| helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t |  167.172.14.23 | 307 Temporary Redirect | 0 B |
URL HTTP/1.1helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
location: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
date: Thu, 09 Mar 2023 14:54:04 GMT
content-length: 0
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash7989fc4a69327c765a7e4e68f46c169b 1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9676
Expires: Thu, 09 Mar 2023 17:35:21 GMT
Date: Thu, 09 Mar 2023 14:54:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8f33f56c329fe0b1570d2ee3e000ce4e b11fcecd7cc1210d3f3b4e1426a37d3cd138119e ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6230
Expires: Thu, 09 Mar 2023 16:37:55 GMT
Date: Thu, 09 Mar 2023 14:54:05 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Mar 2023 14:13:43 GMT
content-type: application/json
age: 2422
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6d096b44c5db01960a5d03dbb2a238c0 8e818de0e82041f2d9edeb14ddaf3916983b3729 8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20652
Expires: Thu, 09 Mar 2023 20:38:17 GMT
Date: Thu, 09 Mar 2023 14:54:05 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pzPrdfzawmk/tnbTfUbLG+E0HppIeuMDIdPnhgvFxr+hHYDAXw40e0C2rjczDUCgvg1N5tMrqsI5EMnndnxc5g==
x-amz-request-id: 4HEQRZ53ZRWSEN5G
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Mar 2023 14:18:27 GMT
age: 2138
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ |  104.18.32.68 | 200 OK | 727 B |
URL HTTP/1.1zerossl.ocsp.sectigo.com/ IP104.18.32.68:0
Hashe6de5ab85f777417060c186a0cd11e30 2d7fea8e85240ba2ebc0e57827627abf20a83895 93f2c42e9f91c9c2572cebc6e613593ad4ff17670842c309943d289c04b2b342
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 14:54:05 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 07 Mar 2023 06:40:10 GMT
Expires: Tue, 14 Mar 2023 06:40:09 GMT
Etag: "2d7fea8e85240ba2ebc0e57827627abf20a83895"
Cache-Control: max-age=401763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a5426b4f9e3b517-OSL
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Last-Modified, Retry-After, Expires, Pragma, Content-Length, Cache-Control, Alert, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 14:03:42 GMT
age: 3023
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbc9a86b8d3035b57b58750f8896202e8 1485042fff689cadbf0c7a540f430993f23d45e3 b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Thu, 09 Mar 2023 15:40:45 GMT
Date: Thu, 09 Mar 2023 14:54:06 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.83.81.40 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.83.81.40:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c+PyuFv2lmsNkhbmFOpI7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: evhspA2X0vwPB4oRKn3xK5qK61c=
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 279 B |
IP192.229.221.95:0
Hashff5bc111d3aa463ffa7c1f655dc86212 66e8e2f6250c7110dcf8c04387e3418a081fe16d 448647f1669ad0f87e34d1b65ba7e10e65d07f96b7af31f002f2face4d5f76e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4303
Cache-Control: max-age=127104
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:06 GMT
Etag: "64092fc0-117"
Expires: Sat, 11 Mar 2023 02:12:30 GMT
Last-Modified: Thu, 09 Mar 2023 01:00:48 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.optimizely.com/js/19213322720.js | 23.38.200.155 | 200 OK | 98 kB |
URL HTTP/2cdn.optimizely.com/js/19213322720.js IP23.38.200.155:0
File typeASCII text, with very long lines (65468) Hash01a3a79d2d3b6f36cd4988c229e944fb c2fca8e4ea851408a5d82b5b7cd2863c01214b20 eb8a8aa1d3f273932e0e56ce7d415ce3d2a47ff5cded45e8eec12c02e3204f1b
GET /js/19213322720.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tQSDoTntjMcq2pLL5t5cdZX1neAAVfvRQUUScA1sy6m7I2wcGLjVELhTI1tE63hcii+DIsePo1k=
x-amz-request-id: KCZ3M9MCR1GGG7AV
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Mar 2023 15:34:35 GMT
etag: "01a3a79d2d3b6f36cd4988c229e944fb"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 6976
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: HrIjCw4j1ulqukp3Iji9ap7WkLFHUzP2
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 98135
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 09 Mar 2023 14:54:06 GMT
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=24, origin; dur=107, cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="466214_388255516_388764187_13381_1230_6_0";dur=1
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| helixsleep.com/vendor/equalweb/css/equalweb.css | 167.172.14.23 | 200 OK | 47 B |
URL HTTP/2helixsleep.com/vendor/equalweb/css/equalweb.css IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
Hashd32ef9af2e834ddfba91af7250b1842f 396f64d3c9124812b4d13f429383079d08b85681 01b45e664331d13608e3f162fbb5d917a88a7b0f03fe3d8a1c02aa90b3d3752b
GET /vendor/equalweb/css/equalweb.css HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:06 GMT
content-type: text/css
content-length: 47
last-modified: Mon, 06 Mar 2023 10:26:34 GMT
etag: "6405bfda-2f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hashdb83c9144d7c3dfd9d65004a5f3eb53f 0e08ecd359f24f50aa4502da7ab34d657cd60b3f 7d2dd5d19ab5101ec348edf477aaa9d52903873168013fa7603bf8e9999fa45b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t | 167.172.14.23 | 200 OK | 80 kB |
URL HTTP/2helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
Hash09709fc10e68e36d74f226d933c5b6dc 4f23e3eed5d44e2fa18a971bdf84042d56d75ca5 c28cf4323f1f15a2e3b759cdd379adeb5158f5e2ceb76944ab32363aa076af07
GET /?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
date: Thu, 09 Mar 2023 14:54:05 GMT
x-robots-tag: all
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; expires=Sun, 19 Mar 2023 14:54:06 GMT; Max-Age=864000; path=/; samesite=lax
stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D; expires=Sun, 19 Mar 2023 14:54:06 GMT; Max-Age=864000; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/Udi7jfC2-KY | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/Udi7jfC2-KY IP142.250.74.99:0
Hashd82a3783f723345941c19bb4e35062c9 ffd7d4748379e50cb44d8cdeb7c91c361652f356 cebc3d4824cee5b23a41304b9b96f64a39afa920cb36a98721d4e152efc65c6e
POST /s/gts1d4/Udi7jfC2-KY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| shopify-gtm-suite.getelevar.com/shops/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/events.js | 34.120.58.162 | 200 OK | 1.3 kB |
URL HTTP/2shopify-gtm-suite.getelevar.com/shops/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/events.js IP34.120.58.162:0
File typeASCII text, with very long lines (2922), with no line terminators Hashccc7a96e1911d1b45941b673163cc0cd edb11e9d630b9ce518fc187d79cc845ed41ac5b2 45b435b1bc6efd47dc658c614aa9e47f0f69a828fa07f13799da0033804b862a
GET /shops/78844dfba0ec67978fa9f68f4f7eb4386651dc6c/events.js HTTP/1.1
Host: shopify-gtm-suite.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt8fGGvTKHDL3OGcTc5umTsKfKTFMxs9UHuwiWM2_DFKgWTQQsy9x-mIRlNH63z2czDgcPdur6xgQlrnxab4kqOkhaF3jY5
x-goog-generation: 1652986791933624
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1336
content-encoding: gzip
x-goog-hash: crc32c=JBqQ0Q==, md5=zMepbhkR0bRZQbZzFjzAzQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1336
server: UploadServer
date: Mon, 27 Feb 2023 01:50:09 GMT
expires: Tue, 27 Feb 2024 01:50:09 GMT
cache-control: no-transform
last-modified: Thu, 19 May 2022 18:59:51 GMT
etag: "ccc7a96e1911d1b45941b673163cc0cd"
content-type: application/javascript
vary: Origin
age: 911038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/Udi7jfC2-KY | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/Udi7jfC2-KY IP142.250.74.99:0
Hashd82a3783f723345941c19bb4e35062c9 ffd7d4748379e50cb44d8cdeb7c91c361652f356 cebc3d4824cee5b23a41304b9b96f64a39afa920cb36a98721d4e152efc65c6e
POST /s/gts1d4/Udi7jfC2-KY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashb6d0f026171490b58ec040daf1dd0ce0 af0caad2541a2c516dc6aa9210755d8b83d7ffa7 f2c2630dfb319fcd39c31b10bdae667ac188a595e607603f200f20cfe2e36aa1
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95130
Date: Thu, 09 Mar 2023 14:54:07 GMT
Etag: "6408b14f-1d7"
Expires: Fri, 10 Mar 2023 17:19:37 GMT
Last-Modified: Wed, 08 Mar 2023 16:01:19 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gb2rpP2pxz8PlRhpBFQo4AkpZPgC9TESRG2_kgIqofJ3Gld7mmbKTA==
Age: 4698
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hashd23c9f32ca35fb2d81fb59e1852d8a1e c05a9c014548600def3764d0e55b5663728f0254 20c10282ad2ab21f7fed87b0841019acddc3bda3845fabd3cc41d4548c1b1686
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.heapanalytics.com/js/heap-2499289854.js | 54.230.111.41 | 200 OK | 56 kB |
URL HTTP/2cdn.heapanalytics.com/js/heap-2499289854.js IP54.230.111.41:0
File typeASCII text, with very long lines (55788) Hash354dda56277d6e437f3c81c1566767ba cc4cd1fe5dfc250e26223f274127ff1499563a99 722c697c2854b982507f7ae3d07948031c19b41de63c258789d2ac3c299f82c5
GET /js/heap-2499289854.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 09 Mar 2023 14:52:46 GMT
server: nginx
x-powered-by: Express
etag: W/"1dd53-qjo4LaZaB5zmkAtXEWyyxkMTL5E"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zXjqAFHLRFLRPNqjy5wK4LBG42L05Q6iSuBREjGdP216gZE5Zez1Iw==
age: 81
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hashd69ea11c08cf4b75921cdd167ca8181c cfc50e157d294769fdc74b65a1cdab6630a4e26d 0e6a351ff1288fea7ba90628870303978b13a6a5a847a8a682ef88381ccf57d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 | 142.250.74.35 | 200 OK | 17 kB |
URL HTTP/2fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data Hashbcf3a3fb620dfbee774f84e2c8e71530 40a79d240acdd7e5a95e165515ac7c0958a37971 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Mar 2023 07:13:46 GMT
expires: Sat, 02 Mar 2024 07:13:46 GMT
cache-control: public, max-age=31536000
age: 546021
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| helixsleep.com/vendor/livewire/livewire.js?id=90730a3b0e7144480175 | 167.172.14.23 | 200 OK | 62 kB |
URL HTTP/2helixsleep.com/vendor/livewire/livewire.js?id=90730a3b0e7144480175 IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
Hash044a65679b07664be09c786bdcd82b9f b3ef562d1f6168261f2202d539b89db1d8c1a216 250067af360254bfa8489be0f3df9b81bb9d4b125661bc9f8477e64cd7119541
GET /vendor/livewire/livewire.js?id=90730a3b0e7144480175 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 Mar 2023 10:26:34 GMT
vary: Accept-Encoding
etag: W/"6405bfda-2aae3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hashd23c9f32ca35fb2d81fb59e1852d8a1e c05a9c014548600def3764d0e55b5663728f0254 20c10282ad2ab21f7fed87b0841019acddc3bda3845fabd3cc41d4548c1b1686
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/lMiFrn7fDiU | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/lMiFrn7fDiU IP142.250.74.99:0
Hash6c43ea6c78a9f1d5b3fece3d4d14671d f47a7ade129f1571bab32c7c167e718242059ab4 f3be7f8e74710df3ce835003df74ed4cf8ddf55fc15653e9fd195e925c856efc
POST /s/gts1d4/lMiFrn7fDiU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/lMiFrn7fDiU | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/lMiFrn7fDiU IP142.250.74.99:0
Hash6c43ea6c78a9f1d5b3fece3d4d14671d f47a7ade129f1571bab32c7c167e718242059ab4 f3be7f8e74710df3ce835003df74ed4cf8ddf55fc15653e9fd195e925c856efc
POST /s/gts1d4/lMiFrn7fDiU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_GQ_Home_c0wwq1?_a=AAFIKBs | 151.101.129.137 | 200 OK | 5.6 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_GQ_Home_c0wwq1?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash91f935a10f751f4523a47f7827ab683c 782218eefbc73dc0b1b8576fbbaa9a96909e39d3 2022152d6e47834160ee3f8da0ae93c71224df1447082b572afe654d3bc7097f
GET /helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_GQ_Home_c0wwq1?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Midnight_-_LUXE_-_Badge_-_GQ_Home_c0wwq1.webp"
content-type: image/webp
etag: "91f935a10f751f4523a47f7827ab683c"
last-modified: Fri, 07 Oct 2022 18:03:54 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5646
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_Wired_-_02_l4tt3q?_a=AAFIKBs | 151.101.129.137 | 200 OK | 7.1 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_Wired_-_02_l4tt3q?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash7179aa6b2524863d4789c326ba4ccf99 49d5dd65adc0faecf42ebbc9b5010d6dc4b8c8ac 6f27dccdd9ec897d6073ca2a4a45bbde0c36054c7cc6221b618c808a0a1ac310
GET /helixsleep/image/upload/f_auto/c_scale,w_270/Midnight_-_LUXE_-_Badge_-_Wired_-_02_l4tt3q?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Midnight_-_LUXE_-_Badge_-_Wired_-_02_l4tt3q.webp"
content-type: image/webp
etag: "7179aa6b2524863d4789c326ba4ccf99"
last-modified: Fri, 07 Oct 2022 16:05:10 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 7106
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Apartment_Therapy_-_01_odxi9s?_a=AAFIKBs | 151.101.129.137 | 200 OK | 5.2 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Apartment_Therapy_-_01_odxi9s?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash35d12ce0fd52dd81754eb6f45259e2e7 aef8afaa78b6644490b499533e0a20788b688603 cceb51997aa59eb7c4b6aae321b8f3c2d8a9618ef6c3003335cd5de89b76991e
GET /helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Apartment_Therapy_-_01_odxi9s?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Midnight_-_LUXE_-_Badge_-_Apartment_Therapy_-_01_odxi9s.webp"
content-type: image/webp
etag: "35d12ce0fd52dd81754eb6f45259e2e7"
last-modified: Thu, 05 Jan 2023 17:51:45 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5174
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Tuck_d1lvzs?_a=AAFIKBs | 151.101.129.137 | 200 OK | 1.5 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Tuck_d1lvzs?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashb66da488530519b0b165d8dc5c75b6b1 a27bac2539e11d01080f49e136ef59235f67d044 dd9f1aa83ca751a25b60a10ed81507802e4df0c8a61fc50508babcf5b81b7283
GET /helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Tuck_d1lvzs?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Third-Party_-_Tuck_d1lvzs.webp"
content-type: image/webp
etag: "b66da488530519b0b165d8dc5c75b6b1"
last-modified: Fri, 30 Dec 2022 00:03:46 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 1510
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Forbes_-_02_xv0j6l?_a=AAFIKBs | 151.101.129.137 | 200 OK | 1.5 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Forbes_-_02_xv0j6l?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash942f9e1d78b979dca77d3e591a1b6fe7 a8126c88f4223c01d97d407eca89736ebe736501 0d3fe84c3cd9dd0907f6f8e24529de803e129025f34d15106ccc4279f5c01974
GET /helixsleep/image/upload/f_auto/c_scale,w_135/Midnight_-_LUXE_-_Badge_-_Forbes_-_02_xv0j6l?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Midnight_-_LUXE_-_Badge_-_Forbes_-_02_xv0j6l.webp"
content-type: image/webp
etag: "942f9e1d78b979dca77d3e591a1b6fe7"
last-modified: Thu, 05 Jan 2023 17:52:31 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=3;cpu=1;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 1458
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17800
Expires: Thu, 09 Mar 2023 19:50:47 GMT
Date: Thu, 09 Mar 2023 14:54:07 GMT
Connection: keep-alive
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Sleepoplis_pjifwk?_a=AAFIKBs | 151.101.129.137 | 200 OK | 2.9 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Sleepoplis_pjifwk?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashe38e45c17ba8414d3223ee3fa0147c49 10f89d3a662760ff78da6e217d6c30036f11cc99 932c1c967103f4fb973fe6d82bd1f1b149fadac8e081001c2cfdf995af4c38fb
GET /helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Sleepoplis_pjifwk?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Third-Party_-_Sleepoplis_pjifwk.webp"
content-type: image/webp
etag: "e38e45c17ba8414d3223ee3fa0147c49"
last-modified: Fri, 30 Dec 2022 00:04:10 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.625Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2868
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Mattress_Clarity_mk9eqs?_a=AAFIKBs | 151.101.129.137 | 200 OK | 4.0 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Mattress_Clarity_mk9eqs?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash295ce95151b1bb6b302839f24bd5998d b38604ff240a53a54bb88e68bf16c78baa24724a 8307a369aae50ee7e8e077a64a3532dc0fb70e50f993d5dcce9b5307fad047c3
GET /helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Mattress_Clarity_mk9eqs?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Third-Party_-_Mattress_Clarity_mk9eqs.webp"
content-type: image/webp
etag: "295ce95151b1bb6b302839f24bd5998d"
last-modified: Fri, 30 Dec 2022 00:04:46 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.625Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3978
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Plus_-_Badge_-_Wirecutter_-_01_joqtmj?_a=AAFIKBs | 151.101.129.137 | 200 OK | 2.5 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_135/Plus_-_Badge_-_Wirecutter_-_01_joqtmj?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash9e2f52c92b99778869bc1734e21d30fb 73a2cf6ad4ca8faf468c54c8f05e13fe553a37a9 5b1b39c854a50405ec9b0576ef520b3512f7f9cbbcdc3c3f79fbba2a1a66aa07
GET /helixsleep/image/upload/f_auto/c_scale,w_135/Plus_-_Badge_-_Wirecutter_-_01_joqtmj?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Plus_-_Badge_-_Wirecutter_-_01_joqtmj.webp"
content-type: image/webp
etag: "9e2f52c92b99778869bc1734e21d30fb"
last-modified: Thu, 05 Jan 2023 17:54:40 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=8;cpu=0;start=2023-03-09T14:54:07.623Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2452
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Our_Sleep_Guide_hxpyth?_a=AAFIKBs | 151.101.129.137 | 200 OK | 3.1 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Our_Sleep_Guide_hxpyth?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash84246a0c890827a13ce22a81b2662b57 c50c1e6e1e3f069ceea1957afe635430685827bf ed1c616e3b5cf7b99577bbe415f95c1b62b2f51ca2b75685400c4569865e6d27
GET /helixsleep/image/upload/f_auto/c_scale,w_500/Third-Party_-_Our_Sleep_Guide_hxpyth?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="Third-Party_-_Our_Sleep_Guide_hxpyth.webp"
content-type: image/webp
etag: "84246a0c890827a13ce22a81b2662b57"
last-modified: Fri, 30 Dec 2022 00:05:03 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.632Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3062
X-Firefox-Spdy: h2
|
|
| cdn.equalweb.com/core/3.0.0/accessibility.js | 104.26.13.95 | 200 OK | 21 kB |
URL HTTP/2cdn.equalweb.com/core/3.0.0/accessibility.js IP104.26.13.95:0
File typeASCII text, with very long lines (34573), with no line terminators Hashc93086aac84264bac8947362f1b34169 8dcbe849ff9054313fbce7d25e8ba0ffc7bad1ca ec598641bfdf14dd4ce7913e0c4a116ee91102afab3f00ca41a6619435a7269e
GET /core/3.0.0/accessibility.js HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:07 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Sun, 28 Feb 2021 12:13:32 GMT
etag: W/"03e5d21cbdd71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1535362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDBFkisO%2FA0qKyNmJOyLvZViPW%2F8mVMG8W4d7Iw0NBCNmyPXAdFnxUO%2Fwd3bZ0lK8S0YfdlbZQ6VuAHtVX0%2BS12hKrXwL1vtzGMHCCF2SzOiXGRLfbjD6A%2BbD84tEPJI7Sk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
server: cloudflare
cf-ray: 7a5426bef98dfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_03_p3ix4k?_a=AAFIKBs | 151.101.129.137 | 200 OK | 11 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_03_p3ix4k?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash0ecda6fb2fe1b3a0f32f16069091d2d5 3e1f294d0686efb02dd9eadfa2fbf8b9e85fe8d4 9de4f48870925e466ffdbaff5651724092e2bc22736fe9ffee4ecb7a42eddf05
GET /helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_03_p3ix4k?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Homepage_-_Professional_Endorsement_-_03_p3ix4k.webp"
content-type: image/webp
etag: "0ecda6fb2fe1b3a0f32f16069091d2d5"
last-modified: Thu, 05 Jan 2023 18:17:48 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.634Z;desc=hit,rtt;dur=9
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 10552
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfb83e8e17585c3bffd4f5cc805090e7d 40ccc2a777a89f6c33ec4daffcddd21299472971 40bbc718adc11a3a6d6238e3990c6684f3834296141e3163d8ffecea46852958
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46cbec1f-fbf7-461c-90ac-cc819d929109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4995
x-amzn-requestid: 045078d2-7791-47fe-9e00-229a03528d74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO1vG9HoAMFyxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591be-73e4a521649e1ef317078153;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: jd7mcQebbYc29bdaGqgIQ8m4_fOK26grkzSuH_Y9H07oZ0FdBg1K1w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 23:03:22 GMT
age: 57045
etag: "40ccc2a777a89f6c33ec4daffcddd21299472971"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_02_m9i53v?_a=AAFIKBs | 151.101.129.137 | 200 OK | 11 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_02_m9i53v?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash472746f39e05254031856248b21ec1a7 bf734eb8b55b851b54d2c4365eaedee1dafb3d43 5e8e939bea1f4cda81eab4417d6db5e015083d4fff7bfd42dd64762644c4ed11
GET /helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_02_m9i53v?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Homepage_-_Professional_Endorsement_-_02_m9i53v.webp"
content-type: image/webp
etag: "472746f39e05254031856248b21ec1a7"
last-modified: Thu, 05 Jan 2023 18:17:48 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.634Z;desc=hit,rtt;dur=9
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 10698
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17800
Expires: Thu, 09 Mar 2023 19:50:47 GMT
Date: Thu, 09 Mar 2023 14:54:07 GMT
Connection: keep-alive
|
|
| res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_04_ahpni1?_a=AAFIKBs | 151.101.129.137 | 200 OK | 7.4 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_04_ahpni1?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hasha89a6ff8c68e632046a6143f1d2938fb 938326f339a3af2ed61b273602218ca9d835b27d e1d88914759ac0013800525bd35c542380d4948b2b04af90590e9cb6ddea0f6b
GET /helixsleep/image/upload/t_square/f_auto/c_scale,w_400/Homepage_-_Professional_Endorsement_-_04_ahpni1?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Homepage_-_Professional_Endorsement_-_04_ahpni1.webp"
content-type: image/webp
etag: "a89a6ff8c68e632046a6143f1d2938fb"
last-modified: Thu, 05 Jan 2023 18:17:48 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.657Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 7420
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_1572/Homepage_-_Hero_-_Primary_-_04_bbjh3q?_a=AAFIKBs | 151.101.129.137 | 200 OK | 62 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_1572/Homepage_-_Hero_-_Primary_-_04_bbjh3q?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1572x774, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash237002adb02715d3306f5b86069a4dab 2baafc2b0d49330259dd26550192c7c0836ed8aa aea953880d2872d886bad66a70af95645b7412b5395d3922a61795813a3e7d6b
GET /helixsleep/image/upload/f_auto/c_scale,w_1572/Homepage_-_Hero_-_Primary_-_04_bbjh3q?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Homepage_-_Hero_-_Primary_-_04_bbjh3q.webp"
content-type: image/webp
etag: "237002adb02715d3306f5b86069a4dab"
last-modified: Tue, 17 Jan 2023 22:44:20 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2023-03-09T14:54:07.662Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 62516
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17800
Expires: Thu, 09 Mar 2023 19:50:47 GMT
Date: Thu, 09 Mar 2023 14:54:07 GMT
Connection: keep-alive
|
|
| res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_651/Hero_-_Spring_-_01_1_gwky7l?_a=AAFIKBs | 151.101.129.137 | 200 OK | 3.1 kB |
URL HTTP/2res.cloudinary.com/helixsleep/image/upload/f_auto/c_scale,w_651/Hero_-_Spring_-_01_1_gwky7l?_a=AAFIKBs IP151.101.129.137:0
File typeRIFF (little-endian) data, Web/P image\012- data Hasha7becc1c6ace98d861b5d575aec0cd16 29f42baeb75b6979b9b2104930ad6c58c4d43850 d756be88c7bfd7c0cbbb14cd38c8d064c673bbcc00add3a214011bf604b03465
GET /helixsleep/image/upload/f_auto/c_scale,w_651/Hero_-_Spring_-_01_1_gwky7l?_a=AAFIKBs HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="Hero_-_Spring_-_01_1_gwky7l.webp"
content-type: image/webp
etag: "a7becc1c6ace98d861b5d575aec0cd16"
last-modified: Mon, 06 Mar 2023 16:33:30 GMT
date: Thu, 09 Mar 2023 14:54:07 GMT
vary: Accept,User-Agent
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=4;cpu=0;start=2023-03-09T14:54:07.661Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3136
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf57df98d880821f3ed2d1227ea1e29c0 ec77a342171a7b2df5b4bb4ff267eb9e7b6fdc9d d9c8877d58e5625ffd72222372334fa857611de3e444732e4ac025571df9e333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8421
x-amzn-requestid: f161f3bb-2b66-4ec8-a2d0-460296e59d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezfVHwPoAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff95-7fd8848f23e348491da23bc3;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WhZOgffFrj1iFAfsjgAIAP7uqlu_51nukKxgziuJgMjU8lOxFKKnUg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:40 GMT
age: 61707
etag: "ec77a342171a7b2df5b4bb4ff267eb9e7b6fdc9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash636ad724875a1b8f978d351d851af52d 61075cafcbfe1c763ab0b1c79540d42e7ae63942 382228b2396099885438936cd087a9bfa2d272160475859123f8a7ec7f5f34c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7206
x-amzn-requestid: bc793a8e-f967-4a1b-81d2-be45c56bd93b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BPorOF-CIAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6402ee47-3e38c6af4234bd164a429258;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 07:07:51 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: XIYfAxm8RWhLOfQCZA5tr3eMhggSG2AHKx9zL_nU2RMP-68t_3HeLg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 19:19:54 GMT
age: 70453
etag: "61075cafcbfe1c763ab0b1c79540d42e7ae63942"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash54939002388023971ddb6b7e7ad53403 21f73b23a35299dfbae64d57dd2762625a9a09f5 8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17800
Expires: Thu, 09 Mar 2023 19:50:47 GMT
Date: Thu, 09 Mar 2023 14:54:07 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd029abcba5db74cecb02bad1a036c43 bc714ee0389e279919dde08149be61c4dc9ab0a7 10ae90728b38f7aeba134961a7b80c68c213a09eeef618ef3d66f3305b19834e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4770
x-amzn-requestid: 963dae3d-8336-4a5b-8b25-c3617f946d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BUZkWFhLIAMF6FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404d61b-1b705b460f7539f97c3dd7e5;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 17:49:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: uGH8_fFeonTgrNF5RYeA6pMhKoh24-6W74Vhju3CcJ7A8LEGFse9Sw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:51:07 GMT
age: 61380
etag: "bc714ee0389e279919dde08149be61c4dc9ab0a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd541504b5777fedb1a4b99770ca977e0 1acb5b7a05f617c8fc7cd6fe420ab72646bfc306 34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: cDI-93Hy2SjT7q1l2FxfJnvKyqQzZZ7M6edx7oPwOVS6Hi6BBbgXZg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:40 GMT
age: 61707
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8f45f111388e764cdc6482be2307e0a1 f849869251bd94a51243604d94f9dd708930d3e2 8e7b32b34a50ba9ca3834a7d915b245590bd19d96ae13aa9881cdea8b7f5fcc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: c100b707-4225-449e-b028-4d9f9da81b3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BfIm7H1_IAMFRYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6409215f-192127435abb06342b869fff;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 23:59:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bfnl06q4VdgNQOw7uOgtQvhdBzjBsmKHR33fIimnrggCh0cW9pfybQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 00:14:14 GMT
age: 52793
etag: "f849869251bd94a51243604d94f9dd708930d3e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| a19174160803.cdn.optimizely.com/client_storage/a19174160803.html | 104.110.8.48 | 200 OK | 906 B |
URL HTTP/2a19174160803.cdn.optimizely.com/client_storage/a19174160803.html IP104.110.8.48:0
File typeHTML document, ASCII text, with very long lines (1371) Hash880d106065c1bae118ef95b5e78d77d3 4ccbd16d2b58e92a4bdac4c0882a2381ccb0bf9c 403b33a15e29e7f8df561ad1078d37f28b37c23c9dbffa33c75d305295c9b967
GET /client_storage/a19174160803.html HTTP/1.1
Host: a19174160803.cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Zpp3Sw7O/T7CFShx6UC/v1sUBWmbWigYSd421YAWPuRcFaUT1hH/gBe0/tVgQewWRCBpdOsfoRI=
x-amz-request-id: M2PZSXN9EQV1WRDM
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Mar 2023 19:11:04 GMT
etag: "852db57e4f57bfdf68f0543e1f6914f6"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
x-amz-version-id: JH6Ykr3PCamIVwD0CG_XbPR7PtMpNbsT
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
x-akamai-transformed: 9 - 0 pmb=mRUM,2
content-encoding: gzip
date: Thu, 09 Mar 2023 14:54:07 GMT
content-length: 906
server-timing: cdn-cache; desc=HIT, edge; dur=10, cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="466214_388255197_25785481_964_1098_9_0";dur=1
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashbcc10f4f7be46015df75cf91c5b5fb48 ef260671a406f33cfeae09c010a224deb1508606 5d52129020a00f4df4a29de99cdc45f08f730308cbb65acc33ca1afb2a567cfb
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139809
Date: Thu, 09 Mar 2023 14:54:07 GMT
Etag: "64096ef7-1d7"
Expires: Sat, 11 Mar 2023 05:44:16 GMT
Last-Modified: Thu, 09 Mar 2023 05:30:31 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 29hERTHeG0k8DvlO4tdt5F8ksnqOaeiRY0nAlnX5-hqhs-3WXk2Odg==
Age: 825
|
|
| heapanalytics.com/h?a=2499289854&u=7340607784647724&v=8322445609354912&s=1204035182260364&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t&d=helixsleep.com&t=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&us=zaius&um=email&uc=2023__getemails_welcome__1_message_a&ua=2023__GetEmails_Welcome&ts=1678373647573&st=1678373647575 | 3.212.5.182 | 200 OK | 37 B |
URL HTTP/2heapanalytics.com/h?a=2499289854&u=7340607784647724&v=8322445609354912&s=1204035182260364&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t&d=helixsleep.com&t=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&us=zaius&um=email&uc=2023__getemails_welcome__1_message_a&ua=2023__GetEmails_Welcome&ts=1678373647573&st=1678373647575 IP3.212.5.182:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash3eacd0132310ea44cad756b378a3bc07 e2216a7e9b73f5cb0279351c78ce61c33475cea7 bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=2499289854&u=7340607784647724&v=8322445609354912&s=1204035182260364&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t&d=helixsleep.com&t=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&us=zaius&um=email&uc=2023__getemails_welcome__1_message_a&ua=2023__GetEmails_Welcome&ts=1678373647573&st=1678373647575 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| gtm.helixsleep.com/shopify-event.gif?source_url=https%253A%252F%252Fhelixsleep.com%252F%253Futm_campaign%253D2023__GetEmails_Welcome%2526utm_content%253D2023__getemails_welcome__1_message_a%2526utm_medium%253Demail%2526utm_source%253Dzaius%2526zm64_id%253Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t | 216.239.34.21 | 200 OK | 0 B |
URL HTTP/2gtm.helixsleep.com/shopify-event.gif?source_url=https%253A%252F%252Fhelixsleep.com%252F%253Futm_campaign%253D2023__GetEmails_Welcome%2526utm_content%253D2023__getemails_welcome__1_message_a%2526utm_medium%253Demail%2526utm_source%253Dzaius%2526zm64_id%253Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t IP216.239.34.21:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /shopify-event.gif?source_url=https%253A%252F%252Fhelixsleep.com%252F%253Futm_campaign%253D2023__GetEmails_Welcome%2526utm_content%253D2023__getemails_welcome__1_message_a%2526utm_medium%253Demail%2526utm_source%253Dzaius%2526zm64_id%253Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t HTTP/1.1
Host: gtm.helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Content-Type: text/plain
Origin: https://helixsleep.com
Content-Length: 578
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
via: 1.1 google
X-Firefox-Spdy: h2
|
|
| helixsleep.com/images/helix-sleep/apple-touch-icon.png | 167.172.14.23 | 200 OK | 984 B |
URL HTTP/2helixsleep.com/images/helix-sleep/apple-touch-icon.png IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data Hashe0cecf7fdb432e3aba16348e93340292 0f2ac049996b9fcc01b74c8b85e42a7f74b2f9aa 6d2df8550d55477207d8717b05464f540a24bcd67099b5b29a16b4fefd6e1e2b
GET /images/helix-sleep/apple-touch-icon.png HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D; optimizelyEndUserId=oeu1678373646961r0.17934691594643226; _hp2_ses_props.2499289854=%7B%22us%22%3A%22zaius%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%222023__getemails_welcome__1_message_a%22%2C%22ua%22%3A%222023__GetEmails_Welcome%22%2C%22ts%22%3A1678373647573%2C%22d%22%3A%22helixsleep.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t%22%7D; _hp2_id.2499289854=%7B%22userId%22%3A%227340607784647724%22%2C%22pageviewId%22%3A%228322445609354912%22%2C%22sessionId%22%3A%221204035182260364%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: image/png
content-length: 984
last-modified: Mon, 06 Mar 2023 10:23:48 GMT
etag: "6405bf34-3d8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| helixsleep.com/images/helix-sleep/favicon-16x16.png | 167.172.14.23 | 200 OK | 661 B |
URL HTTP/2helixsleep.com/images/helix-sleep/favicon-16x16.png IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Hash1632bd911a54f6e667e0b252065bef08 a294a860ce8fba7ad93a9f00cf8499aaa278457f f09941c5a320bea0504fd3f0396aa508ce220f27151e17a2a2d42c5507d47855
GET /images/helix-sleep/favicon-16x16.png HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D; optimizelyEndUserId=oeu1678373646961r0.17934691594643226; _hp2_ses_props.2499289854=%7B%22us%22%3A%22zaius%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%222023__getemails_welcome__1_message_a%22%2C%22ua%22%3A%222023__GetEmails_Welcome%22%2C%22ts%22%3A1678373647573%2C%22d%22%3A%22helixsleep.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t%22%7D; _hp2_id.2499289854=%7B%22userId%22%3A%227340607784647724%22%2C%22pageviewId%22%3A%228322445609354912%22%2C%22sessionId%22%3A%221204035182260364%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: image/png
content-length: 661
last-modified: Mon, 06 Mar 2023 10:23:48 GMT
etag: "6405bf34-295"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| d1igp3oop3iho5.cloudfront.net/v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js | 54.230.245.90 | 200 OK | 36 kB |
URL HTTP/2d1igp3oop3iho5.cloudfront.net/v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js IP54.230.245.90:0
Hash359fa872b37cdb89620211267e7f0b88 c5156b9c76a9e6438df337a23caf56b2f01ddd56 5db83c7ef5a2c47a217c07de64921f5da755dd55cb6690638548e020e3cbbf02
GET /v2/0KKs7Iw9DiYaFM7bIJwmTg/zaius-min.js HTTP/1.1
Host: d1igp3oop3iho5.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Mon, 23 Jan 2023 09:46:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Q.WP5mS_wHCg2Tt7bYj4ZmUA2EmoKpjy
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Mar 2023 01:04:18 GMT
etag: W/"606c44d96a3151414d96b0d3db669298"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WtbRfomHu29lTWLoTJxewoidQIeWu3WrW8CbIejI6SpqXnC49Oue-A==
age: 49791
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash4bc10bf4190a686e09f8611735d35bad 9de9ac174797ce925635ece826739ea433d783c3 7613d0223084b2e86dea3aead7e603ae33c25f08c934fbe71c780fd3c89ecb8c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129963
Date: Thu, 09 Mar 2023 14:54:08 GMT
Etag: "64093db8-1d7"
Expires: Sat, 11 Mar 2023 03:00:11 GMT
Last-Modified: Thu, 09 Mar 2023 02:00:24 GMT
Server: ECAcc (nya/1C20)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3EvWciC3r5RoAbGvyLCe8cT6rxhsmv4wgUmjrqepkpe6HrWQpoKE7Q==
Age: 3587
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hashb9f6988710e29aa692b15530260848c4 43c818f032fbfe77bf800355fa8ad6368cc6841b e918cc45aef466e592509b8e50ca45a3ff96b4aed4ec9c35d719b72e164417b8
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147294
Date: Thu, 09 Mar 2023 14:54:08 GMT
Etag: "64097ba9-1d7"
Expires: Sat, 11 Mar 2023 07:49:02 GMT
Last-Modified: Thu, 09 Mar 2023 06:24:41 GMT
Server: ECAcc (nya/7975)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FYlCNDpUpqyxX0c-Cq2BF_WBuijiKhPVo6AW8FLSYLHvS-DRRopoLQ==
Age: 5061
|
|
| logx.optimizely.com/v1/events | 54.236.198.240 | 204 No Content | 0 B |
URL HTTP/1.1logx.optimizely.com/v1/events IP54.236.198.240:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1021
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://helixsleep.com
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 09 Mar 2023 14:54:08 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 03fbaab6-9fd4-4655-b06f-db8d0c113393
Connection: keep-alive
|
|
| helixsleep.zendesk.com/embeddable/config | 104.16.51.111 | 200 OK | 640 B |
URL HTTP/2helixsleep.zendesk.com/embeddable/config IP104.16.51.111:0
File typeJSON data\012- , ASCII text, with very long lines (1176), with no line terminators Hash9967fe762eff54b5ab17abcd607af256 b6cc23079563b08e514504e3dfa0051c129926e2 97b7e8d7e034eaa190d7cda754225a5977e1dc66976bcfb504d0af1a60b88f9f
GET /embeddable/config HTTP/1.1
Host: helixsleep.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-fffbbf9df-c52lk
x-request-id: 7a5410ddb91a0359-MIA
x-runtime: 0.002984
vary: Origin, Accept-Encoding
x-cached: STALE
last-modified: Thu, 09 Mar 2023 14:43:41 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx8rUfQ4CFvwwewTQiOmQw0vAhiB2t6n8MBGiiMJGuFSusgBGOlrbEHeJ7uraLyiNu14kNecknc3Ky4s5GdR%2BI1yNNPrp4peq4eEgcW2scuj1YCjfwGCsxtAoOGwkQ%2BxIHysCOUk%2BiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=befe5ca44f320e1aa679d282a02a142729452440-1678373648; path=/; domain=.helixsleep.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7a5426c50dc20b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash9f963ad6104c08b0403759ec22008ace 7e2bf8de614c2b589093f5d90366d0b85ad989e4 a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf6c8dc9c975b8e1943edceb80d356407 e0672cb032f9a56fdb126562662ca5aa9a963767 3e7cf3c2a69f3fa13028ae81e182e815a07a1cd90da02dfdbe258a7fdac4874e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7CF3C2A69F3FA13028AE81E182E815A07A1CD90DA02DFDBE258A7FDAC4874E"
Last-Modified: Wed, 08 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5645
Expires: Thu, 09 Mar 2023 16:28:13 GMT
Date: Thu, 09 Mar 2023 14:54:08 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=G-SC9E0N92N7&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 | 142.250.74.168 | 200 OK | 78 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-SC9E0N92N7&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 IP142.250.74.168:0
File typeASCII text, with very long lines (19467) Hashe6503837e7ec47780e97e4d720ac5751 a32a0d772382e5fd637d65b4fa9b7a3c63f6a652 254b65c529c5fab69f5802b1ccc1c39658133847e5b0a55a5d04341f6465d446
GET /gtag/js?id=G-SC9E0N92N7&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Mar 2023 14:54:08 GMT
expires: Thu, 09 Mar 2023 14:54:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash9f963ad6104c08b0403759ec22008ace 7e2bf8de614c2b589093f5d90366d0b85ad989e4 a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash22e8866a6d7108317af9290975521e61 e0d5b8e1d4aac1db016093ebb38b7ccc9ecb1515 e896baaf2621c09ee44c650497c9c8d1979b82ae80807c90bf4a3537f51a3558
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123477
Date: Thu, 09 Mar 2023 14:54:08 GMT
Etag: "640921d1-1d7"
Expires: Sat, 11 Mar 2023 01:12:05 GMT
Last-Modified: Thu, 09 Mar 2023 00:01:21 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fs2ThFZDx6DKSQFnfU7exzimma1F3CjNwwU0zzfqvPIh397DvOnZag==
Age: 4244
|
|
| helixsleep.com/helix-sleep/js/app.js?id=e371d69e2e685d51a8cbae9f332dc6f5 | 167.172.14.23 | 200 OK | 57 kB |
URL HTTP/2helixsleep.com/helix-sleep/js/app.js?id=e371d69e2e685d51a8cbae9f332dc6f5 IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
Hash653ef9ce10dbc318f7861909e7ab099e f5160620f97c856d06cf4185e8cd38d844e256b2 9e2898f776f5feb7bc39f11a6f6b2114284f2c2472a26a0bfe046d776cbb267e
GET /helix-sleep/js/app.js?id=e371d69e2e685d51a8cbae9f332dc6f5 HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 Mar 2023 10:26:15 GMT
vary: Accept-Encoding
etag: W/"6405bfc7-301f4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| helixsleep.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX0sImNoYXQiOnsiZGVwYXJ0bWVudHMiOnsiZW5hYmxlZCI6WyJvcmRlciBxdWVzdGlvbnMiLCJvdGhlciIsInByb2R1Y3QgcXVlc3Rpb25zIiwicmV0dXJucyAmIHdhcnJhbnRpZXMiLCJzaGlwcGluZyAmIGRlbGl2ZXJ5Il19fSwiY29sb3IiOnsidGhlbWUiOiIjMDAyRTY2IiwiaGVhZGVyIjoiIzAwMkU2NiIsImxhdW5jaGVyVGV4dCI6IiNGRkZGRkYifSwib2Zmc2V0Ijp7Imhvcml6b250YWwiOiI1MHB4In19fSwiYnVpZCI6ImI0NzhiMGNkMDNkYjQyNzJhZjYzYzI0Zjk2NzM2NzRiIiwic3VpZCI6IjM2ZmFlNWUyMGYyNzQxZDc4Yjg0NDA4YzEwZmZmNzMzIiwidmVyc2lvbiI6ImFiYTM1NmEiLCJ0aW1lc3RhbXAiOiIyMDIzLTAzLTA5VDE0OjU0OjA4LjczNFoiLCJ1cmwiOiJodHRwczovL2hlbGl4c2xlZXAuY29tLz91dG1fY2FtcGFpZ249MjAyM19fR2V0RW1haWxzX1dlbGNvbWUmdXRtX2NvbnRlbnQ9MjAyM19fZ2V0ZW1haWxzX3dlbGNvbWVfXzFfbWVzc2FnZV9hJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT16YWl1cyJ9 | 104.16.51.111 | 200 OK | 0 B |
URL HTTP/2helixsleep.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX0sImNoYXQiOnsiZGVwYXJ0bWVudHMiOnsiZW5hYmxlZCI6WyJvcmRlciBxdWVzdGlvbnMiLCJvdGhlciIsInByb2R1Y3QgcXVlc3Rpb25zIiwicmV0dXJucyAmIHdhcnJhbnRpZXMiLCJzaGlwcGluZyAmIGRlbGl2ZXJ5Il19fSwiY29sb3IiOnsidGhlbWUiOiIjMDAyRTY2IiwiaGVhZGVyIjoiIzAwMkU2NiIsImxhdW5jaGVyVGV4dCI6IiNGRkZGRkYifSwib2Zmc2V0Ijp7Imhvcml6b250YWwiOiI1MHB4In19fSwiYnVpZCI6ImI0NzhiMGNkMDNkYjQyNzJhZjYzYzI0Zjk2NzM2NzRiIiwic3VpZCI6IjM2ZmFlNWUyMGYyNzQxZDc4Yjg0NDA4YzEwZmZmNzMzIiwidmVyc2lvbiI6ImFiYTM1NmEiLCJ0aW1lc3RhbXAiOiIyMDIzLTAzLTA5VDE0OjU0OjA4LjczNFoiLCJ1cmwiOiJodHRwczovL2hlbGl4c2xlZXAuY29tLz91dG1fY2FtcGFpZ249MjAyM19fR2V0RW1haWxzX1dlbGNvbWUmdXRtX2NvbnRlbnQ9MjAyM19fZ2V0ZW1haWxzX3dlbGNvbWVfXzFfbWVzc2FnZV9hJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT16YWl1cyJ9 IP104.16.51.111:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX0sImNoYXQiOnsiZGVwYXJ0bWVudHMiOnsiZW5hYmxlZCI6WyJvcmRlciBxdWVzdGlvbnMiLCJvdGhlciIsInByb2R1Y3QgcXVlc3Rpb25zIiwicmV0dXJucyAmIHdhcnJhbnRpZXMiLCJzaGlwcGluZyAmIGRlbGl2ZXJ5Il19fSwiY29sb3IiOnsidGhlbWUiOiIjMDAyRTY2IiwiaGVhZGVyIjoiIzAwMkU2NiIsImxhdW5jaGVyVGV4dCI6IiNGRkZGRkYifSwib2Zmc2V0Ijp7Imhvcml6b250YWwiOiI1MHB4In19fSwiYnVpZCI6ImI0NzhiMGNkMDNkYjQyNzJhZjYzYzI0Zjk2NzM2NzRiIiwic3VpZCI6IjM2ZmFlNWUyMGYyNzQxZDc4Yjg0NDA4YzEwZmZmNzMzIiwidmVyc2lvbiI6ImFiYTM1NmEiLCJ0aW1lc3RhbXAiOiIyMDIzLTAzLTA5VDE0OjU0OjA4LjczNFoiLCJ1cmwiOiJodHRwczovL2hlbGl4c2xlZXAuY29tLz91dG1fY2FtcGFpZ249MjAyM19fR2V0RW1haWxzX1dlbGNvbWUmdXRtX2NvbnRlbnQ9MjAyM19fZ2V0ZW1haWxzX3dlbGNvbWVfXzFfbWVzc2FnZV9hJnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT16YWl1cyJ9 HTTP/1.1
Host: helixsleep.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-length: 0
access-control-allow-origin: *
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 7a5426c929f70b45-IAD
last-modified: Thu, 09 Mar 2023 14:54:08 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBVgHAD1DJH8BTYHTLaP2s5UGD4pCUCS978YBqTMWCrgbRtzlt82%2F6MowDTRJ4y7uicCtEsX6P%2BStT%2BXkwEs6P7O5HFBiMV%2Fsy1IlVTlfIiGh%2BnnrcMGS6webbmwOh9ta7LtHw88NFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=befe5ca44f320e1aa679d282a02a142729452440-1678373648; path=/; domain=.helixsleep.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7a5426c929f70b45-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash3c9c0c4cf2f07b80aa41589be66a11f4 5ebbf99384097253bd6665238e83d4c609120cb9 0b934a16b79f02e1f810a25152ec79ddf4035a351e20ce6bed044010cf9acd37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 14:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Mar 2023 18:44:43 GMT
Expires: Wed, 15 Mar 2023 18:44:42 GMT
Etag: "5ebbf99384097253bd6665238e83d4c609120cb9"
Cache-Control: max-age=531633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a5426c88c8fb527-OSL
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-classic-aba356a.js | 104.18.70.113 | 200 OK | 4.0 kB |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-classic-aba356a.js IP104.18.70.113:0
File typeASCII text, with very long lines (13518), with no line terminators Hashc882aab80bbf7787eb1cd8a0cd2899a1 67c5673a9a18bf3658bb847636e9e782b36b483a 4cddf5d62a857c43862bd40ee8d32c9d490447c36ca92bfd8ac9984d29bf2a91
GET /web_widget/latest/classic/web-widget-classic-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: W0NPS16RT5kurNWJAvQ+t6JvXpYQ2wazAj6/Xq6mjzqd4P6CQCWyDxpBRgrBFfgt+kMN4HNY9UGWNssn36Jq8w==
x-amz-request-id: 7G09YZ3TPHHW26WH
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:16 GMT
etag: W/"33e488c423200ecbe8d360f701a9d608"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:15 GMT
x-amz-version-id: 2r83KU5J9o9ypph5kM05BOIQMjqmSPho
cf-cache-status: HIT
age: 231654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMdN2%2Bd%2F5%2Fw3nT4zhfBH9vX4y%2Fi4%2BAUTkqQuG5TxAFU9QzadMVH9fvrUIh4fABoSU49SFl%2Fa1mHByh0PYh9bmzLTRPK9w36nmHsS%2BZPnj7TLpv85e7VPv%2BFzxcW7BzN1EiDUmQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c6782ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash601361dc7dbc126ff4f59b0fd7e50a29 df65b5e271a5a4ae128c891faadd0262a8aaf84a 6fb19a364cc85c45ca8d1e940135d0b4e7e99d78159eca3208902bb79b2e198d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Mar 2023 14:54:08 GMT
Last-Modified: Thu, 09 Mar 2023 13:11:39 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qirEOFrEQwmv941BL0y1fo1YVuisTbZvQXb7fTz3-2Utf6HFlnSW-g==
Age: 6150
|
|
| d.impactradius-event.com/A1422860-a2dc-4b8c-affa-9174acdb4c091.js | 35.186.249.72 | 200 OK | 15 kB |
URL HTTP/2d.impactradius-event.com/A1422860-a2dc-4b8c-affa-9174acdb4c091.js IP35.186.249.72:0
File typeC source, ASCII text, with very long lines (48947), with no line terminators Hash46ac4b24cfb79139fc0bc4a6f6cabd54 76915873b26b866f3468f6adbf224fca1d2c8bd7 c0d39cef617f3d9e902b6673765c1cb6fd75b8f831f775e6c283919c0647e8a4
GET /A1422860-a2dc-4b8c-affa-9174acdb4c091.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtemlACbI8IxF-hKuByWialGD6rcRI0qliNE6C4KZ-YpixaGAmQuGCKZ0ncRIC-wA6uOX0Gcc2l-xJEQT6SvZkt
x-goog-generation: 1676498643035909
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14849
content-encoding: gzip
x-goog-hash: crc32c=CfltAQ==, md5=RqxLJM+3kTn8C8Sm9sq9VA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 14849
access-control-allow-origin: *
server: UploadServer
date: Thu, 09 Mar 2023 14:54:09 GMT
expires: Thu, 09 Mar 2023 14:59:09 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Wed, 15 Feb 2023 22:04:03 GMT
etag: "46ac4b24cfb79139fc0bc4a6f6cabd54"
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd | 52.54.98.146 | 200 OK | 43 B |
URL HTTP/1.1data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd IP52.54.98.146:0
File typeGIF image data, version 89a, 1 x 1\012- data Hasha5098c60b3b0c879a2c7af6c68b7b53f 939f40be7f1aaf623f62886de4aaba3886df9b65 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
GET /pixel/?ad_log=referer&action=lead&pixid=ab07a0e4-7ddd-4049-b4bd-f4a64f55a4dd HTTP/1.1
Host: data.adxcel-ec2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash6e77de0e71296dc11d5e65542927d0db 35a9424208f22e16a8ee82e2330cb7dd610d03ca fca132facf63c7ad4cd9c29cc7b2946ab56055a058a21a98218ddcf19b684cf8
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Mar 2023 14:54:09 GMT
Last-Modified: Thu, 09 Mar 2023 14:05:29 GMT
Server: ECAcc (nya/1C20)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: d6WwHAJ6GBcbJohBmhwI2iWMb3LHtB4dkAlWVFiftP3Tbb3q-YMuFQ==
Age: 2920
|
|
| s3.amazonaws.com/zaius-content/web/0KKs7Iw9DiYaFM7bIJwmTg/_rules.json | 52.217.84.86 | 200 OK | 22 kB |
URL HTTP/1.1s3.amazonaws.com/zaius-content/web/0KKs7Iw9DiYaFM7bIJwmTg/_rules.json IP52.217.84.86:0
File typeJSON data\012- , ASCII text, with very long lines (21700), with no line terminators Hash6fe06f54fddb5ec78e55a3aa38d18e41 4740ce7c16e49c13a36e070261b0ddaedba2b6cb b0ab53ff01764b96ef28f52b91d6156367df608fba7f9ecdb569fb211fe27431
GET /zaius-content/web/0KKs7Iw9DiYaFM7bIJwmTg/_rules.json HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IVI0+3ghATJKwO24FKRpJAKbUYtp0bqLLKt7gsQEKRyv0LIadVqqYuUhmJDIKKZAhibrr3uDXdQ=
x-amz-request-id: WBAQPVWFKK1T3M3N
Date: Thu, 09 Mar 2023 14:54:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 60
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 06 Mar 2023 14:10:22 GMT
ETag: "6fe06f54fddb5ec78e55a3aa38d18e41"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Server: AmazonS3
Content-Length: 21700
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hashd88f4a2bd1804221cce974be79a21e88 d7647d5f77a4d3f3f35e1632abd322cf77f993c7 80c3d787f9996cd3ccb1579e998cdda20d08075050fe393c05ac034e19737455
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Mar 2023 14:54:09 GMT
Last-Modified: Thu, 09 Mar 2023 14:06:34 GMT
Server: ECAcc (bsa/EA9A)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: POJmogivKVhViiaZZ3Ku4FGkslXdwau0Bm1zOcBpVCTYd15Qhbt7YQ==
Age: 2855
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-aba356a.js | 104.18.70.113 | 200 OK | 56 kB |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-aba356a.js IP104.18.70.113:0
File typeASCII text, with very long lines (65307) Hashad82513bba361968cd4e8a0afd8bdfcd a931f795a487589c3f47494b7a80822e507f7b84 caeb6b2a1b5154b3c0f2f86528799c6e4d2c8fab3ae6e6ee1b7179392ed62d92
GET /web_widget/latest/classic/web-widget-chat-sdk-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: dsIVpg21ekH9W+h3WzG2ilwoTADociSutRpA9drMt10Dzl3KuePxNfDZKyC6xgxJ0jXW60MAm7m6ntj5+aQ8Gw==
x-amz-request-id: EAZTN0PYMZVEZSX6
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:16 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:15 GMT
x-amz-version-id: hRz2zotl_ZlNgje.GvDXZOYoij4XOW_3
cf-cache-status: HIT
age: 231652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfQYIZ4xVow1qFCk93csO4Np2e4RLfERjWu3z%2BE8UiB8ezoAuDlMnQ7hO68UyN9X%2B3QTOuxT2AXOF%2Bg2G4TaoCjiUdGJTYqfhFE6Ve9bj847E6BU8KHB1A9fgtYW8rhAlol6HnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c97c8cb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| widget-mediator.zopim.com/s/W/ws/JjXJSY-xP5Jtbxs4/c/1678373648945 |  35.156.88.227 | 101 Switching Protocols | 0 B |
URL HTTP/1.1widget-mediator.zopim.com/s/W/ws/JjXJSY-xP5Jtbxs4/c/1678373648945 IP35.156.88.227:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/JjXJSY-xP5Jtbxs4/c/1678373648945 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://helixsleep.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yam8FWJqmUecqv/vVNQk/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 09 Mar 2023 14:54:09 GMT
Connection: upgrade
Set-Cookie: AWSALB=5q5/69ksGxWakEPl8B8Nh9kTs9DyKBGerbKjx7ZPdNSCSY7QI7aMlBPscnEEsPIdcBJTy/XMnZAdZ/ouBJrBy9Pr66SyoSOo83kbM2bqoKsSa1FdmukUCjoWEcFI; Expires=Thu, 16 Mar 2023 14:54:09 GMT; Path=/
AWSALBCORS=5q5/69ksGxWakEPl8B8Nh9kTs9DyKBGerbKjx7ZPdNSCSY7QI7aMlBPscnEEsPIdcBJTy/XMnZAdZ/ouBJrBy9Pr66SyoSOo83kbM2bqoKsSa1FdmukUCjoWEcFI; Expires=Thu, 16 Mar 2023 14:54:09 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: fyjR+LtmaN5MOURMPCKn3u8vlxM=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash3c9c0c4cf2f07b80aa41589be66a11f4 5ebbf99384097253bd6665238e83d4c609120cb9 0b934a16b79f02e1f810a25152ec79ddf4035a351e20ce6bed044010cf9acd37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 14:54:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Mar 2023 18:44:43 GMT
Expires: Wed, 15 Mar 2023 18:44:42 GMT
Etag: "5ebbf99384097253bd6665238e83d4c609120cb9"
Cache-Control: max-age=531632,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a5426cb1fdcb527-OSL
|
|
| web.chtbl.com/track | 143.204.55.125 | 503 Service Unavailable | 162 B |
IP143.204.55.125:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash81df4d3863debf3eceb5cf84251fd472 4ba7843a4cc062123f5f4caacbb9a3fa7d381eac 258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
OPTIONS /track HTTP/1.1
Host: web.chtbl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html
content-length: 162
server: awselb/2.0
date: Thu, 09 Mar 2023 14:54:09 GMT
x-cache: Error from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DJb-k2_wKv940fdCSe-NP432nivpBBBspmzLFxZHjcbym1vdz83Qw==
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-SC9E0N92N7>m=45je3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_s=1&sid=1678373648&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_type=guest | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-SC9E0N92N7>m=45je3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_s=1&sid=1678373648&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_type=guest IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SC9E0N92N7>m=45je3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_s=1&sid=1678373648&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&up.visitor_type=guest HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://helixsleep.com
date: Thu, 09 Mar 2023 14:54:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 | 104.18.70.113 | 206 Partial Content | 20 kB |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 IP104.18.70.113:0
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data Hashf11ce9e8f40a392830217253fe75d6de 89ba57fcc360da34756c127acba15a8b23267fc6 05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 09 Mar 2023 14:54:09 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: QIQrdHBOSoaqfUhXb0V67aBYN51/L8NMXdxQX9vurpXVVjk8ATkM6PqPZep63udXKkqpDh94C6w=
x-amz-request-id: 8NWTXDWMCCWN8AN3
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Jan 2023 03:39:54 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 12 Jan 2024 03:39:53 GMT
x-amz-version-id: hect34MLstsF8KyyzDR9IJIoDb9EwJeR
cf-cache-status: HIT
age: 1968016
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy3nLf8BXUGtq6WK67sn6D3Bm2tKHn017ekNQqNgb2Cl1U9lywNAQ9dlXVj9kyZV4RxKiM73aqwzAEYmwgM6SY43cIR3MD36BEwc6tV90IVFX5qGhXT%2BkFgZaAHKx4HKAIeVoX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426ce6c05b500-OSL
X-Firefox-Spdy: h2
|
|
| cdn.usefathom.com/script.js | 194.242.11.186 | 200 OK | 2.5 kB |
URL HTTP/2cdn.usefathom.com/script.js IP194.242.11.186:0 ASN#34989 ServeTheWorld AS
File typeASCII text, with very long lines (6019), with no line terminators Hash1a7f7532d0ca37b23332fd2826c25ec2 5e750aa5531cb69a7ec03d00beaa9c83fc4786b1 88a445c4654735cdce5d922efd9f0bc5cca41a125b5b5390d52d5bca6231512a
GET /script.js HTTP/1.1
Host: cdn.usefathom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 506217
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=0
etag: W/"d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 28 Feb 2023 17:38:08 GMT
x-vapor-base64-encode: True
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/01/2023 20:59:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8d1793d4b832c6bd5a5260523b4a2b89
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/mwfftxedWH8 | 142.250.74.99 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/mwfftxedWH8 IP142.250.74.99:0
Hash68bcafdbda8446816408b974741ac1f8 8fc53aa342fb3bd1e2fc8dea398c58b6d783dc95 29a3c1b7c11176c05af935b16ec8bd80d5c3e9dda29d69892bdb38cd1051b835
POST /s/gts1d4/mwfftxedWH8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/mwfftxedWH8 | 142.250.74.99 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/mwfftxedWH8 IP142.250.74.99:0
Hash68bcafdbda8446816408b974741ac1f8 8fc53aa342fb3bd1e2fc8dea398c58b6d783dc95 29a3c1b7c11176c05af935b16ec8bd80d5c3e9dda29d69892bdb38cd1051b835
POST /s/gts1d4/mwfftxedWH8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gtm.helixsleep.com/gtag/js?id=G-111111&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 | 216.239.34.21 | 200 OK | 61 kB |
URL HTTP/2gtm.helixsleep.com/gtag/js?id=G-111111&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 IP216.239.34.21:0
Hasha601b0975f0fcbc1052257fdc6980a8a 747a1ade62bf59a4ddf34e00fb6f3b94ffe9cc7f 490a8fbe701ed1042f7af5bd3cbda1c8c5101945d1a066aed6afb73c69780b72
GET /gtag/js?id=G-111111&l=dataLayer&cx=c&sign=2bad2463c086e08be48f4dc37cad00ecdcca8f2f3895010e85aa134aadb4ca66_20230309 HTTP/1.1
Host: gtm.helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: optimizelyEndUserId=oeu1678373646961r0.17934691594643226; _hp2_ses_props.2499289854=%7B%22us%22%3A%22zaius%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%222023__getemails_welcome__1_message_a%22%2C%22ua%22%3A%222023__GetEmails_Welcome%22%2C%22ts%22%3A1678373647573%2C%22d%22%3A%22helixsleep.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t%22%7D; _hp2_id.2499289854=%7B%22userId%22%3A%227340607784647724%22%2C%22pageviewId%22%3A%227630435432605691%22%2C%22sessionId%22%3A%221204035182260364%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; zaius_js_version=2.3.0; vuid=6286c89c-2b3c-4d44-a139-d8058d571771%7C1678373648200; z_idsyncs=; vtsrc=isCampaign%3Dtrue%7Csource%3Dzaius%7Ccampaign%3D2023__GetEmails_Welcome%7Cmedium%3Demail%7Ccontent%3D2023__getemails_welcome__1_message_a; _gcl_au=1.1.2127836996.1678373649
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Thu, 09 Mar 2023 15:08:39 GMT
last-modified: Thu, 09 Mar 2023 12:00:00 GMT
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/mwfftxedWH8 | 142.250.74.99 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/mwfftxedWH8 IP142.250.74.99:0
Hash68bcafdbda8446816408b974741ac1f8 8fc53aa342fb3bd1e2fc8dea398c58b6d783dc95 29a3c1b7c11176c05af935b16ec8bd80d5c3e9dda29d69892bdb38cd1051b835
POST /s/gts1d4/mwfftxedWH8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius | 34.102.157.158 | 200 OK | 26 B |
URL HTTP/2monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius IP34.102.157.158:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash6a43099d5c8fe991a7aa7ebaca53069d 5bce2f0d57305c58c7b05bfce29ebb39a18f5570 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=0&event_name=gtm.init_consent&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduyPmbiFP4AG4ddkSWQNluZvm4qDziUwmY5nkxemKvKXT7LZvRp6jsVM55yI-_j5RKV66-ifaVDU8gR6aYo0jYt4Q
expires: Thu, 09 Mar 2023 15:54:09 GMT
date: Thu, 09 Mar 2023 14:54:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius | 34.102.157.158 | 200 OK | 26 B |
URL HTTP/2monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius IP34.102.157.158:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash6a43099d5c8fe991a7aa7ebaca53069d 5bce2f0d57305c58c7b05bfce29ebb39a18f5570 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=5&event_name=gtm.timer&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtxdscPEs4B77wlGJOit2Flmn9Uovm5B86u2IRbyPlDw5Ny5fNS73lZQyuksmIpk6oYv-ZcZluPQPG7Xh1njS30HTHQ1dDB
expires: Thu, 09 Mar 2023 15:54:09 GMT
date: Thu, 09 Mar 2023 14:54:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius | 34.102.157.158 | 200 OK | 26 B |
URL HTTP/2monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius IP34.102.157.158:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash6a43099d5c8fe991a7aa7ebaca53069d 5bce2f0d57305c58c7b05bfce29ebb39a18f5570 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=1&event_name=gtm.init&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt74rg2gXe2osJeBXINw8JSNL1WKG47VDa9lvWz0v8PLonfB9YVq7Yq-VROYJDjOC4ax7xJ-tq89K5YFT7uckpVldWoFBNY
expires: Thu, 09 Mar 2023 15:54:09 GMT
date: Thu, 09 Mar 2023 14:54:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius | 34.102.157.158 | 200 OK | 26 B |
URL HTTP/2monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius IP34.102.157.158:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash6a43099d5c8fe991a7aa7ebaca53069d 5bce2f0d57305c58c7b05bfce29ebb39a18f5570 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=2&event_name=dl_user_data&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduRbsJxMi165cYqE5WgQIw8JgPCP5RUj94yXoGTU3RwM3kb_ValCGps60_EswblgGJG9ufUxNyljbNpVV6yfcYurqLyaAkf
expires: Thu, 09 Mar 2023 15:54:09 GMT
date: Thu, 09 Mar 2023 14:54:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gtm.helixsleep.com/g/collect?v=2&tid=G-111111>m=45he3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_fplc=0&_s=1&sid=1678373649&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_ss=1&up.visitor_type=guest&up.cookie_domain=auto&richsstsse | 216.239.34.21 | 200 OK | 116 B |
URL HTTP/2gtm.helixsleep.com/g/collect?v=2&tid=G-111111>m=45he3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_fplc=0&_s=1&sid=1678373649&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_ss=1&up.visitor_type=guest&up.cookie_domain=auto&richsstsse IP216.239.34.21:0
Hashd91885915af6df09921385435d9790f4 05dcc0ebb7e580a13b853768702c7ec3f72cad71 4169675cf6532b13eaf55575215910888bcf9b0892d74ec88db225121c3d5d82
GET /g/collect?v=2&tid=G-111111>m=45he3360&_p=916999099&cid=1303506906.1678373649&ul=en-us&sr=1280x1024&_fplc=0&_s=1&sid=1678373649&sct=1&seg=0&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&dt=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&en=page_view&_fv=1&_ss=1&up.visitor_type=guest&up.cookie_domain=auto&richsstsse HTTP/1.1
Host: gtm.helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: optimizelyEndUserId=oeu1678373646961r0.17934691594643226; _hp2_ses_props.2499289854=%7B%22us%22%3A%22zaius%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%222023__getemails_welcome__1_message_a%22%2C%22ua%22%3A%222023__GetEmails_Welcome%22%2C%22ts%22%3A1678373647573%2C%22d%22%3A%22helixsleep.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius%26zm64_id%3Dd2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t%22%7D; _hp2_id.2499289854=%7B%22userId%22%3A%227340607784647724%22%2C%22pageviewId%22%3A%227630435432605691%22%2C%22sessionId%22%3A%221204035182260364%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; zaius_js_version=2.3.0; vuid=6286c89c-2b3c-4d44-a139-d8058d571771%7C1678373648200; z_idsyncs=; vtsrc=isCampaign%3Dtrue%7Csource%3Dzaius%7Ccampaign%3D2023__GetEmails_Welcome%7Cmedium%3Demail%7Ccontent%3D2023__getemails_welcome__1_message_a; _gcl_au=1.1.2127836996.1678373649; _ga_SC9E0N92N7=GS1.1.1678373648.1.0.1678373648.0.0.0; _ga=GA1.1.1303506906.1678373649; _ga_111111=GS1.1.1678373649.1.0.1678373649.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:09 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPLC=4YEeovy%2FB0AtlKe5scHq9S88%2FADStN8u0JNeGHb5NyKAGLxcY0nUac4K5syGkZOE28x%2Bpq3dm8Y56UYsbbdu6wMfKn7c%2FN3FpyjsfBpzhTphYHhhHu9EsVLmlA7hzg%3D%3D; Max-Age=72000; Domain=helixsleep.com; Path=/; Secure
FPID=FPID2.2.LSg80dJeAOQeAXIaNmVflvsv%2FLivYIR07oePLF8AP9Y%3D.1678373649; Max-Age=63072000; Domain=helixsleep.com; Path=/; Secure; HttpOnly
FPAU=1.1.2127836996.1678373649; Max-Age=7775999; Domain=helixsleep.com; Path=/; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://helixsleep.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
|
|
| monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius | 34.102.157.158 | 200 OK | 26 B |
URL HTTP/2monitoring.getelevar.com/track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius IP34.102.157.158:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash6a43099d5c8fe991a7aa7ebaca53069d 5bce2f0d57305c58c7b05bfce29ebb39a18f5570 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /track.gif?vc=1.1&vv=1.1&ctid=GTM-NZKZRXC&idx=4&event_name=gtm.dom&variable_name=dlv%20-%20Thank%20You%20Page%20-%20ecommerce.purchase.products&channels=&tag_names=&dlKey=ecommerce.purchase.products&dlValue=undefined&cond=required&condValue=true&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius HTTP/1.1
Host: monitoring.getelevar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtkKG2APa-RxeEV4ue5uwSrjHJvkcvyxDWED6Qzw5VNDaTTOs8MnpfGooj5BcJlZJVSVBhPt7uYhIIY6dhDwjU8zg
expires: Thu, 09 Mar 2023 15:54:09 GMT
date: Thu, 09 Mar 2023 14:54:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 12 Dec 2019 13:20:18 GMT
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-goog-generation: 1576156818458330
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26
content-type: image/gif
x-goog-hash: crc32c=Qn5OAg==, md5=akMJnVyP6ZGnqn66ylMGnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/mwfftxedWH8 | 142.250.74.99 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/mwfftxedWH8 IP142.250.74.99:0
Hash68bcafdbda8446816408b974741ac1f8 8fc53aa342fb3bd1e2fc8dea398c58b6d783dc95 29a3c1b7c11176c05af935b16ec8bd80d5c3e9dda29d69892bdb38cd1051b835
POST /s/gts1d4/mwfftxedWH8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hasha25022723778b88b75c7813ea7fd057a 16ee3a1aa4aeea7af12faad0ae89c9877f37dc9c 97fa3e55eddacd7a83fc8a44017bdc178918db19f2f5315354a9f27b5df65636
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Last-Modified: Thu, 09 Mar 2023 14:52:11 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash7b7049a6f7f2cb41f99c789aac094e37 8cfd0d8c33a5a3d726cc68ff9008553476bc442f f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.142 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.142:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Mar 2023 13:53:25 GMT
expires: Thu, 09 Mar 2023 15:53:25 GMT
cache-control: public, max-age=7200
age: 3645
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash7b7049a6f7f2cb41f99c789aac094e37 8cfd0d8c33a5a3d726cc68ff9008553476bc442f f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js |  31.13.72.12 | 200 OK | 28 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash43d943c7499b27a8ef3972fa070f6756 59303c79335aa0a9f529c0f6166f99c3e650088c 96ab29f531694f1b8e5d2f031e16581fe1052636fb32c5cd96d55b824d6539b2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1dBbmOCBiHcxpBTj0PCLVfzdzk9kWrOKyMaieUK5SQQgjuVbVr0/bm78XqBWVhYXORG7fl37v2gdchFTHvu3mA==
content-length: 27907
x-fb-trip-id: 1904183273
date: Thu, 09 Mar 2023 14:54:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/954616282/?random=1678373648566&cv=11&fst=1678373648566&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 | 142.250.74.130 | 200 OK | 1.3 kB |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/954616282/?random=1678373648566&cv=11&fst=1678373648566&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 IP142.250.74.130:0
File typeASCII text, with very long lines (2897), with no line terminators Hash99285cb08d4f1cb46cd6d03ac55b6370 0b43351e7dd42a29d8dc1749234da7592f3271a7 097fa04fc3c2b899fee4f3e148445650c7264572fb41322eabaab00afd0f0082
GET /pagead/viewthroughconversion/954616282/?random=1678373648566&cv=11&fst=1678373648566&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1307
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Mar-2023 15:09:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hasha25022723778b88b75c7813ea7fd057a 16ee3a1aa4aeea7af12faad0ae89c9877f37dc9c 97fa3e55eddacd7a83fc8a44017bdc178918db19f2f5315354a9f27b5df65636
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Last-Modified: Thu, 09 Mar 2023 13:10:06 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
|
|
| logx.optimizely.com/v1/events | 54.236.198.240 | 204 No Content | 0 B |
URL HTTP/1.1logx.optimizely.com/v1/events IP54.236.198.240:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1125
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://helixsleep.com
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 09 Mar 2023 14:54:10 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 8da26fd1-af5a-409c-aaaa-2983e862e14a
Connection: keep-alive
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/810216059/?random=1678373648569&cv=11&fst=1678373648569&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 | 142.250.74.130 | 200 OK | 1.3 kB |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/810216059/?random=1678373648569&cv=11&fst=1678373648569&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 IP142.250.74.130:0
File typeASCII text, with very long lines (2897), with no line terminators Hash1dc332c559611a0d5be1f80212435f2f 52fd212ad4dcf02fe26648a65cc4653f2941baa2 a8db6b0adeccd354faa72b8ca4706d64c8a27d731f8c4bb3c4a2c1c934621449
GET /pagead/viewthroughconversion/810216059/?random=1678373648569&cv=11&fst=1678373648569&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&auid=2127836996.1678373649&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1303
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Mar-2023 15:09:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.attn.tv/growth-tag-assets/client-configs/helixsleep.attn.tv.js | 143.204.55.61 | 200 OK | 301 B |
URL HTTP/2cdn.attn.tv/growth-tag-assets/client-configs/helixsleep.attn.tv.js IP143.204.55.61:0
File typeASCII text, with very long lines (301), with no line terminators Hashe310f2966f9466efa201dd19c2c95d6a 3d4f0f1da6a25184c4db615fe7ccbdc75ba923ac 6d12c2f09b3bcb7c20788bffd50074b1ff1e1b93df0f76a3cc54677f2a527922
GET /growth-tag-assets/client-configs/helixsleep.attn.tv.js HTTP/1.1
Host: cdn.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 301
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Feb 2023 21:11:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: cR8nIcH99Ahyae0Yz6nZFAMu2r8Lftj3
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Mar 2023 14:54:10 GMT
cache-control: max-age=120
etag: "e310f2966f9466efa201dd19c2c95d6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eEguTEjFR_q1KS4WYI8hxjl95hp0wvOdR55Pq5FjGZVa95_BMNmeMA==
age: 43
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash2726a99d56af46f79cf560fe62596ac0 201fc47519cbcd943a300778561166fed4079994 9ff6f14d89812e00e47973ad388e8de4182440de558ed6d3def3007bc779ce2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.usefathom.com/?h=https%3A%2F%2Fhelixsleep.com&p=%2Fpages%2Fhomepage&r=&sid=null&qs=%7B%22utm_campaign%22%3A%222023__GetEmails_Welcome%22%2C%22utm_content%22%3A%222023__getemails_welcome__1_message_a%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22zaius%22%7D&cid=26897688 | 194.242.11.186 | 200 OK | 43 B |
URL HTTP/2cdn.usefathom.com/?h=https%3A%2F%2Fhelixsleep.com&p=%2Fpages%2Fhomepage&r=&sid=null&qs=%7B%22utm_campaign%22%3A%222023__GetEmails_Welcome%22%2C%22utm_content%22%3A%222023__getemails_welcome__1_message_a%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22zaius%22%7D&cid=26897688 IP194.242.11.186:0 ASN#34989 ServeTheWorld AS
File typeGIF image data, version 89a, 1 x 1\012- data Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?h=https%3A%2F%2Fhelixsleep.com&p=%2Fpages%2Fhomepage&r=&sid=null&qs=%7B%22utm_campaign%22%3A%222023__GetEmails_Welcome%22%2C%22utm_content%22%3A%222023__getemails_welcome__1_message_a%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22zaius%22%7D&cid=26897688 HTTP/1.1
Host: cdn.usefathom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:10 GMT
content-type: image/gif
content-length: 43
server: BunnyCDN-NO1-830
cdn-pullzone: 506217
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=0
pragma: no-cache
x-vapor-base64-encode: True
tk: N
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/09/2023 14:54:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1c7fffe885a2cf7bf18891bf606b2076
cdn-cache: MISS
X-Firefox-Spdy: h2
|
|
| events.attentivemobile.com/e?v=4.17.4_33ae067b5c&pd=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&u=a08ac354434c4a58a1f0588a65458fdd&c=helixsleep&ceid=cFA<=1678373650018&tag=modern&cs=980709648&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1678373650027 | 104.18.43.48 | 200 OK | 0 B |
URL HTTP/2events.attentivemobile.com/e?v=4.17.4_33ae067b5c&pd=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&u=a08ac354434c4a58a1f0588a65458fdd&c=helixsleep&ceid=cFA<=1678373650018&tag=modern&cs=980709648&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1678373650027 IP104.18.43.48:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /e?v=4.17.4_33ae067b5c&pd=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&u=a08ac354434c4a58a1f0588a65458fdd&c=helixsleep&ceid=cFA<=1678373650018&tag=modern&cs=980709648&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1678373650027 HTTP/1.1
Host: events.attentivemobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:10 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
x-envoy-upstream-service-time: 3
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a5426d18bdfb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash57536dc6834fca3d51bd1f94b705eedb 09e4213d6c5caa590b068b6ccc97d48a50bf0b05 acd4115e6570a064336ddc4a6c5c3ff6c68d56adaae8bc6dc1fd68937196bd89
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107178
Date: Thu, 09 Mar 2023 14:54:10 GMT
Etag: "6408e69f-1d7"
Expires: Fri, 10 Mar 2023 20:40:28 GMT
Last-Modified: Wed, 08 Mar 2023 19:48:47 GMT
Server: ECAcc (nya/7958)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fGZEh6mqAFBBd0h2MNM0KIa5h_TYVxUdDDkKahPSckY1A8qoF5wS0g==
Age: 3101
|
|
| script.hotjar.com/modules.13d69dc2039c752a80a3.js | 143.204.55.96 | 200 OK | 69 kB |
URL HTTP/2script.hotjar.com/modules.13d69dc2039c752a80a3.js IP143.204.55.96:0
File typeUnicode text, UTF-8 text, with very long lines (50842) Hashef66801a366dcfe2c9e27ab770352cf9 ea3b2ae9edf397ae9faba5fdd59cfdd9e0a7072d c4df5ac7b54745f6a0f333f6e0c44b2278fa6ad11677034c4f886a8091816d61
GET /modules.13d69dc2039c752a80a3.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68600
date: Wed, 08 Mar 2023 14:51:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ef66801a366dcfe2c9e27ab770352cf9"
last-modified: Wed, 08 Mar 2023 14:51:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fUKFkKaLNgUXQmUSuK-UBy1tvHPrp97Z2fCmXJJQHkzVDlhsbS8yLA==
age: 86583
X-Firefox-Spdy: h2
|
|
| rum.optimizely.com/rum | 3.221.187.56 | 200 OK | 2 B |
IP3.221.187.56:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /rum HTTP/1.1
Host: rum.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1419
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Origin: https://helixsleep.com
Cache-control: no-cache="set-cookie"
Content-Type: application/json; charset=utf-8
Date: Thu, 09 Mar 2023 14:54:10 GMT
Server: nginx
Set-Cookie: optimizelyRumLB=1; Path=/; Secure; SameSite=None
AWSELB=0975E78916B05F8E3BD983BAE952A49A2A54E670F12B6D88CAC53771FA01F48A7A2D629C8010E175848723254A3A6060DB766F2A43C14E8087CE62E1D2E46D943DFA4B2A8C;PATH=/
AWSELBCORS=0975E78916B05F8E3BD983BAE952A49A2A54E670F12B6D88CAC53771FA01F48A7A2D629C8010E175848723254A3A6060DB766F2A43C14E8087CE62E1D2E46D943DFA4B2A8C;PATH=/;SECURE;SAMESITE=None
X-Powered-By: Express
Content-Length: 2
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash7c0630ecdef38ec519b770dc32deb486 105287a0c11b44879b4cbc75c96852f3161f8ed7 8b35076687a58f4a6e3f83c543b209382fcec9204fa4563b3dbd23ed8efb4841
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash7c0630ecdef38ec519b770dc32deb486 105287a0c11b44879b4cbc75c96852f3161f8ed7 8b35076687a58f4a6e3f83c543b209382fcec9204fa4563b3dbd23ed8efb4841
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash2f4b1d05923c4a89bb81dbb736b22864 c50c631807f9ad77adeb0a5213fe88c3ac759cc2 6b0144c74ac66866ac253833c768a2f797d75a0538c44b960727d432f46f4bc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| bat.bing.com/action/0?ti=5522707&Ver=2&mid=099dc8af-6439-476d-8ba0-b21453299bba&sid=3fa4f410be8a11edb240f3b9e5f72305&vid=3fa52720be8a11ed925971fefab8c90a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&p=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&r=<=2483&evt=pageLoad&sv=1&rn=984420 | 13.107.21.200 | 204 No Content | 0 B |
URL HTTP/2bat.bing.com/action/0?ti=5522707&Ver=2&mid=099dc8af-6439-476d-8ba0-b21453299bba&sid=3fa4f410be8a11edb240f3b9e5f72305&vid=3fa52720be8a11ed925971fefab8c90a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&p=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&r=<=2483&evt=pageLoad&sv=1&rn=984420 IP13.107.21.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5522707&Ver=2&mid=099dc8af-6439-476d-8ba0-b21453299bba&sid=3fa4f410be8a11edb240f3b9e5f72305&vid=3fa52720be8a11ed925971fefab8c90a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&p=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&r=<=2483&evt=pageLoad&sv=1&rn=984420 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=27993CE495AA6C0B21132E2B94FD6D6B; domain=.bing.com; expires=Tue, 02-Apr-2024 14:54:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BFC6ECFCCCE42BBA70CBB9843A47309 Ref B: OSL30EDGE0320 Ref C: 2023-03-09T14:54:10Z
date: Thu, 09 Mar 2023 14:54:10 GMT
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=1&ipr=y | 216.58.207.227 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=1&ipr=y IP216.58.207.227:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=0&ipr=y | 216.58.211.4 | 200 OK | 42 B |
URL HTTP/2www.google.com/pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=0&ipr=y IP216.58.211.4:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=0&ipr=y | 216.58.211.4 | 200 OK | 42 B |
URL HTTP/2www.google.com/pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=0&ipr=y IP216.58.211.4:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/810216059/?random=1678373648569&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=1676403096&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=1&ipr=y | 216.58.207.227 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=1&ipr=y IP216.58.207.227:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/954616282/?random=1678373648566&cv=11&fst=1678370400000&bg=ffffff&guid=ON&async=1>m=45Fe3360&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&tiba=Helix%20%7C%20Mattresses%20Designed%20For%20Every%20Body%20%E2%80%93%20Helix%20Sleep%20-%20Helix%20Sleep&fmt=3&is_vtc=1&random=3999628103&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/5522707.js | 13.107.21.200 | 204 No Content | 0 B |
URL HTTP/2bat.bing.com/p/action/5522707.js IP13.107.21.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5522707.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29083B923A59410E8476F9B40C01A298 Ref B: OSL30EDGE0320 Ref C: 2023-03-09T14:54:10Z
date: Thu, 09 Mar 2023 14:54:10 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hashfcfb197416193e1858b23dfd4335919e fd37cf1601c2f71696a2c2634eb204741af64fc8 6422d7dd8e0c6f5ca44a48000bcdfdb143592b818051d253909d29a363de4f2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash2f4b1d05923c4a89bb81dbb736b22864 c50c631807f9ad77adeb0a5213fe88c3ac759cc2 6b0144c74ac66866ac253833c768a2f797d75a0538c44b960727d432f46f4bc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hash96ac59c359dbcfc2598a2d34e84da6bb 8b79e6498c3b8509d9608d5f406f455115dbc474 cedb401f633f4f12cdf23f20cc3ccedc3ca4c416ff892248797388426df1c318
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65322123-1&cid=1303506906.1678373649&jid=33101075&gjid=797234394&_gid=1048979968.1678373650&_u=YADAAEAAAAAAACAAI~&z=620204485 | 64.233.165.156 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65322123-1&cid=1303506906.1678373649&jid=33101075&gjid=797234394&_gid=1048979968.1678373650&_u=YADAAEAAAAAAACAAI~&z=620204485 IP64.233.165.156:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65322123-1&cid=1303506906.1678373649&jid=33101075&gjid=797234394&_gid=1048979968.1678373650&_u=YADAAEAAAAAAACAAI~&z=620204485 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://helixsleep.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 14:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| helixsleep.attn.tv/unrenderedCreative?v=4.17.4&r=&id=a08ac354434c4a58a1f0588a65458fdd&pv=1&l=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms | 104.18.37.231 | 204 No Content | 0 B |
URL HTTP/2helixsleep.attn.tv/unrenderedCreative?v=4.17.4&r=&id=a08ac354434c4a58a1f0588a65458fdd&pv=1&l=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms IP104.18.37.231:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /unrenderedCreative?v=4.17.4&r=&id=a08ac354434c4a58a1f0588a65458fdd&pv=1&l=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&w=1280&h=939&ss_ref=ORGANIC&m=marketing&m=live-sms HTTP/1.1
Host: helixsleep.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://helixsleep.com
Content-Length: 148
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 09 Mar 2023 14:54:10 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a5426d1c84f0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hashfcfb197416193e1858b23dfd4335919e fd37cf1601c2f71696a2c2634eb204741af64fc8 6422d7dd8e0c6f5ca44a48000bcdfdb143592b818051d253909d29a363de4f2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.facebook.com/tr/?id=636520796487872&ev=PageView&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&rl=&if=false&ts=1678373650622&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678373650621.432347317&it=1678373650081&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=636520796487872&ev=PageView&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&rl=&if=false&ts=1678373650622&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678373650621.432347317&it=1678373650081&coo=false&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=636520796487872&ev=PageView&dl=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&rl=&if=false&ts=1678373650622&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678373650621.432347317&it=1678373650081&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Mar 2023 14:54:10 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash81bd1ec2291ae27c6d07886ca91bfa0e c8a2457f96b2cfbdd12c79f3101550ed4aab0bdc 6f5c55d4a537ce11eca790c5a85e00736a71aaea7328b42062d27275f7e0b260
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Mar 2023 14:54:10 GMT
Etag: "64089c01-1d7"
Last-Modified: Thu, 09 Mar 2023 13:39:08 GMT
Server: ECAcc (bsa/EB76)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XK2nK_uPzUVbWVKOkNrGRiWQ4Z1YP3sYgBsO-V7jW5bPt36KUnpyGw==
Age: 4502
|
|
| ocsp.pki.goog/s/gts1d4/Patgn0hRfbE | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/Patgn0hRfbE IP142.250.74.99:0
Hashf2453cd70d2c1fd2a29ab92a63556d1b 8324ad944f874930f4639949d06ffe2fdb885505 8b537ad4da02e9d8cd9d4d30f46af954ce626b91ebf4be5168fa8d8e7ca953d2
POST /s/gts1d4/Patgn0hRfbE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.pdst.fm/ping.min.js | 35.244.142.80 | 200 OK | 5.8 kB |
IP35.244.142.80:0
File typeASCII text, with very long lines (26948), with no line terminators Hashd001d1c9f5a942fa5524eeacb047e819 6ebc303d4e3fe71192400673808f37ce1c6a1d25 63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsNKBf0uCyxgfj91qH9oNYVmgqqmtL3SoOLecb1tfix6xCOcUsTfjtusWti9FamWVs0ur62oYNSfX5rQMcdjctgR9JKqAkC
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Thu, 09 Mar 2023 14:51:17 GMT
expires: Thu, 09 Mar 2023 15:51:17 GMT
cache-control: public, max-age=3600
age: 174
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash4c542a7af01d2d40f8859d35964b3ae8 201265d31b3451c2966a075e276546195be15b7f 66e18e6c1153a4f7d4af7956b17ffd55cb4724da1c545a9cdde4113e0a029c31
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131528
Date: Thu, 09 Mar 2023 14:54:11 GMT
Etag: "64093f21-1d7"
Expires: Sat, 11 Mar 2023 03:26:19 GMT
Last-Modified: Thu, 09 Mar 2023 02:06:25 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yeybolWtJKxSZ9kNHAqxF4DEDDMSU3Xff_wdkv-Wqcyr6uum33q_xg==
Age: 4794
|
|
| ob.cheqzone.com/clicktrue_invocation.js?id=13828 | 54.230.111.38 | 200 OK | 32 kB |
URL HTTP/2ob.cheqzone.com/clicktrue_invocation.js?id=13828 IP54.230.111.38:0
File typeUnicode text, UTF-8 text, with very long lines (65530), with no line terminators Hashce70121250bba99e0fd24446b07356c7 b1f856bc98872c5e1b60fec6a152ade3f231193f 9fc45bb314e7850cd7bd066fd69848b86e683415b7d02dd61612c422525e9fe6
GET /clicktrue_invocation.js?id=13828 HTTP/1.1
Host: ob.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 32077
content-encoding: gzip
server: Caddy
date: Thu, 09 Mar 2023 09:06:55 GMT
cache-control: max-age=43200
expires: Thu, 09 Mar 2023 21:06:44 GMT
etag: "1595c-UXD99Fs6tbqE3f4l7sfl4BJ/iFc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XiCgVqZkE5IGjo97nhO8ypiDSi1IL33bctqZnGymbFNUctmZcWfpbg==
age: 20847
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/Patgn0hRfbE | 142.250.74.99 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/Patgn0hRfbE IP142.250.74.99:0
Hashf2453cd70d2c1fd2a29ab92a63556d1b 8324ad944f874930f4639949d06ffe2fdb885505 8b537ad4da02e9d8cd9d4d30f46af954ce626b91ebf4be5168fa8d8e7ca953d2
POST /s/gts1d4/Patgn0hRfbE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 471 B |
IP142.250.74.99:0
Hash6593af1c6205bd1380a4bc5b3cb60239 a5e80fef0a53981f9cd1cebb2c6d76f68ea5d44a d3d3c111067569f81057f12118c38a4095f360dae5b7838cd126bd32593275b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| helixsleep.attn.tv/d/?attn_vid=a08ac354434c4a58a1f0588a65458fdd | 104.18.37.231 | 200 OK | 503 B |
URL HTTP/2helixsleep.attn.tv/d/?attn_vid=a08ac354434c4a58a1f0588a65458fdd IP104.18.37.231:0
Hashbfaf33e05f1c08bb908142f3d501e3a8 4c97185cc20893e6669a7bc596aaa1aff4073629 7adaea04a8f4a9e82a514ba02017f8f7bd4879dbffee4821af062f0bd8cca2b8
GET /d/?attn_vid=a08ac354434c4a58a1f0588a65458fdd HTTP/1.1
Host: helixsleep.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:10 GMT
content-type: application/json
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a5426d17ffb0b39-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash4a9c5de42b7e45062b0a23ba1157f606 aeaa017a28b50b7aef2191cd02264560540da1bf 4658d83e713d8070b1170b518058fd1d63f6532a3dbfe9a3b84ebfef6cbdf0cd
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150604
Date: Thu, 09 Mar 2023 14:54:11 GMT
Etag: "640997eb-1d7"
Expires: Sat, 11 Mar 2023 08:44:15 GMT
Last-Modified: Thu, 09 Mar 2023 08:25:15 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PL-VZ4-BdxW1uLFu6CaBZ3lUntB_naVPhrhlD8KRj7GRrnCuGJMR0A==
Age: 1140
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash4a9c5de42b7e45062b0a23ba1157f606 aeaa017a28b50b7aef2191cd02264560540da1bf 4658d83e713d8070b1170b518058fd1d63f6532a3dbfe9a3b84ebfef6cbdf0cd
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152728
Date: Thu, 09 Mar 2023 14:54:11 GMT
Etag: "640997eb-1d7"
Expires: Sat, 11 Mar 2023 09:19:39 GMT
Last-Modified: Thu, 09 Mar 2023 08:25:15 GMT
Server: ECAcc (nya/1C3C)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HVKKFhOdFYtV_0hXg7LFi5aCq6PNzzTt5y6sfgP5bSsmddqeil3ahQ==
Age: 3264
|
|
| rum.optimizely.com/rum | 3.221.187.56 | 200 OK | 2 B |
IP3.221.187.56:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /rum HTTP/1.1
Host: rum.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1905
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Origin: https://helixsleep.com
Cache-control: no-cache="set-cookie"
Content-Type: application/json; charset=utf-8
Date: Thu, 09 Mar 2023 14:54:11 GMT
Server: nginx
Set-Cookie: optimizelyRumLB=1; Path=/; Secure; SameSite=None
AWSELB=0975E78916B05F8E3BD983BAE952A49A2A54E670F12B6D88CAC53771FA01F48A7A2D629C8010E175848723254A3A6060DB766F2A43C14E8087CE62E1D2E46D943DFA4B2A8C;PATH=/
AWSELBCORS=0975E78916B05F8E3BD983BAE952A49A2A54E670F12B6D88CAC53771FA01F48A7A2D629C8010E175848723254A3A6060DB766F2A43C14E8087CE62E1D2E46D943DFA4B2A8C;PATH=/;SECURE;SAMESITE=None
X-Powered-By: Express
Content-Length: 2
Connection: keep-alive
|
|
| us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink | 216.239.36.54 | 200 OK | 22 B |
URL HTTP/2us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink IP216.239.36.54:0
File typeASCII text, with no line terminators Hash8e7120c76040a47f820e8c87b95dddce 0ae6d0d5578537f5011e44f97e812069362ac7b2 e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 1w4cevh1mazc
x-powered-by: Express
x-cloud-trace-context: 91d21b8a30fc9831ce6c2c1aca4da876
content-encoding: gzip
date: Thu, 09 Mar 2023 14:54:11 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| errors.client.optimizely.com/log | 54.205.105.217 | 200 OK | 13 B |
URL HTTP/1.1errors.client.optimizely.com/log IP54.205.105.217:0
File typeASCII text, with no line terminators Hash1424eb76249899d757e4d168341a50dc 42101e71440abd46c8112a96d4d5c0dd445120ce 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://helixsleep.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 09 Mar 2023 14:54:11 GMT
Content-Length: 13
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.99 | 200 OK | 472 B |
IP142.250.74.99:0
Hash4f10b7c81f6e640f6fc9abd83831af0f acbb9136f39dcac463cec250d528eed3db94a241 259edd2a4eafb3680e6a464335990b9d6faf9a33f2d60e3bf0682ebdb5b0de1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 14:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| errors.client.optimizely.com/log | 54.205.105.217 | 204 No Content | 0 B |
URL HTTP/1.1errors.client.optimizely.com/log IP54.205.105.217:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log HTTP/1.1
Host: errors.client.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 329
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://helixsleep.com
Access-Control-Expose-Headers:
Content-Type: text/plain
Date: Thu, 09 Mar 2023 14:54:11 GMT
Connection: keep-alive
|
|
| us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink | 216.239.36.54 | 204 No Content | 0 B |
URL HTTP/2us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink IP216.239.36.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Content-Type: application/json
Origin: https://helixsleep.com
Content-Length: 587
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: syphzcedud9i
x-powered-by: Express
x-cloud-trace-context: f18d6562eea5dd8eb82f26fbbdcdde99
date: Thu, 09 Mar 2023 14:54:11 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| obs.cheqzone.com/ct?id=13828&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1678373651093&hl=1&op=0&ag=1317291471&rand=142821120216971166065118006715022091867891900751190727859085790988620117188&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE1ODhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwyLDEsMSwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiTGl2ZXdpcmVcIixcImxpdmV3aXJlXCIsXCJsaXZld2lyZV9hcHBfdXJsXCIsXCJsaXZld2lyZV90b2tlblwiLFwiZGVmZXJMb2FkaW5nQWxwaW5lXCIsXCJfXCIsXCJvcHRpbWl6ZWx5XCIsXCJzdGFydFRpbWVcIixcImR1cmF0aW9uXCIsXCJkYXRhTGF5ZXJcIixcImhlYXBcIixcIm9wZW5aYWl1c01vZGFsXCIsXCJ3ZWJwYWNrQ2h1bmtcIixcIkxpdmV3aXJlVUlNb2RhbFwiLFwiaW50ZXJkZWFsXCIsXCJ6YWl1c1wiLFwiekVXZWJwYWNrQUNKc29ucFwiLFwiekVcIixcInpFbWJlZFwiLFwiekVTZXR0aW5nc1wiLFwiU3dpcGVyXCIsXCJBbHBpbmVcIixcIiRtb2RhbFwiLFwiRWxldmFyR3RtU3VpdGVMaXN0ZW5lclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiekVBQ0xvYWRlZFwiLFwiY29yZVwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcImVsZXZhcl9ndG1fZXJyb3JzXCIsXCJlbGV2YXJfZ3RtX3RhZ19pbmZvXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImZicVwiLFwiX2ZicVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInVldHFcIixcInNoYXJlYXNhbGVTU0NJRFwiLFwic2hhcmVhc2FsZVNldENvb2tpZVwiLFwic2hhcmVhc2FsZUdldFBhcmFtZXRlckJ5TmFtZVwiLFwiX3Zpc19vcHRfcXVldWVcIixcIl92aXNfY291bnRlclwiLFwiaXJlX29cIixcImlyZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMzAzNTA2OTA2LjE2NzgzNzM2NDkiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzgzNzM2NTEwNzEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDM0NywwLDE0LDAsMCw0MzgsNzI3LC0xLDQsLDI0NTgsNjEyOCw2MTI3Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsImh0dHBzOi8vaGVsaXhzbGVlcC5jb20vP3V0bV9jYW1wYWlnbj0yMDIzX19HZXRFbWFpbHNfV2VsY29tZSZ1dG1fY29udGVudD0yMDIzX19nZXRlbWFpbHNfd2VsY29tZV9fMV9tZXNzYWdlX2EmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPXphaXVzJnptNjRfaWQ9ZDJGbWFXNXVaWEpoYmtCMmFXdHBibWRvWTNNdVkyOXQiXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwwLDIsMywwLDAsMCwwLDAsMCwwLDAsNSwwLDIsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDEsMSwwLDAsMCwwLDAsMCwyLDEsMSwwLDEzLDAsMiwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNzJdLFsiYWJuY2giLDcyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=RTOEHc026t&pto=6150&ver=50&gac=1303506906.1678373649&mei=&ap=&duid=1.1678373651.f8LXLhiE8684G0lQ&suid=1.1678373651.urHUSqjj2shzVprY&tuid=1.1678373651.CmJZb3bFRiUMq399&fbc=1.1678373650621.432347317>m=WyJkbF91c2VyX2RhdGEiXQ%3D%3D&it=105%2C5880%2C164&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=3fa52720be8a11ed925971fefab8c90a&spa=1&urid=0 | 50.16.211.97 | 200 OK | 1.1 kB |
URL HTTP/2obs.cheqzone.com/ct?id=13828&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1678373651093&hl=1&op=0&ag=1317291471&rand=142821120216971166065118006715022091867891900751190727859085790988620117188&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE1ODhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwyLDEsMSwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiTGl2ZXdpcmVcIixcImxpdmV3aXJlXCIsXCJsaXZld2lyZV9hcHBfdXJsXCIsXCJsaXZld2lyZV90b2tlblwiLFwiZGVmZXJMb2FkaW5nQWxwaW5lXCIsXCJfXCIsXCJvcHRpbWl6ZWx5XCIsXCJzdGFydFRpbWVcIixcImR1cmF0aW9uXCIsXCJkYXRhTGF5ZXJcIixcImhlYXBcIixcIm9wZW5aYWl1c01vZGFsXCIsXCJ3ZWJwYWNrQ2h1bmtcIixcIkxpdmV3aXJlVUlNb2RhbFwiLFwiaW50ZXJkZWFsXCIsXCJ6YWl1c1wiLFwiekVXZWJwYWNrQUNKc29ucFwiLFwiekVcIixcInpFbWJlZFwiLFwiekVTZXR0aW5nc1wiLFwiU3dpcGVyXCIsXCJBbHBpbmVcIixcIiRtb2RhbFwiLFwiRWxldmFyR3RtU3VpdGVMaXN0ZW5lclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiekVBQ0xvYWRlZFwiLFwiY29yZVwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcImVsZXZhcl9ndG1fZXJyb3JzXCIsXCJlbGV2YXJfZ3RtX3RhZ19pbmZvXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImZicVwiLFwiX2ZicVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInVldHFcIixcInNoYXJlYXNhbGVTU0NJRFwiLFwic2hhcmVhc2FsZVNldENvb2tpZVwiLFwic2hhcmVhc2FsZUdldFBhcmFtZXRlckJ5TmFtZVwiLFwiX3Zpc19vcHRfcXVldWVcIixcIl92aXNfY291bnRlclwiLFwiaXJlX29cIixcImlyZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMzAzNTA2OTA2LjE2NzgzNzM2NDkiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzgzNzM2NTEwNzEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDM0NywwLDE0LDAsMCw0MzgsNzI3LC0xLDQsLDI0NTgsNjEyOCw2MTI3Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsImh0dHBzOi8vaGVsaXhzbGVlcC5jb20vP3V0bV9jYW1wYWlnbj0yMDIzX19HZXRFbWFpbHNfV2VsY29tZSZ1dG1fY29udGVudD0yMDIzX19nZXRlbWFpbHNfd2VsY29tZV9fMV9tZXNzYWdlX2EmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPXphaXVzJnptNjRfaWQ9ZDJGbWFXNXVaWEpoYmtCMmFXdHBibWRvWTNNdVkyOXQiXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwwLDIsMywwLDAsMCwwLDAsMCwwLDAsNSwwLDIsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDEsMSwwLDAsMCwwLDAsMCwyLDEsMSwwLDEzLDAsMiwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNzJdLFsiYWJuY2giLDcyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=RTOEHc026t&pto=6150&ver=50&gac=1303506906.1678373649&mei=&ap=&duid=1.1678373651.f8LXLhiE8684G0lQ&suid=1.1678373651.urHUSqjj2shzVprY&tuid=1.1678373651.CmJZb3bFRiUMq399&fbc=1.1678373650621.432347317>m=WyJkbF91c2VyX2RhdGEiXQ%3D%3D&it=105%2C5880%2C164&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=3fa52720be8a11ed925971fefab8c90a&spa=1&urid=0 IP50.16.211.97:0
File typeASCII text, with very long lines (3398), with no line terminators Hash3dfa65fb1e31f60171eab067a01cca5a 66b9615f4c545f27b541379933a20e2a3f207677 52ef49b9659c71a9d323a433d9af1e5729b94e8a56f71b6fda25791406cc901c
GET /ct?id=13828&url=https%3A%2F%2Fhelixsleep.com%2F%3Futm_campaign%3D2023__GetEmails_Welcome%26utm_content%3D2023__getemails_welcome__1_message_a%26utm_medium%3Demail%26utm_source%3Dzaius&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1678373651093&hl=1&op=0&ag=1317291471&rand=142821120216971166065118006715022091867891900751190727859085790988620117188&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE1ODhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDIsMCwwLDAsMCwyLDEsMSwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCIxMCxJTEhZTEI5QkxUYTJKcVFnM0ZvZWVsMndZYkUyb2dCSUtKNmNSMDAwTUpIUXdZVERHWWFodjN1dDcxVnBYUjlPOCtNNXJWU0tzMWtQQmUvLzk5c25WSkdwVWRQZmR6em4zT2ZjIl0sWy0zLCJbXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcIl9fY29yZS1qc19zaGFyZWRfX1wiLFwiTGl2ZXdpcmVcIixcImxpdmV3aXJlXCIsXCJsaXZld2lyZV9hcHBfdXJsXCIsXCJsaXZld2lyZV90b2tlblwiLFwiZGVmZXJMb2FkaW5nQWxwaW5lXCIsXCJfXCIsXCJvcHRpbWl6ZWx5XCIsXCJzdGFydFRpbWVcIixcImR1cmF0aW9uXCIsXCJkYXRhTGF5ZXJcIixcImhlYXBcIixcIm9wZW5aYWl1c01vZGFsXCIsXCJ3ZWJwYWNrQ2h1bmtcIixcIkxpdmV3aXJlVUlNb2RhbFwiLFwiaW50ZXJkZWFsXCIsXCJ6YWl1c1wiLFwiekVXZWJwYWNrQUNKc29ucFwiLFwiekVcIixcInpFbWJlZFwiLFwiekVTZXR0aW5nc1wiLFwiU3dpcGVyXCIsXCJBbHBpbmVcIixcIiRtb2RhbFwiLFwiRWxldmFyR3RtU3VpdGVMaXN0ZW5lclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiekVBQ0xvYWRlZFwiLFwiY29yZVwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJwb3N0c2NyaWJlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJfZXh0ZXJuYWxcIixcImVsZXZhcl9ndG1fZXJyb3JzXCIsXCJlbGV2YXJfZ3RtX3RhZ19pbmZvXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImZicVwiLFwiX2ZicVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInVldHFcIixcInNoYXJlYXNhbGVTU0NJRFwiLFwic2hhcmVhc2FsZVNldENvb2tpZVwiLFwic2hhcmVhc2FsZUdldFBhcmFtZXRlckJ5TmFtZVwiLFwiX3Zpc19vcHRfcXVldWVcIixcIl92aXNfY291bnRlclwiLFwiaXJlX29cIixcImlyZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMzAzNTA2OTA2LjE2NzgzNzM2NDkiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzgzNzM2NTEwNzEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUvNFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDM0NywwLDE0LDAsMCw0MzgsNzI3LC0xLDQsLDI0NTgsNjEyOCw2MTI3Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsImh0dHBzOi8vaGVsaXhzbGVlcC5jb20vP3V0bV9jYW1wYWlnbj0yMDIzX19HZXRFbWFpbHNfV2VsY29tZSZ1dG1fY29udGVudD0yMDIzX19nZXRlbWFpbHNfd2VsY29tZV9fMV9tZXNzYWdlX2EmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPXphaXVzJnptNjRfaWQ9ZDJGbWFXNXVaWEpoYmtCMmFXdHBibWRvWTNNdVkyOXQiXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjAsMTAsMCwwLDIsMywwLDAsMCwwLDAsMCwwLDAsNSwwLDIsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDEsMSwwLDAsMCwwLDAsMCwyLDEsMSwwLDEzLDAsMiwwLDAsMCwwLDAsMCJdLFsiYm5jaCIsNzJdLFsiYWJuY2giLDcyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=RTOEHc026t&pto=6150&ver=50&gac=1303506906.1678373649&mei=&ap=&duid=1.1678373651.f8LXLhiE8684G0lQ&suid=1.1678373651.urHUSqjj2shzVprY&tuid=1.1678373651.CmJZb3bFRiUMq399&fbc=1.1678373650621.432347317>m=WyJkbF91c2VyX2RhdGEiXQ%3D%3D&it=105%2C5880%2C164&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=3fa52720be8a11ed925971fefab8c90a&spa=1&urid=0 HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Thu, 09 Mar 2023 14:54:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=5b4b0ae31ddc31bf02e748bbfe0700d1; Max-Age=29030400; Path=/; Expires=Thu, 08 Feb 2024 14:54:11 GMT; HttpOnly; Secure; SameSite=None
content-length: 1073
X-Firefox-Spdy: h2
|
|
| obs.cheqzone.com/mon | 50.16.211.97 | 200 OK | 0 B |
IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1834
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: cg_uuid=5b4b0ae31ddc31bf02e748bbfe0700d1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://helixsleep.com
content-type: application/json
date: Thu, 09 Mar 2023 14:54:11 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136de6c432e9418f9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f12856f2f17071a10acf9f29f674cd087db077d6a18ff2c2357843a8d34c7066502279b005209600458c6be3f4e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c46235103f6867a347854a6f31c7c84aef32cc6b35a261c2dada5a5949b23e8cfc248b5038e523c63c4ed86a7b376cccee879cf774a91bac333074ea23d36e0d34831bb98e527d05be049f7c045ad1c9a923f956162c89425d86793bd8784daab96447baf73f5d49d7c0d67e38e3686f106ee2a155e89190fdb94dc9893acd40df52fd788b2877be5726a09917f2595999e491aedbb4ea406f6824e9370927e065c42c30bb00adaccb970e78037c417e9cbcbcd68b348497aed5f130c664a75d0bd23fa05d2cbc77cf6d025ed972fcb8fe5be25dee3b611267fc8b11e68f6f7471a02b4b4b27ab67fcbf856ebfc3cf029f664d7118156c5a22ed50635b7f6806c2d6c38566b0f1c57f9f3907e8c53f11c19126da1eb11cd920a52eca4cdeded1f9eb4b1a2c281fbe3415d3df84785b359688a436305d6655a796ff178a97210d0f7d335d8138b7cdef568b4ec1f93690e3f21047b1b9fc7e7dd397b5398195b91d0dbb8b4cd500499a2a16fd4936171b3d60e3f68fa8dc45021b73b985c991e8e2389469e9147eab020e38589d49f4f61e8e33d668368f085ccc36ac435411e039c6c3450edc24d93fe578fc0cfda5edf86993208304fbd3aa803af54acc42bee5720601b607f3cb910e8c1713cab73d2e3b06c8ddd479e756dae177b249cefd20c5fef6f86d36ab05532523cde6249ffeed461c2452288c753f7cdd794ed5ec81f117b07f8773940c8c1480dc663b4af8574d08d8e5b0a25fd34320205d30504b3dbfc121291616dc1d7da10dbdebbd34b62e772a90d341390123f6d8a93571099dce2caf0ed50b278b4648b609dd31ed6b4bb52779dda1f91c5e7ec93e1dc9b651ecfb368&cri=RTOEHc026t&ts=491&cb=1678373651584 | 50.16.211.97 | 200 OK | 43 B |
URL HTTP/2obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136de6c432e9418f9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f12856f2f17071a10acf9f29f674cd087db077d6a18ff2c2357843a8d34c7066502279b005209600458c6be3f4e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c46235103f6867a347854a6f31c7c84aef32cc6b35a261c2dada5a5949b23e8cfc248b5038e523c63c4ed86a7b376cccee879cf774a91bac333074ea23d36e0d34831bb98e527d05be049f7c045ad1c9a923f956162c89425d86793bd8784daab96447baf73f5d49d7c0d67e38e3686f106ee2a155e89190fdb94dc9893acd40df52fd788b2877be5726a09917f2595999e491aedbb4ea406f6824e9370927e065c42c30bb00adaccb970e78037c417e9cbcbcd68b348497aed5f130c664a75d0bd23fa05d2cbc77cf6d025ed972fcb8fe5be25dee3b611267fc8b11e68f6f7471a02b4b4b27ab67fcbf856ebfc3cf029f664d7118156c5a22ed50635b7f6806c2d6c38566b0f1c57f9f3907e8c53f11c19126da1eb11cd920a52eca4cdeded1f9eb4b1a2c281fbe3415d3df84785b359688a436305d6655a796ff178a97210d0f7d335d8138b7cdef568b4ec1f93690e3f21047b1b9fc7e7dd397b5398195b91d0dbb8b4cd500499a2a16fd4936171b3d60e3f68fa8dc45021b73b985c991e8e2389469e9147eab020e38589d49f4f61e8e33d668368f085ccc36ac435411e039c6c3450edc24d93fe578fc0cfda5edf86993208304fbd3aa803af54acc42bee5720601b607f3cb910e8c1713cab73d2e3b06c8ddd479e756dae177b249cefd20c5fef6f86d36ab05532523cde6249ffeed461c2452288c753f7cdd794ed5ec81f117b07f8773940c8c1480dc663b4af8574d08d8e5b0a25fd34320205d30504b3dbfc121291616dc1d7da10dbdebbd34b62e772a90d341390123f6d8a93571099dce2caf0ed50b278b4648b609dd31ed6b4bb52779dda1f91c5e7ec93e1dc9b651ecfb368&cri=RTOEHc026t&ts=491&cb=1678373651584 IP50.16.211.97:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdb04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136de6c432e9418f9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f12856f2f17071a10acf9f29f674cd087db077d6a18ff2c2357843a8d34c7066502279b005209600458c6be3f4e77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c46235103f6867a347854a6f31c7c84aef32cc6b35a261c2dada5a5949b23e8cfc248b5038e523c63c4ed86a7b376cccee879cf774a91bac333074ea23d36e0d34831bb98e527d05be049f7c045ad1c9a923f956162c89425d86793bd8784daab96447baf73f5d49d7c0d67e38e3686f106ee2a155e89190fdb94dc9893acd40df52fd788b2877be5726a09917f2595999e491aedbb4ea406f6824e9370927e065c42c30bb00adaccb970e78037c417e9cbcbcd68b348497aed5f130c664a75d0bd23fa05d2cbc77cf6d025ed972fcb8fe5be25dee3b611267fc8b11e68f6f7471a02b4b4b27ab67fcbf856ebfc3cf029f664d7118156c5a22ed50635b7f6806c2d6c38566b0f1c57f9f3907e8c53f11c19126da1eb11cd920a52eca4cdeded1f9eb4b1a2c281fbe3415d3df84785b359688a436305d6655a796ff178a97210d0f7d335d8138b7cdef568b4ec1f93690e3f21047b1b9fc7e7dd397b5398195b91d0dbb8b4cd500499a2a16fd4936171b3d60e3f68fa8dc45021b73b985c991e8e2389469e9147eab020e38589d49f4f61e8e33d668368f085ccc36ac435411e039c6c3450edc24d93fe578fc0cfda5edf86993208304fbd3aa803af54acc42bee5720601b607f3cb910e8c1713cab73d2e3b06c8ddd479e756dae177b249cefd20c5fef6f86d36ab05532523cde6249ffeed461c2452288c753f7cdd794ed5ec81f117b07f8773940c8c1480dc663b4af8574d08d8e5b0a25fd34320205d30504b3dbfc121291616dc1d7da10dbdebbd34b62e772a90d341390123f6d8a93571099dce2caf0ed50b278b4648b609dd31ed6b4bb52779dda1f91c5e7ec93e1dc9b651ecfb368&cri=RTOEHc026t&ts=491&cb=1678373651584 HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: cg_uuid=5b4b0ae31ddc31bf02e748bbfe0700d1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Thu, 09 Mar 2023 14:54:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
|
|
| obs.cheqzone.com/mon | 50.16.211.97 | 200 OK | 0 B |
IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1786
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: cg_uuid=5b4b0ae31ddc31bf02e748bbfe0700d1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://helixsleep.com
content-type: application/json
date: Thu, 09 Mar 2023 14:54:12 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obs.cheqzone.com/mon | 50.16.211.97 | 200 OK | 0 B |
IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1781
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Cookie: cg_uuid=5b4b0ae31ddc31bf02e748bbfe0700d1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://helixsleep.com
content-type: application/json
date: Thu, 09 Mar 2023 14:54:12 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| helixsleep.com/helix-sleep/css/app.css?id=3dc310e44e0b2d5cf6bc5201b227e45e | 167.172.14.23 | 200 OK | 0 B |
URL HTTP/2helixsleep.com/helix-sleep/css/app.css?id=3dc310e44e0b2d5cf6bc5201b227e45e IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
GET /helix-sleep/css/app.css?id=3dc310e44e0b2d5cf6bc5201b227e45e HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:06 GMT
content-type: text/css
last-modified: Mon, 06 Mar 2023 10:26:15 GMT
vary: Accept-Encoding
etag: W/"6405bfc7-1d9c7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-aba356a.js | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-aba356a.js IP104.18.70.113:0
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:09 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: q2gF6z2MP6Frj26/vmxWAgZEbejtd8Qyp91+vwO5NsVeN0fjA8MMlwLcqg8/KwZ51042Ejvb41gnKeMQfpb/4g==
x-amz-request-id: 89X1BWWM9Y13ZFJE
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:16 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:15 GMT
x-amz-version-id: Aten4Zrf5iBrd5Ok7xhtnE66noYq9zNt
cf-cache-status: HIT
age: 231653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BWvtYbmdrvi2kDqFHMB0tfWD6gqZbqKwBHVX4jdypPnx6LMafvLnSphP6hIDDAd8N5RxQDwCb%2BOfjbDOdpfpY5qtoQhRzyopLLV20cDkr%2FipiiR53FhDBtxhIikiOxI67%2FrsqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426ce1b58b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.equalweb.com/style/default.css | 104.26.13.95 | 200 OK | 0 B |
URL HTTP/2cdn.equalweb.com/style/default.css IP104.26.13.95:0
GET /style/default.css HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:07 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 23 Jan 2023 09:32:18 GMT
etag: W/"07de495d2fd91:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1918697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8MvT2iJnlSL%2B3yYhdjr8APqiQU3kbUUTmfOI9e9G5%2Fp%2F3YBuJlxIRa9SDkngaQ%2BpzsID8rQaaCSZVSp2HKEF8CSEUgjDkrc%2FQUaWkN97F2nY5zPyIm0MZ211Q2O8Bldg4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
server: cloudflare
cf-ray: 7a5426c14b65fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_33ae067b5c | 143.204.55.61 | 200 OK | 0 B |
URL HTTP/2cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_33ae067b5c IP143.204.55.61:0
GET /tag/4-latest/unified-tag.js?v=4-latest_33ae067b5c HTTP/1.1
Host: cdn.attn.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Mar 2023 16:17:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: AH5gZeU.6nC_4eeePlrZrHqq_cReUAXy
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Mar 2023 14:49:20 GMT
cache-control: public, max-age=300
etag: W/"8b5a507ac3a40a333e8baf263df2307a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TSU-5zpshIsIOCzje-KtCR1xKt8VHjl2tXZHNc0flCoWUoPfPSVnYg==
age: 296
X-Firefox-Spdy: h2
|
|
| cdn.equalweb.com/style/btncolor.css | 104.26.13.95 | 200 OK | 0 B |
URL HTTP/2cdn.equalweb.com/style/btncolor.css IP104.26.13.95:0
GET /style/btncolor.css HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:07 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1535362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ib7nSXcfPSzpbHLhEYlvCOLv8hvdfYTZhrEcBxLeN0DRk5VD%2BWh2ylnX4viaa35j6uTWznGnkNa%2FyBiVVt32S8vW7G9R6cA6QLXjOraSyal%2BnVwkgMPmENLYM3hhaD7EWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
server: cloudflare
cf-ray: 7a5426c15b6bfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| helixsleep.com/vendor/universal-navigation/css/universal-navigation.css | 167.172.14.23 | 200 OK | 0 B |
URL HTTP/2helixsleep.com/vendor/universal-navigation/css/universal-navigation.css IP167.172.14.23:0 ASN#14061 DIGITALOCEAN-ASN
GET /vendor/universal-navigation/css/universal-navigation.css HTTP/1.1
Host: helixsleep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/?utm_campaign=2023__GetEmails_Welcome&utm_content=2023__getemails_welcome__1_message_a&utm_medium=email&utm_source=zaius&zm64_id=d2FmaW5uZXJhbkB2aWtpbmdoY3MuY29t
Cookie: XSRF-TOKEN=eyJpdiI6IjRDeURMRFRaZFFqVG83bUpRb3VpS0E9PSIsInZhbHVlIjoiZXphUzkyendUQ3E3M1FDN3lzcUIxNnJRM1ZGU3FrVCtiZjdKSHM4TFZQTFk1MHFlQ3NVZnlvTlNJNUVFeDl1S0lOVWNNUll2a2poVnUvbFFPUlRpeHhnL1RoaWlLT082VXlyNnhTWGdONjNwdVpjejU0ZDFGN0NtSDVXczJlQ1MiLCJtYWMiOiIxMGYxZWZkMjQ4NTQ3Mzk1MjNlMzVjOGM2OWE4OTQ4ZjE3NDNmZjk2MmJmMmQ4M2U1YTE0Y2M3MmMwZWQ2ZjljIiwidGFnIjoiIn0%3D; stratasphere_session=eyJpdiI6IitDTTB2blJ3Q3ZkNHRlZnNYNEZmOVE9PSIsInZhbHVlIjoiMmswd1E1WENsdHFpbTU1Tytrbms0Vk01bVFSaS9lZWMvZDZTMWZLQ1MxeXcyc2FRTE93SE5vUVJXK2loUzZjbHNHTURrV2VGcFdyZzYvN3NhNnN2MDdFV2UwL1VyNmROMW5VZ3loVFlSSzJyOHE5VjhvS3UyNUNBNzMzaHBxMTkiLCJtYWMiOiI3MTA0NTY4NTk1YWE4MzQ2NGQwYWM4MGFjYjQ5NDkxM2ZjYWZjMzAyYWNlMGNjMmY0NjY2MjdhZDM4OTEzNmVkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 14:54:06 GMT
content-type: text/css
last-modified: Mon, 06 Mar 2023 10:26:34 GMT
vary: Accept-Encoding
etag: W/"6405bfda-695"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js IP104.18.70.113:0
GET /web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Q1f/JMMz6QjzHSdLnl4w8E1+9tmxgDhcAkpor3MzQTnMvA67N22H+gIuzcHcAF+hU68KXSk6h4I=
x-amz-request-id: 7G02BZF8ZWP4EJWV
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:54:35 GMT
etag: W/"eedb4cea9560ced37dd5b42f217cd73f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:54:34 GMT
x-amz-version-id: iqSfnH47yjVicuu9VqfwVNvO6uHKt4ZX
cf-cache-status: HIT
age: 231654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cH2yPFIwy7Q4O3JiZJpNUQXbLTKA2RIR8rNvFmkE%2FU2FBPjeiGH5V22hG7olSS4LsxxHyRQ9%2BJX9ystsph2NSwlKRtAEk4INpjqgxAKyghDbjs%2BFeXoqOL3jnk6ftrcZhDzVMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c44d67b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-8165-aba356a.js | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-8165-aba356a.js IP104.18.70.113:0
GET /web_widget/latest/classic/web-widget-8165-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 5DoJW4wS4XiWT7c7S3KYo6COp8m72FO15rgvQG4xGrMQhG+FfDplHk80rE8j2ZmnUWMH4yPlm8x4ZZALhWgM6w==
x-amz-request-id: 7G07TFCFR5GTXYD4
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:16 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:15 GMT
x-amz-version-id: iUWPeTDiuWSwvUpbZ5We7psGHDE5L6CL
cf-cache-status: HIT
age: 231653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBtue3XsE%2FX5IfZGSyWNQhq28PqljrbtuuW4cp2rdsehSz2MBMAq13RshAxU%2BN6WLUBeqrTPxgSiwo%2FyUq6qrvU6lF9Vu9wZIKyQ0%2FKh%2F8p7KD4E6i0FC0N3ZdZ47hxD9LE1pvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c6984bb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| in.hotjar.com/api/v2/client/sites/677767/visit-data?sv=7 |  46.51.204.8 | 200 OK | 0 B |
URL HTTP/2in.hotjar.com/api/v2/client/sites/677767/visit-data?sv=7 IP46.51.204.8:0
POST /api/v2/client/sites/677767/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:10 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.hotjar.com/c/hotjar-677767.js?sv=7 | 54.230.111.66 | 200 OK | 0 B |
URL HTTP/2static.hotjar.com/c/hotjar-677767.js?sv=7 IP54.230.111.66:0
GET /c/hotjar-677767.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Mar 2023 14:53:24 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ee0896dc38815b9b20d1093e8f4f562b
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IQWPdOccPYvlh6-CLPciOzuu2De8ONbG7uGpZOnUkTpqcTqqa-xgkw==
age: 46
X-Firefox-Spdy: h2
|
|
| cdn.equalweb.com/assets/scripts/locale.js | 104.26.13.95 | 200 OK | 0 B |
URL HTTP/2cdn.equalweb.com/assets/scripts/locale.js IP104.26.13.95:0
GET /assets/scripts/locale.js HTTP/1.1
Host: cdn.equalweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helixsleep.com/
Origin: https://helixsleep.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:07 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
etag: W/"80d59982334d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1535362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE1IX%2BM0gqGhv7rIp4ZLG7D81jTy8pbV197smMFNoffuuBjiGULfdoGwOSlp614h7M4gQibTJyVZYKXnZyXonjVQK1QmKVG9q90kAtW9Gj8xT5Y6BFLWgum1s52eSBLQxV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: NO
server: cloudflare
cf-ray: 7a5426c15b6efab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ekr.zdassets.com/compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2ekr.zdassets.com/compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d IP104.18.70.113:0
GET /compose/251437a1-bd84-48a1-bb87-1c0d5ac4ee8d HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://helixsleep.com
Connection: keep-alive
Referer: https://helixsleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:07 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"1e143a8960b839d673bbce2065898867"
x-request-id: 7a3ef14ffa5abca3-ARN, 7a3ef14ffa5abca3-ARN
x-runtime: 0.003415
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfbm2TyBi04w9AHd4LLVpYINcI9gelnVWjLKYcdkP%2BzogsqNvpUF2LYpF7NbPDV%2F1IRDzxGzKq8CmyEPVB3y0Yo9FvsQcto9ZmPwpYM8ooQ2rnf5kextqD%2BXHxW9XNg2auQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c2adf00b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-5324-aba356a.js | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-5324-aba356a.js IP104.18.70.113:0
GET /web_widget/latest/classic/web-widget-5324-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: xjYnGkfnJo1xgOs6HKy1jXIoypHvJUF83PE332HfuykJ7NLVhbiwRc8omGk8zvtaHYzZOQ9TxOdGN51abno7xw==
x-amz-request-id: 7G0E6SC03S8R275G
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:16 GMT
etag: W/"14afd4b9ce9457ee70570ecc65e1a842"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:15 GMT
x-amz-version-id: mEpXPTREIBHYWbMrVTQyEoIHbE3ao2cY
cf-cache-status: HIT
age: 231654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpmHDgIE9dkuml1mFvCCVMEKRF%2BQSELKgD0c6v3QC8L7s1hxzPGlszDeTHDlE1uzA96p8v5MFosoxY8jl7VZy%2FRh4wqYtgGTx0BDxakL8VZJBF6PmsfUWFowDNLUwWK06EaOO%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c6984cb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-aba356a.js | 104.18.70.113 | 200 OK | 0 B |
URL HTTP/2static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-aba356a.js IP104.18.70.113:0
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-aba356a.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 14:54:08 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: sAtk+FAtpATnDnZia1erB3BJjGNxdLb1mxbahH+Yv3dj9GfhXP9ylxMhvMUeROCQjSG8bugPcFA9UhrQSwqoRg==
x-amz-request-id: EAZJHCM712FZWFR6
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Mar 2023 05:57:18 GMT
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Mar 2024 05:57:16 GMT
x-amz-version-id: rLHTbOrOsDjHUCBOEua9NR.g95LeoojI
cf-cache-status: HIT
age: 231652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA6X2sTd%2B2%2BmttatHOvPY3W%2FvcjaIQ%2Bwv%2BBIS3i5J7dNjGE8jyxlHD%2BWM2cvcMr%2F1VYP%2FpKXvEFokmLgc63GmnEkuXyQ6CK5GeznFsvX18X9MIW56Gi%2Fhp%2BvSXoI9pu2W%2FLb3Zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7a5426c93c43b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|