-cache-status: HIT
age: 81167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHnlkZegpuvLq4UCxRmsAjztUsvpF4KQvWwzHedIasicNkhILb539PZeLxgByubSk%2FWdiHXaGfoJxgEfD485F5MRRkZcT55H88SqwbYZcKbJ3XX3uBe%2F1Ih6I37FQsZe2eIYAz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547ffef56af-OSL
content-encoding: br
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term%3Dvalue&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
52.42.124.195200 OK 1.2 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term%3Dvalue&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
IP 52.42.124.195:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (2123)
Hash 19896037c8dc23810168b28365af57aa
7cd4ee9a3e673d51d67feff3ffe65180727da07c
88c031d218e311c8c2e8dfdc7ffb2c8691a00f886122e8b9c2a93f490e034de0
GET /st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&cb=94380692016269200term%3Dvalue&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 01 May 2024 14:50:22 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=230b0e27-07ca-11ef-8683-d185f4ae19cd;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
transfer-encoding: chunked
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash d1ed0b0dd0ce06f928b40b191adbdd4a
af00b3ff525fc1b34b2c54aefc8252723d4f85d7
61abdf267e732d0c6619cbe7c470a827307d1ea86cd50a614cb70beaf8021b2f
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: guid=230b0e27-07ca-11ef-8683-d185f4ae19cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 01 May 2024 14:50:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1714575022449850&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714575023204
52.42.124.195200 OK 450 B URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1714575022449850&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714575023204
IP 52.42.124.195:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (1555), with no line terminators
Hash 29f2f007e70c723c5b62258cff989e33
1100616d25afae5c50685e8e9cef0e6742f5563d
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
GET /st?ga_tracking_id=G-SC9E0N92N7&shpt=Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22G-SC9E0N92N7%22%2C%22shpt%22%3A%22Privacy%20%7C%20Helix%20Sleep%20-%20Helix%20Sleep%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&available_ga=%5B%5D&hardcoded_ga=G-SC9E0N92N7&dxver=4.0.0&shaid=37596&plh=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy&shadditional=rb_adv_id%3Dhelixsleep%2Csh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1714575022449850&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714575023204 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: guid=230b0e27-07ca-11ef-8683-d185f4ae19cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Wed, 01 May 2024 14:50:23 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=230b0e27-07ca-11ef-8683-d185f4ae19cd;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 17
server: istio-envoy
connection: close
transfer-encoding: chunked
monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
34.102.157.158200 OK 26 B URL GET HTTP/3 monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 34.102.157.158:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectmonitoring.getelevar.com
FingerprintAE:92:09:50:9D:7A:FB:1D:B1:6C:71:59:A1:27:F9:8B:22:4B:E8:DC
ValidityTue, 26 Mar 2024 23:34:34 GMT - Tue, 25 Jun 2024 00:29:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
x-guploader-uploadid: ABPtcPr6lgLJwVqELLCbgERtg4uD-q_KK0rrj4XwdiNjsbMCd0sK3ATP99IuWwZ6EyIGaisCtQ
server: UploadServer
date: Wed, 01 May 2024 14:50:20 GMT
expires: Wed, 01 May 2024 15:50:20 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.zdassets.com/web_widget/messenger/latest/web-widget-84852-7bc1c0f.js
104.18.70.113200 OK 142 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-84852-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 142 kB (142418 bytes)
Hash e4e7aad221ba7d1077b83221a7f7a4fc
6c4aea6d2cbd2f3ff49e0a045400f699b64a14fd
4e66e9e0525b7a7a4658edba07661dcf6c6cb3928f966cde5f3e0f53fa1deb71
GET /web_widget/messenger/latest/web-widget-84852-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: EehDTpLwmOnkppZUwosB+oaQhjdfxRvyIfxaMK5Q9+YpYYZW/Vp9c1MxYEfkCaNLStlrjekmXTk=
x-amz-request-id: DKWSZSSYT57K063G
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:42 GMT
etag: W/"e4e7aad221ba7d1077b83221a7f7a4fc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:41 GMT
x-amz-version-id: 3L5YeUCttGrZSMgt.0v0..dBBy_FKIDi
cf-cache-status: HIT
age: 81154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0Qg8NfFRLeQDxQ4eF%2FIVSv%2BeUuMmHjdkW2f45sh4F9b83S%2BfSr3%2BjFJn%2FEESZZmM%2FSpVXEA4d5VXYYScoeQh0OPLYEzyImkoRfohRAmVqYvt3l3wwpG7svJ7LJ9hJmxjfiTbRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547ffd256af-OSL
content-encoding: br
X-Firefox-Spdy: h2
d.impactradius-event.com/A1422860-a2dc-4b8c-affa-9174acdb4c091.js
35.186.249.72200 OK 44 kB URL GET HTTP/2 d.impactradius-event.com/A1422860-a2dc-4b8c-affa-9174acdb4c091.js
IP 35.186.249.72:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerSectigo Limited
Subject*.impactradius-event.com
Fingerprint87:04:5A:CF:E3:17:1C:E4:39:D0:66:75:05:43:95:DF:E8:83:AC:30
ValidityFri, 08 Dec 2023 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (37349)
Hash 671b4294af0771a58aa55fecba64648d
93b0bde9ff2ba43ff63f5a47452073ab2495e70c
5e316c8e5bcab8308607ad6b15913b4f1f75b0cbdec9e515ae49f0fe2d31ec62
GET /A1422860-a2dc-4b8c-affa-9174acdb4c091.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPpgcQ7pOszCbsfWa8IymGTDgY28KBSalrBzX0uVuIK_iw2oNTqJgW2eB69lHq6H90CjtkY
x-goog-generation: 1713778436308107
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16415
content-encoding: gzip
x-goog-hash: crc32c=OTt2kQ==, md5=N8T+FEARgckV1//aRaiBwg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16415
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Wed, 01 May 2024 14:50:18 GMT
expires: Wed, 01 May 2024 14:55:18 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Mon, 22 Apr 2024 09:33:56 GMT
etag: "37c4fe14401181c915d7ffda45a881c2"
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
helix-sleep.tkjf.net/xc/1426335/605589/9928
108.128.20.23200 OK 46 B URL POST HTTP/2 helix-sleep.tkjf.net/xc/1426335/605589/9928
IP 108.128.20.23:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subjectsruj.net
Fingerprint18:0A:BE:E7:21:33:31:DF:DA:BC:0E:6E:1E:C3:97:96:3B:FB:AE:2E
ValidityTue, 27 Jun 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 12f3750878d21d6613eaa09fda935a5b
980b1716e22496c290aba74232827b2c33851ad9
a1284ca37b1bf2d59703214667c825fe2eefde8365ca66847148cb640cf2f15f
POST /xc/1426335/605589/9928 HTTP/1.1
Host: helix-sleep.tkjf.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 101
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:19 GMT
content-type: application/json; charset=UTF-8
set-cookie: AWSALB=vWGSRuxiR/x/RfwQ/pwM8CRkLXUTLuK2Q0U+n8Lrj4qM0D8F/lnq/EPCWZ5RCV6o3hgPUmZ7CvkjIY0NBcSHZS3dtgz9dobnjWeDXuy3CpalHAzh+IpySfu40Ltx; Expires=Wed, 08 May 2024 14:50:19 GMT; Path=/
AWSALBCORS=vWGSRuxiR/x/RfwQ/pwM8CRkLXUTLuK2Q0U+n8Lrj4qM0D8F/lnq/EPCWZ5RCV6o3hgPUmZ7CvkjIY0NBcSHZS3dtgz9dobnjWeDXuy3CpalHAzh+IpySfu40Ltx; Expires=Wed, 08 May 2024 14:50:19 GMT; Path=/; SameSite=None; Secure
brwsr=f10bae25-07c9-11ef-ac4e-b1fcf1bdb378; Domain=.tkjf.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 21 Apr 2026 14:48:58 GMT; HttpOnly; SameSite=None
irld=Ly7nUVt0Sh2qmR6C3FdR--2MvyHyyVq3pE1I10l7QgSWyZQQT; Path=/; Secure; Max-Age=15552000; Expires=Mon, 28 Oct 2024 14:48:58 GMT; HttpOnly; SameSite=None
access-control-allow-origin: https://helixsleep.com
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 01 May 2024 14:48:58 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
X-Firefox-Spdy: h2
helixsleep.com/images/helix-sleep/favicon-16x16.png
167.172.14.23200 OK 661 B URL GET HTTP/1.1 helixsleep.com/images/helix-sleep/favicon-16x16.png
IP 167.172.14.23:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerZeroSSL
Subjecthelixsleep.com
FingerprintEB:F2:3F:2F:E4:1C:57:A9:94:97:7C:61:6E:9F:F2:82:CF:7A:07:7C
ValidityThu, 14 Mar 2024 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash 1632bd911a54f6e667e0b252065bef08
a294a860ce8fba7ad93a9f00cf8499aaa278457f
f09941c5a320bea0504fd3f0396aa508ce220f27151e17a2a2d42c5507d47855
GET /images/helix-sleep/favicon-16x16.png HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/pages/privacy
Cookie: datadome=~gXYIW4RzcsHecJdAAW1ckHlEs3GM586ZaR9qLqmzjE7_T3SmbCTHeEjQgG1fRJ_QquCqlGEQmJ3wq3OiFauFw9YOOUS_VM0Oyo23TiW7m3zqMphH6TyLCsgdKh4_ZYd; XSRF-TOKEN=eyJpdiI6InNycUx3cGREWUFXUjlvOHhFNFh6WEE9PSIsInZhbHVlIjoibzdNd0N3ZXB6OWtKbVdWT2IrdU1GbnJJWW5seXhaazBJN0xCYW1OcG5LZm9JcjRtOStWd0VFU2dCTFFWYWY4bWJVZVRKOXl5OEMzaUxTMS8yWnVzMEZQTGh5QytERndJa0VBc2dwaXB0OWpGeERQNHRWakVuUjhqaHpTM2lVcFgiLCJtYWMiOiI4MWY5YWFlOTVhMTk2YjA1NzY4NThmNDBhOWM2MmM5N2Q5ODVhOWI5NmE4ZGZiYzMyNTMxNWZmY2YzNDM3ZGMzIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IkJ6MzRyblZkZmNwOGJoN3NHekRRbEE9PSIsInZhbHVlIjoiWVB1SlFsREZkcFRVY1dpTmgvVnZERE85NTJiSGhIS2VLb2haRmMxWkFIdXZtMzBpckR3ZGNDbDVJNEtDNWtkcTdzdE43Q0FoRVFjb0Y3V1JTTnNWUW9jUEpSOEpBbWlxcmtSRkltTXNtMWdaRnpBMVQzdjBkM2lqOU5pcG5YYkwiLCJtYWMiOiJhZmFkNGZjZGUzZjM4NmYwNzc1OTNmZWIyNDZjZDc5ODE4ZTU5MTNjYjFkNzg2N2QwNTc4YzNhMTBkN2ZkOWQxIiwidGFnIjoiIn0%3D; strata_user_id=eyJpdiI6Im1BU0wybjE2OWdQZmJETkRRVEIvN2c9PSIsInZhbHVlIjoieG1BcC8xV0NDeVVsZ2NTd3Y0RWpOQUF1VkxKclRqcTVjUndWWTVFdnA0NFNmOVlGYU9KUUJpbFhJVkxvcUdXT0s4NGpNUjVKOFc0eGRyMlFlcWF6M25KT041djhFSmlWSnRnMG83dWNFMjg9IiwibWFjIjoiZWU3MmZlMjkxYjk3OGUwYWIzNGJmYzdlNWEyZTk2NTA1YmUyZDQ1MmY0OGFhNTViNDM5ODIyMWFiNmIxNTUyOSIsInRhZyI6IiJ9; strata_uid=f3dfe5cc6b71fb8b780b8465cae0d9d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:16 GMT
content-type: image/png
content-length: 661
last-modified: Thu, 25 Apr 2024 16:32:19 GMT
etag: "662a8593-295"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
shopify-gtm-suite.getelevar.com/configs/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/config.js
34.120.58.162200 OK 1.1 kB URL GET HTTP/2 shopify-gtm-suite.getelevar.com/configs/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/config.js
IP 34.120.58.162:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerGoogle Trust Services LLC
Subjectshopify-gtm-suite.getelevar.com
FingerprintAB:DE:7D:48:DD:D6:59:38:FE:D0:56:56:A0:89:90:55:11:83:59:9E
ValiditySat, 13 Apr 2024 23:41:09 GMT - Sat, 13 Jul 2024 00:35:03 GMT
File type JavaScript source, ASCII text, with very long lines (1188), with no line terminators
Hash ef40814ee417e5c5669e7d16e2380aa3
8518b1bd82a74431d1a151a0f4ec7ab3ac52491e
babc47dc93bd34b940fc848c6e147550101b34ce3b3028e3ae4cc872fb403933
GET /configs/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/config.js HTTP/1.1
Host: shopify-gtm-suite.getelevar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-goog-generation: 1714490369847976
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 484
content-encoding: gzip
x-goog-hash: crc32c=YEt5Rg==, md5=oED14z6v/sbtJwegyF4kAw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 484
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: ABPtcPoUyWQA8IlXGHcIZb4_Qk7NnxcqYyIZmKEjOs8XWD_bSHSnRtnh2vAhUlnsE3ehxsHvksJas4Nr5w
server: UploadServer
date: Wed, 01 May 2024 14:50:16 GMT
expires: Wed, 01 May 2024 15:50:16 GMT
cache-control: public, max-age=3600
last-modified: Tue, 30 Apr 2024 15:19:29 GMT
etag: "a040f5e33eaffec6ed2707a0c85e2403"
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pix.pub/t.png?&t=1714575017182&l=tvscientific-pix-o-e585d0a3-6d67-4c79-b1d6-bd74ce67bc93&u3=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
54.230.111.107200 OK 68 B URL GET HTTP/2 pix.pub/t.png?&t=1714575017182&l=tvscientific-pix-o-e585d0a3-6d67-4c79-b1d6-bd74ce67bc93&u3=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy
IP 54.230.111.107:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subjectpix.pub
FingerprintDF:69:C8:8D:3C:7C:E5:A6:6D:C0:3E:A4:86:56:1A:8E:62:76:9C:46
ValiditySat, 11 Nov 2023 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash 8e31b8b47c618ed73e5b31011d1de037
d1b8613998ba0a89b32bfb7a2a1eedaa9dd55529
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
GET /t.png?&t=1714575017182&l=tvscientific-pix-o-e585d0a3-6d67-4c79-b1d6-bd74ce67bc93&u3=https%3A%2F%2Fhelixsleep.com%2Fpages%2Fprivacy HTTP/1.1
Host: pix.pub
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 68
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 May 2024 04:59:09 GMT
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: maw1WKwWNSHFIVQhS_oNI29ajLZsqG8JYMUIqHk4uc5U4QiX6osUFg==
age: 35471
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-59535-7bc1c0f.js
104.18.70.113200 OK 16 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-59535-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (15491), with no line terminators
Hash d872b805dfde20482fe32889700afdc1
47af461c71ba00585398da25bbdd3067f207572f
49c6b066c7794e32489b24de0b9269cdbd3a18ad9cb32552cb60f25d3123c972
GET /web_widget/messenger/latest/web-widget-59535-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: l9jY+QGDab3UN2BUYQApDPgjCySc3XA3hz3MivAtWXlWzIsfS1YUVn8tU8A9daHt7ggtSCAdlnK37PmAW+3WgUt/fNjI3hHC
x-amz-request-id: ZQ9HG5MJCVRK3MH5
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:39 GMT
etag: W/"d872b805dfde20482fe32889700afdc1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:38 GMT
x-amz-version-id: CPyEyXK6TSeQFi3.kU_Huc_t6EdbgHbO
cf-cache-status: HIT
age: 72729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvkHeGgQD%2BZnd6x504wWF3onkoXaTHulCJUmFJCKZiQGDfZkXhuqh5sPoxGu21oqn%2BWKuXXrWm8AF5FSWLYoEuQVqJEsjmnhdOmqo%2FSZSvC92FIb58GLOjCAFn0oHZJjcVk5KZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547fffa56af-OSL
content-encoding: br
X-Firefox-Spdy: h2
cmp.osano.com/
108.157.229.87200 OK 4.6 kB IP 108.157.229.87:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subject*.osano.com
Fingerprint19:94:CF:1F:C5:46:88:1E:E2:4A:57:C3:F7:26:EA:B0:8A:E2:50:02
ValidityWed, 18 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (4661), with no line terminators
Hash 221b5e4a4436dd8fa3728f9fb5715f0e
2bfb404742203a4b0f24171b827b089be30af9e9
10ad35464b97c14cb9c3dd7e72dc30f9b419876de1ee51b87fb1f6debd7c0df5
GET / HTTP/1.1
Host: cmp.osano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
server: AmazonS3
content-encoding: br
date: Wed, 01 May 2024 04:46:08 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
age: 50303
x-xss-protection: 1; mode=block
x-amz-cf-id: X30NX0yRhGOyIV9uXFxBEswJ_EP6I0_KVt45uPqo3OPKv9bn6a7y7Q==
www.zrwike2er.com/scripts/sdk/everflow.js
34.149.33.11200 OK 61 kB URL GET HTTP/2 www.zrwike2er.com/scripts/sdk/everflow.js
IP 34.149.33.11:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerStarfield Technologies, Inc.
Subjectzrwike2er.com
Fingerprint1D:C8:C8:E6:5E:97:A0:B5:86:97:4B:3E:02:23:6D:D6:8F:AA:8A:3F
ValidityThu, 06 Jul 2023 15:36:04 GMT - Tue, 06 Aug 2024 15:36:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.zrwike2er.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 14:50:18 GMT
content-type: text/javascript
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: fc7b2724-c36b-403c-8027-040c9358fae1
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
xp2023-pix.s3.amazonaws.com/px_t1xng.js
54.231.192.81200 OK 4.9 kB URL GET HTTP/1.1 xp2023-pix.s3.amazonaws.com/px_t1xng.js
IP 54.231.192.81:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (5042), with no line terminators
Hash 08c63961883a752a8f0a6d71f117de55
96368d68bb3df2fcfd2e29a656868397c9542c44
d7831c851154d0dade6579fccc5fa34ad57ceee50a7a1fef020699df1209e1bb
GET /px_t1xng.js HTTP/1.1
Host: xp2023-pix.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TcuqdelKSfPsYLPN+sm1ZyrrRmIimAtqB9ETDY3lFKSGqUoQNSpM2y7wujgXXLguYSug4EJ5A08=
x-amz-request-id: 1EPMJWF0X0RR1ND9
Date: Wed, 01 May 2024 14:50:18 GMT
Last-Modified: Thu, 21 Mar 2024 14:51:33 GMT
ETag: "5e2390102de05b6fe899aa4dbb6868d1"
x-amz-server-side-encryption: AES256
Content-Disposition: attachment; filename="px_t1xng.js"; filename*=UTF-8''px_t1xng.js
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 4910
static.zdassets.com/web_widget/messenger/latest/web-widget-9527-7bc1c0f.js
104.18.70.113200 OK 30 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-9527-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type JavaScript source, ASCII text, with very long lines (30186), with no line terminators
Hash 083d4fe56f4013855997ad6d21392f69
09911e3ab09d861f133c686c5e1767e6b50a628c
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
GET /web_widget/messenger/latest/web-widget-9527-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: zrhUuxuSuLSxdOViPNUAwCRlmr3BEAYlvtDfbsuyuyCHwcOxKmNOznNucnIH3fUdID1v3bd78zS1br5U0SfV6Q==
x-amz-request-id: ZQ9TTCX63Q6ZNP2V
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:43 GMT
etag: W/"083d4fe56f4013855997ad6d21392f69"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:42 GMT
x-amz-version-id: HwbZ6uxK1YLhJ9IXLd6hWwZS5dWaJJTm
cf-cache-status: HIT
age: 72729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMSeUy%2BzSzoT7jy2ooN%2BqIEpoBpQEC6%2FLBNiCXZuV8UwAyHKC81zrNcDF%2FhiuzwK4LevMMTAypuzma%2FskEwbZOgFVyaRUpMG6nj5DGMzSxWGz3HhkBliZYaRDx9un2dW2PCEp9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d09547ffe256af-OSL
content-encoding: br
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d
104.18.72.113200 OK 1.2 kB URL GET HTTP/2 ekr.zdassets.com/compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d
IP 104.18.72.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1336), with no line terminators
Hash 87ef9f79086c128c82610d2e6b2fe9b0
f0442a5463ea6486136adcc6df33e026bbee4391
714a0caf4ae85e72781725e4a4ff625b32896ecd64550d6e8b38f0f1b5039f97
GET /compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"a35fc7759c05256cf938fb7104a1a9c0"
x-request-id: 879ecb838f3452b3-SEA, 879ecb838f3452b3-SEA
x-runtime: 0.004748
x-zendesk-zorg: yes
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CtSGCcYnhSE%2BO8sMX823pZYLAgkJexpl2tV8Ef94fLCDAGN7mfbZ7itxrTZ2vt%2F37q1iHXfMj5C3NtlObpSdcmlezJW%2Fn8nBnt97GawnZjMY7wV0zwUglc91qKofvJ0IRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87d0953d7c11b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
104.18.70.113200 OK 461 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
IP 104.18.70.113:443
Requested by https://helixsleep.com/pages/privacy
Certificate IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT
Size 461 kB (461245 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web_widget/messenger/latest/web-widget-main-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 14:50:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: b4iFBmysrfVotSuHVYf858Tif60NDMsmlxIcV+9+imkbX/a3if2QgSpESGWXoHhfcj6Cw5wtguE=
x-amz-request-id: DKWG1E69PV39MED6
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:55:43 GMT
etag: W/"61166b9a0a776703db59d8fbffd8e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:55:42 GMT
x-amz-version-id: FF8unFdBB4gI.67XhH2GhVTn74pudK_c
cf-cache-status: HIT
age: 67112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LVnxnYT3WATBw%2BJa4BGh0%2Fja39CU2rImtjGl1MRLOvnYGKfw7RuDttv4p%2F0GoIKqG339RFhgM3AaVEgQbCVAe6GbR1WFif5Ufx9vCySZ3RkjLJlSNSouuAbwxb1wluR7l1C1vI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87d095468d8c56af-OSL
content-encoding: br
X-Firefox-Spdy: h2