offer.buysuresleepdirect.com Open in urlscan Pro
2606:4700:3031::ac43:b937  Public Scan

Submitted URL: https://buysuresleepdirect.com/
Effective URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Submission: On July 17 via api from US — Scanned from DE

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 107 HTTP transactions. The main IP is 2606:4700:3031::ac43:b937, located in United States and belongs to CLOUDFLARENET, US. The main domain is offer.buysuresleepdirect.com.
TLS certificate: Issued by WE1 on June 30th 2024. Valid for: 3 months.
This is the only time offer.buysuresleepdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 45 2606:4700:303... 13335 (CLOUDFLAR...)
3 34.96.102.137 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.216.211.233 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.117.205.107 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 151.101.66.133 54113 (FASTLY)
11 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::42 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 20.122.63.128 8075 (MICROSOFT...)
107 21
Apex Domain
Subdomains
Transfer
48 buysuresleepdirect.com
buysuresleepdirect.com
www.buysuresleepdirect.com
offer.buysuresleepdirect.com
568 KB
12 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
22 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
p.clarity.ms — Cisco Umbrella Rank: 8701
28 KB
7 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 567
fonts.googleapis.com — Cisco Umbrella Rank: 110
249 KB
5 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 4027
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4898
42 KB
5 gstatic.com
fonts.gstatic.com
maps.gstatic.com
70 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
161 B
4 amazonaws.com
holidayofferbadges.s3.amazonaws.com
375 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6716
189 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
362 B
3 appspot.com
gtm-khd4rlt-owq2o.uc.r.appspot.com — Cisco Umbrella Rank: 787094
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
302 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
2 KB
2 mxj5trk.com
www.mxj5trk.com — Cisco Umbrella Rank: 739803
19 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
774 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
27 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 5561
64 KB
107 18
Domain Requested by
46 offer.buysuresleepdirect.com 2 redirects offer.buysuresleepdirect.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 maps.googleapis.com offer.buysuresleepdirect.com
maps.googleapis.com
4 region1.analytics.google.com www.googletagmanager.com
offer.buysuresleepdirect.com
4 holidayofferbadges.s3.amazonaws.com offer.buysuresleepdirect.com
3 p.clarity.ms www.clarity.ms
3 www.google.de offer.buysuresleepdirect.com
3 stats.g.doubleclick.net www.googletagmanager.com
offer.buysuresleepdirect.com
3 gtm-khd4rlt-owq2o.uc.r.appspot.com www.googletagmanager.com
offer.buysuresleepdirect.com
3 static.klaviyo.com offer.buysuresleepdirect.com
static.klaviyo.com
3 fonts.gstatic.com offer.buysuresleepdirect.com
3 www.googletagmanager.com offer.buysuresleepdirect.com
www.googletagmanager.com
3 dev.visualwebsiteoptimizer.com offer.buysuresleepdirect.com
dev.visualwebsiteoptimizer.com
2 c.clarity.ms 1 redirects
2 maps.gstatic.com offer.buysuresleepdirect.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.clarity.ms offer.buysuresleepdirect.com
www.clarity.ms
2 www.mxj5trk.com offer.buysuresleepdirect.com
www.mxj5trk.com
1 c.bing.com 1 redirects
1 region1.google-analytics.com offer.buysuresleepdirect.com
1 fonts.googleapis.com offer.buysuresleepdirect.com
1 code.jquery.com offer.buysuresleepdirect.com
1 cdn.jsdelivr.net offer.buysuresleepdirect.com
1 www.googleoptimize.com offer.buysuresleepdirect.com
1 www.buysuresleepdirect.com 1 redirects
1 buysuresleepdirect.com 1 redirects
107 26

This site contains no links.

Subject Issuer Validity Valid
buysuresleepdirect.com
WE1
2024-06-30 -
2024-09-28
3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2024-06-29 -
2025-07-31
a year crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
mxj5trk.com
Starfield Secure Certificate Authority - G2
2024-03-26 -
2025-04-27
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
static.klaviyo.com
R11
2024-07-11 -
2024-10-09
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
static-tracking.klaviyo.com
R3
2024-05-20 -
2024-08-18
3 months crt.sh
*.appspot.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.google.de
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Frame ID: 7F6B0214C5EC679412B6909E5507D77E
Requests: 105 HTTP requests in this frame

Frame: https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: F277286C6656199207335678FEAA84DC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Sure Sleep

Page URL History Show full URLs

  1. https://buysuresleepdirect.com/ HTTP 301
    https://www.buysuresleepdirect.com/ HTTP 302
    https://offer.buysuresleepdirect.com/offer/1/index.php HTTP 302
    https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • math(?:\.min)?\.js

Page Statistics

107
Requests

98 %
HTTPS

74 %
IPv6

18
Domains

26
Subdomains

21
IPs

4
Countries

1798 kB
Transfer

4325 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://buysuresleepdirect.com/ HTTP 301
    https://www.buysuresleepdirect.com/ HTTP 302
    https://offer.buysuresleepdirect.com/offer/1/index.php HTTP 302
    https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Request Chain 93
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&RedC=c.clarity.ms&MXFR=19ECA2979D0E61520B87B628990E6FAC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&MUID=368BDDB6B9676A5E31D8C909B80C6B88

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request checkout-now-v1.php
offer.buysuresleepdirect.com/offer/1/
Redirect Chain
  • https://buysuresleepdirect.com/
  • https://www.buysuresleepdirect.com/
  • https://offer.buysuresleepdirect.com/offer/1/index.php
  • https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
75 KB
16 KB
Document
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1d5359a11186bfb777678154f4aec747069f6f393a9f911f0c17b9093abd37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a4db31edcb43662-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jul 2024 22:34:29 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7dfiVrzweiyiKm4wPDdEh5%2Fh1gZj8UiEt4XGh7AIuiki974Fnj7OEDO%2Ba%2BQilZZ1jHhG%2F8O1hUWK5XKXeuW6MdcqBoumgGKKwmzW5syCiaZ2Ks%2F6%2B4gwT%2FR4rlV84y%2FP5%2FcCspytoqNVGFPqxWvJOZHWTsLSODIzumZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a4db31d0c371970-FRA
content-type
text/html; charset=UTF-8
date
Wed, 17 Jul 2024 22:34:29 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
checkout-now-v1.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ker7NhCFtOMBFNnuP7DODGlT1YlJvopGIy7RMt8EbfqL%2BGvcmdvGhGEKt8xyZd0zOVD%2BjSEnJZmG%2BY7ITss2T%2B3UHPOTrov07Hf5gbmVb0Xj2UrjgcBD6jeWIWW%2BSGhfwEKOk4NW0H4Wxu29z4%2FWxOJLPlqcR09RzxK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding
51174.js
dev.visualwebsiteoptimizer.com/lib/
3 KB
2 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/lib/51174.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
70f14539548f3043f1c3697f01f9f8089e228529131981178abcab281dd4a4f0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-computed
true
date
Wed, 17 Jul 2024 22:34:29 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1721230048"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache,max-age=0, public, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime
0.017118000001574
optimize.js
www.googleoptimize.com/
177 KB
64 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5PF7RZW
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b149731c8be228d34b7048030754b754d845036f78aea451868d6d49303d902f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65434
x-xss-protection
0
last-modified
Wed, 17 Jul 2024 21:43:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jul 2024 22:34:29 GMT
app2.css
offer.buysuresleepdirect.com/offer/1/app/desktop/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/app2.css?v=14.30
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185dea2f3c9d81a1e8cdf9d66c03ed55985422fdb39cc8047ecb6e7d73c947d2

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2728
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aV1sAgr8EIqMmaLFatUYV32xv5rKYdylx0s5Kg0u6UiGIISqRuPauFtSFfBLoKLz%2BBtIus9Ya4Yqg6ZdKzyW7dGyxJANYJmwH5ZswVzDQhTdToYojpoxkDEAu8ay%2F%2FDNqmNmykJcGaaYLQCGPNPjMxQxPAq5FPcfQjWg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320febe3662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
custom-extra.css
holidayofferbadges.s3.amazonaws.com/cdn/
0
353 B
Stylesheet
General
Full URL
https://holidayofferbadges.s3.amazonaws.com/cdn/custom-extra.css
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.211.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 22:34:31 GMT
Last-Modified
Fri, 07 Jan 2022 11:05:54 GMT
Server
AmazonS3
x-amz-request-id
0SS6A0T5Y60CW382
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
VN5CAJS04tPN9Cr6EUtlN8zzeayxLBcCDbChm+i6AN+2MMtZ7j5reA0t0FHGuuTRvpxrE1mdiq4=
repeated-order-confirmation.css
offer.buysuresleepdirect.com/offer/1/extensions/RepeatedOrderAlert/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/extensions/RepeatedOrderAlert/css/repeated-order-confirmation.css
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330db7a50d1ae42872a38200a500f85fbf3c3667d1c93a8856db0c0abe8339fe

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
753
last-modified
Thu, 12 Jan 2023 01:44:04 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDAc8asKoLbdfCX%2Fg%2Fx6IFw6B7evQr3Tqa4EJmSB8cbZrcCNmZhFQ3c4j6Kp0wcoDb5uKsx5rKqVdI6bmYGuKfDDAILZd5DNGcpSjKj63M%2FX6FGt%2FgMkztapFst2DQ16xYdDBEBkhA1UCOdMHyK0gXGW1%2BVMJ8qjrY3i"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320febf3662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
repeated-order-confirmation-additional.css
offer.buysuresleepdirect.com/offer/1/extensions/RepeatedOrderAlert/css/
758 B
848 B
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/extensions/RepeatedOrderAlert/css/repeated-order-confirmation-additional.css
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e74d51df9e880731f844687b2799027b532dc2db6049fdd479ec3f14a37223b

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
310
last-modified
Fri, 13 Jan 2023 14:14:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZU3howLWyJKjAe4AbNIk1n1cOTvmznhdH%2FVL1EZY7FtWdSP%2BrQC4sFxzt6uA9DOmj7N4vxAE6uIEMU5n5BfXBD3dEpHssuGATR3%2BqLOUtDe6xVrKt8Pbps%2Bw6kcE4iSNwlOVLOk5soa5%2BtG1Spxr1%2FkKYiKsBb8IvkpC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320fec03662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/
158 KB
27 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6431730
x-jsd-version
4.6.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26391
x-served-by
cache-fra-eddf8230108-FRA, cache-lga21976-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUYvWIabUsjCcP6Odm5Hzp4VFJvURaXC0aZxNrlUKep5JlPNgsJXX4jG4E4oFFDRL8UGDSr1ovSP6MQooRxXtlhtfC7T%2B5PGNir%2BVK1nxOgUG7NP3%2BmgidBF9DIuKtsHp6MZXkY%2F7oAJ8GisYbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a4db3214a2f2c2e-FRA
homeFooter.css
offer.buysuresleepdirect.com/offer/1/app/desktop/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/homeFooter.css?v=419837379
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b831a157e77e203df373404b01973e0a9ac5e5bc328d0fbc21e01472db83f181

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
786
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOHX7b9tnx%2Fvc%2F2s0kpXr81Ui7tjQfURbkSw5PYvcL0yEfiAYhsz3%2BE10%2F4US%2Bwej%2BmRmXcZ4VdKSbwhkbPJmXX8X%2FDkQIhi4oCk%2Fl2Uce%2B6s4NrbVXe7OmGxxBys576LO42uvZRzdZOu%2BoAC70l4g3PgXmTPDyYBZEB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320fec33662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
style-checkout.css
offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/
84 KB
12 KB
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57f728bf72bd9b5e7d855e59c8f6a62fab89b200d91586ae68b3afe2f10f533

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11572
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sv%2BkYn5HSN4iD%2FPRd57Th%2BlSO6zTvfO988D6uzrPt8XdzqiMCq9bwCyH9zxiVPjPMgbWMA4ZuicS5Uf%2BGlp3kJGC9Hwqwv6DwPFyZASSg9WCVsD%2BiGDU99yO6kRPVve516vX6vv%2FjdsPpYXswAgmVizyfG1LmOvQaaOQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320fec53662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
bottom-popup.css
offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/
2 KB
1 KB
Stylesheet
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/bottom-popup.css?v=1197572843
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75f9edc24359709539b2eb498647616fac90721780edc8328c4d031918a7b43

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
688
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTE%2BjJ2mV5vm3bqgkaXV5vAZcV15X5koKN%2B1VMbLBGrm4zMzWkN55FUHVcAvHxZLyi6xnHInWz%2B9dIaxcm9O8UrlF9DZDHp2BJDHkJTS4cxZhDsodW0sSB%2BDZl21g7pX8VZv2YqmYYMvSH1NvJbPuLRJDdmf4m5fnSOd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db320fec63662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
everflow.js
www.mxj5trk.com/scripts/sdk/
60 KB
19 KB
Script
General
Full URL
https://www.mxj5trk.com/scripts/sdk/everflow.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.205.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.205.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
314b074d0362794037beb8b4d12d2493de3cf35848391a80bfe5ff55ee8b0844

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
9bef80f5-4ef4-44b5-a8da-097cfe8c74de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Black_Friday_top.png
holidayofferbadges.s3.amazonaws.com/
345 KB
345 KB
Image
General
Full URL
https://holidayofferbadges.s3.amazonaws.com/Black_Friday_top.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.211.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e49110983de7dac03e408d58f8118433d6940de31bfdcc86b154e5ce19250fce

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 22:34:31 GMT
Last-Modified
Fri, 05 Jul 2024 07:12:11 GMT
Server
AmazonS3
x-amz-request-id
0SS9VRNYGNA256XB
ETag
"90c4906133170b73d0a990a128d59ba4"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
353210
x-amz-id-2
Ap8TrN0jZaAQaSRWnXayQCZCkJOiNn9WOigmDHhzB1f63Sq/kdMgOZovmKYXjjoZVzDUa9S/nOA=
Mobile_Reconstruction_1.png
holidayofferbadges.s3.amazonaws.com/
27 KB
28 KB
Image
General
Full URL
https://holidayofferbadges.s3.amazonaws.com/Mobile_Reconstruction_1.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.211.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8d226a3b601fd2897a54f3506204fc027fab10d7db4e5c7e94d848284af49a07

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 22:34:31 GMT
Last-Modified
Fri, 05 Jul 2024 07:12:13 GMT
Server
AmazonS3
x-amz-request-id
0SS1P410TEN54B6Q
ETag
"efb8fe8f8df224dbbdb6e67ee2843c93"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28049
x-amz-id-2
ZuUh8EQNcDagBJVSERUWZl5Z+zTHijYU9u6C75H0Sa7EEvCDbc1tOyjO/lNB64IehbsfYKzsEL4=
logo.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
6 KB
6 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/logo.png?v=5.36
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7116e321dfee87ef3884823c24378895819f27c0f0dd576c50156b6cfc9729c

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSplGizmouzKsfStIkQ7L1%2FxHZH22ffrCct6jKKLBL%2B0c%2B%2BAIpObXSUacntfeVd4r%2FdagtnzzyzLzw3zP%2F1X0qETNEschxbCuxLbzyUjlkZXJLKbA3pmmrsQRYZ84iXP6%2Fwi1i%2F8JGI1X90s6DVtM1Xd9sVX5OepzIU3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323c97d3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
6100
expires
Thu, 17 Jul 2025 22:34:30 GMT
product1a.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
39 KB
39 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/product1a.png?v=219453742
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d901648ffe973792ea60cfafba50cf65506d8f4cdb7f2d3a11e937ae8388ba7

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gzx56Mi27of4uQ0adw8x26fABo5V0vp1qz%2B%2Bg17p23pf6Fao3M5JDUi%2FWYMuzr29SAAQiVERPKk5XVw7PxtcHEYd1TNJeGWj%2F%2B4QUWaAPPN%2BmpVhEn9%2BKLva2j5GMb6rUHJSIFIovvUSDHFhCFZ%2FupgiD%2BxtIFqEx04v"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323c97f3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
39763
expires
Thu, 17 Jul 2025 22:34:30 GMT
five-stars.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
20 KB
20 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/five-stars.jpg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c79579693edffe7706792734b37750df66eb7c661da88323c3b2ea711a826b

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jhXPkiJKWifur3jMvZcF%2Bk8zv3bbOs3IF6YFX03znCdgVCe6o2GQ1uKqMRb7PzgQChdVchur6GmefOv3p40ImyoF94pLrBOVmwM%2Fd2zgnfKZZ%2BywclIDGMDtinUQ6KOgq1y3IF7MWukbDPusZmKQEbGODcBaMC1%2Buuo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323c9813662-FRA
alt-svc
h3=":443"; ma=86400
content-length
20007
expires
Thu, 17 Jul 2025 22:34:30 GMT
right.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
3 KB
3 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/right.jpg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b017fc90dd71504dbd2e3fbcd45a2fd8b62c4f1de7bcaeb89d096a7e653775

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAS%2FOTJaiR0E4uvju8HD5wIhtosQNoJ3bDgS5XoI1U9BRqKWUcgZXoezBd4Sy%2FtwlD2hO%2Fx%2BZsSPbn%2FiRIa6tjczrGe4SVX%2Fa%2F%2BcvzRtZ2nhkMq8SdHVD9j5BFXQtxu%2FZxP46M3nnpbb70GnVgfGocf%2FZysfLFhs02gB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9953662-FRA
alt-svc
h3=":443"; ma=86400
content-length
2853
expires
Thu, 17 Jul 2025 22:34:30 GMT
checkmark.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
5 KB
5 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/checkmark.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9794a946016559d35a2ace8bf934df7ff524db1d1132c5e68c53ca102989ea97

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ocvZkTts0myoFrNHNkk%2Bmz07hXhZp2YYwzuv1EYmlwWpOicmqw2nWCvoxNshRJjNDhYQnoz4ffB%2FUARXx1%2FF6e6GKe0mTIycxuZ8xCY2m8YYAXftuiaSkCrqXxKTWnqdtquZUSg81eqz0k8U8UDIpaTkCY11AkXY703"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9963662-FRA
alt-svc
h3=":443"; ma=86400
content-length
4959
expires
Thu, 17 Jul 2025 22:34:30 GMT
pp.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
4 KB
4 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/pp.jpg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde31bb69536c37fece6bcb15953427374042d0f1211dbfcadcdca48a8a88d0f

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0%2FJm%2FJhzy6OMj4cw%2Bgsg5NwrHBvr58A6L5V6QpnJRKzPJ%2FJODwNHbjmWVXQNlprrYzSTeuN%2BNescndNqGe1t%2F54zshUBEUsClUo6cQhijvDkH%2B5oAfp37sNHzx0s3IDn1kDQn%2FQUyPCZ9IDcEktyaptwnsXg9BmCWpN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9973662-FRA
alt-svc
h3=":443"; ma=86400
content-length
4018
expires
Thu, 17 Jul 2025 22:34:30 GMT
payment_credit.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout-now-v3/
7 KB
8 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout-now-v3/payment_credit.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06ea8235348eff3bcd2d88daedc709f1aae822b21ce392124e25f5d29de98e3d

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfmNZfdq9S%2B3QxXvoCIOzMfmbEaWMgjs7j9ZybG%2BahZsLzyrqHmg8FZw9fe3GoxvvwCBrSsDKVj9HtoQ5773Tos3rcImsG4j7foq6h0UqJopAgVlt%2FqZy%2BPECwbEmldYgg1whH2lYYJpOA4XUpcxCz%2FPmAlyliq9nHP6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9983662-FRA
alt-svc
h3=":443"; ma=86400
content-length
7385
expires
Thu, 17 Jul 2025 22:34:30 GMT
guarantee-90.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
53 KB
54 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/guarantee-90.jpg?v=1648213433
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38cd30cd6d72b4cd4075c9a82dbe5a8f185590b440fc658e9b4c82419f6997f7

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fe%2F4KqDij%2Bh9PyIC6qk36%2BCQXksRYXQZaTZiPZ7B99vEqQ7aBzUDycD5fDMMhZ2pl2XYBOMh05VllHpY88y3HhxEWFI9urRlqk%2BcUeFRXv5%2FgziEbefJWOmIVegWRzWfZdIkDPLcBPeabvqs4%2FUq1jR1H4zgiOasx5PW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d99a3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
54431
expires
Thu, 17 Jul 2025 22:34:30 GMT
red-arrow.857f0fc25e8c1a67.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
200 B
706 B
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/red-arrow.857f0fc25e8c1a67.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e528b84ff29b9f80f3ed6f6e1c52c3d106c6140bf9593881f70105e83a2d17f

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWQvzqozDU5pmavWKR54Jk8g0xxSQGp2oKg7W3MVFkNeW5sxz%2Fy7arX2EkZTDoM92oBLBcHiaNTzcMhSGgpmUYPgEToROyrC66tDYQqYmTHU87x1eUtJ2Y%2BwBpqS0qeXMxVbut5%2B5TpVcoVQXCxiMGGUKDmhx3uKyH4a"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d99b3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
200
expires
Thu, 17 Jul 2025 22:34:30 GMT
1-warranty-new.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
36 KB
37 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/1-warranty-new.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf14d599e60ea7b541e80ce86bda9bdc1f5fac6a71c5941652868471d105084

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRlLr%2Fw%2B9crWgBSSInP11393tsl%2BmcT3ueEv2FHO2v0SdSPZqIySykKLWnjwewLVjvGoMSM%2Fm%2BRHBTjuySKVzh2FGitom0vepsiMKuzcKp5OpSTk34Fpa6lGVmUpRd5DQZqD7RRumDNJVl21zBVENN64PJRfN1xozO%2BA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d99c3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
36971
expires
Thu, 17 Jul 2025 22:34:30 GMT
BF_desk_right1.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
22 KB
23 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/BF_desk_right1.jpg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd01e33266af298471c1e7a6e7b02d122a766e4797024cf4023a7b521a78fec

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHLj1sWHqHGMfcKvHFi9zQR21hJgP88o91J9vdv8BwggiwvcRTIYONkDrjyPU1S6LQqjRg%2Fg0qA%2B68HxWdKLOQdrxc9qlHeorEAC9fnG0RfLxbKITlJVkhXfdyzQPKflHkOz8btnM23EPR54lPaR%2FmQ8BUsvzD%2Bkb%2BKn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d99d3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
23023
expires
Thu, 17 Jul 2025 22:34:30 GMT
secure-score.jpg
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
10 KB
11 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/secure-score.jpg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c44b88db5db6a8703473488721f477e4e4e5f9d92b9701c8dfed55b4b9c7783

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFo%2BOxj8rpiKwUME0NnX%2BdGBO7pwvt%2FfoPKXHdl6ZKpNCILcMunIQZhcNy0WWtPWJz5Eei1na29O12LMo1F%2BmYTKOD%2FX3lkOnbT9L0hdRq0CoLmCYz4hxH7L%2F6x9fmx0l72Zj2ZiIiYA7qQGBQAZimWCCQSKl1ekBFP4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d99f3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
10268
expires
Thu, 17 Jul 2025 22:34:30 GMT
xclose.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
2 KB
3 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/xclose.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSYaNOce4oqBTc23vjDG%2Bnd6JNjdBITT0U5HL6SEdVtTlGc%2FS2v278S0ogCcyDEgwxyhd5X2aMS1UKnLfJMQxYFYb%2FjTqzV2JSj8xFIiSoS%2BgW09snL0TGmpff4joWT6RIgiM%2FgTjnAZxgLw5byyeJcE2dFGRI8xldun"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a03662-FRA
alt-svc
h3=":443"; ma=86400
content-length
2498
expires
Thu, 17 Jul 2025 22:34:30 GMT
bf_cm.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
5 KB
5 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/bf_cm.png?v=2.36
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2975080484cbd155df2640cf883b661d04c8d800b73d763d493445640326cb

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frUY3BBWNOg2g3AV8Jtfih7ycp3xwgk3dhov188VvE06ruYBWe%2BK0D9%2F3GmUFsycpO5gtlJFGilsv77Bop8VsvfFqpgvorLuuRtKztktaTUZqzPVA7C%2B%2BkavtbkZJHf5wYDCXGtIYyrlnL9k8O8yrUMLB%2FqDlfa4JJsW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a23662-FRA
alt-svc
h3=":443"; ma=86400
content-length
4911
expires
Thu, 17 Jul 2025 22:34:30 GMT
product1a.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
39 KB
39 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/product1a.png?v=476338432
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d901648ffe973792ea60cfafba50cf65506d8f4cdb7f2d3a11e937ae8388ba7

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMlMpZlXgxSRBJ5AwSHiZO0xyyYkqw0rtcIvzwkOmuQkSq%2FRk5rXPiDLOMm0H5gBRNyiGXk5DWwe%2F4JYo8C%2FKSEdG4zlOU946T7w3kZHLhDOIBgLFqE5PZaM7qYkmrQuRSDiZW8AO9c%2BDyh2B0lmzpaX2zqP2ZAksYXw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a33662-FRA
alt-svc
h3=":443"; ma=86400
content-length
39763
expires
Thu, 17 Jul 2025 22:34:30 GMT
visa-xpress-icon.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
18 KB
18 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/visa-xpress-icon.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8e591e72a475eda9a69cd2b2bd43858c341ce1c4549cad54a09a4be6307be1

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Qxu0wDOpnOeUaBnU2hCAHL26xF6fsbSkP%2FFjWZcxkKO6hoR%2F93uniSU8F2fDZL7FgU%2BGwkI5SeoYPeoXJCmO%2FzIKhUc8aYgRC7kCWIrdBpwPUisM4aKzPjwMjxEE58FZJr4elOFtq3%2B9ysQRwWVWGz8vTIFHsxbIUw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a53662-FRA
alt-svc
h3=":443"; ma=86400
content-length
18422
expires
Thu, 17 Jul 2025 22:34:30 GMT
logo-white.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
6 KB
6 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/logo-white.png?v=1947533144
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84391e5ccc6f7d4428436dfcd1c06b5fead9af983c20f5282d22731abdc87e78

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoHFFrI%2FTXzgudUTV157Q1MGBLrQ4mq0FZJLdA%2Fmelc1KrECKuv%2Bn4UbgzXMgVqO1R9YBNSIs5KtA%2FPHwSc2HnHLuK6rhjaXcMXR2nqlokeuYzUqtlb9PwdkWEdhc63EnKQ8skZ%2FJOHp3amHfF35q8CbUl6QbxAQnDWr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a63662-FRA
alt-svc
h3=":443"; ma=86400
content-length
6067
expires
Thu, 17 Jul 2025 22:34:30 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5936459
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1721255670.412618,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
9, 502540
math.js
offer.buysuresleepdirect.com/offer/1/app/desktop/js/
665 KB
178 KB
Script
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/js/math.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8601d42320b8c420d6f2c88e8f1f9495e04dedb281ef5455247b9635b42e3e50

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGpCNiCGML5DLyaPwATrJiR8sWNmGNGxhvow5FYDgjTJ%2FTaggBeT9rzU%2BlictP2HdLYpZKFTWLhm6rvCN6NlvCc7FRzztOnNiH3DCM5fOcWLcB6bIksIbzcvKdEmPMq3xWfMlNLVijlKzgbUQZM%2BCRpkVgu8TPtBHUBx"}],"group":"cf-nel","max_age":604800}
content-language
en-us
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
8a4db323c98a3662-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 22:34:30 GMT
codebase.min.js
offer.buysuresleepdirect.com/offer/1/assets/dist/
165 KB
46 KB
Script
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6f52a1706467f18d442698e791700e696b1be1791f965cb2d69ea481a2b6f3

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46661
last-modified
Wed, 25 Jan 2023 08:12:33 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqPFLtbK40fbQRLslvRCdYWqjVFchzZvIZklZ5p28BcMg9v%2B%2FwdLIV257IvSH49TKf4hk2tbRDHm%2FKwjHvNsKpLf98ChkszS0fBjPf3bh3y9aRKkPHcTQTy0A21xKkmEUZDPzFmsfJPmwA3mCOuACpaJBW8EbUJOlAv8"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db323c98b3662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
sticky-prospect-script.js
offer.buysuresleepdirect.com/offer/1/extensions/stickyProspect/js/
3 KB
990 B
Script
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/extensions/stickyProspect/js/sticky-prospect-script.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1737b0ee880c47fe84c0681893d3a08f2ad9179c10fd396523b4a7c7c79b35

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
442
last-modified
Wed, 22 Jun 2022 12:41:40 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yQuC9Fzd0SsmIXZM8QUupyd8At%2BxGyA6sqXPraj6oa12D64oH6fg%2BNnEx7yPalcZQtulZRefTOm5I%2B1uj9HfDUdLz20u7%2B5VCKmWux6M0OZPC%2BJya34HRWMhmv8XGiUqYmdcbjkCG8OeHnfHSPGGsHLlM94qVM4w6ct"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db323c98d3662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
custom-extra.js
holidayofferbadges.s3.amazonaws.com/cdn/
924 B
1 KB
Script
General
Full URL
https://holidayofferbadges.s3.amazonaws.com/cdn/custom-extra.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.211.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8ef95a4f3669c8d75c88a9ccc6fce6ae63e80e3a643fc76ca3ed7b8c594e39c0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 22:34:31 GMT
Last-Modified
Mon, 02 Oct 2023 06:16:26 GMT
Server
AmazonS3
x-amz-request-id
0SS1BMS194HE6RYV
ETag
"1ab4fcd0eed14de844f9b5ddf15215d5"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
924
x-amz-id-2
Md3msE4v1YSAQcfKWG3/LegRpkk6OJ4XkmePq8giuYIcp7BN9bXlWHpdDe0MvD8LL4ZUwh+2lcI=
js
maps.googleapis.com/maps/api/
279 KB
93 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
133f42d8a5e6234a3cadc33decb3b2289bae46acde3503cb2bce0ec6396fb8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94651
x-xss-protection
0
address-auto-complete.js
offer.buysuresleepdirect.com/offer/1/extensions/NLMGoogleAutoComplete/js/
11 KB
3 KB
Script
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/extensions/NLMGoogleAutoComplete/js/address-auto-complete.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d0dcceefcc36ebd3aaacace50e579cfdd02f1f934ee7daccb7b4443f628ebb

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2158
last-modified
Wed, 04 Jan 2023 13:24:20 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lq%2BaoIfyNz74wk4ip0wo%2Fchdry9xKEg7WBbjQjn1JFk7wTwLm%2FIWWQ25YzFXYQX7WxFO4GwslCZqyvxKRGFJk8xYdgACFLvJXUeY4%2BvnqdOncJnyhoaqfY3%2Fb1zhovxCUeN2uCiIRDKvNKQU4sm6yvmIbInIOMjnokSj"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db323c98f3662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
jquery.placeholder.js
offer.buysuresleepdirect.com/offer/1/app/desktop/js/
9 KB
3 KB
Script
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/js/jquery.placeholder.js
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c567765edf6f5abb1392849cba0ee33ac2ca61fba64ed0756ecda942a5f7cf

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2441
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bmRpWFpXp0BwNc3AgRrGeh4WL53c889IhavVAXu2asC0oiaLd4q6kG%2B3Tt98RTa9bg5FJ5ZRK%2FO%2FzayMOCSUqfQMdPds6ofKjO%2FzQ%2B26xxBuTtLYKS1arby2Yq3nLbA7zArPNtgQnrXURS1nbsJRkk5%2B2TW%2FuaiST%2BMT"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
content-language
en-us
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a4db323d9933662-FRA
expires
Thu, 17 Jul 2025 22:34:30 GMT
gv.gif
dev.visualwebsiteoptimizer.com/
775 B
587 B
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/gv.gif?a=51174&u=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/51174.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
bf30cb0a92a77230578efd8e3f5f96d502139741aa8eb27461a4e70ec2948a8c

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:29 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=UTF-8
css2
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/extensions/RepeatedOrderAlert/css/repeated-order-confirmation.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jul 2024 21:39:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jul 2024 22:34:30 GMT
gtm.js
www.googletagmanager.com/
340 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLF7PPH
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fcdefd81e282dc826b49d4b2aab8df5cf723c395a35a6458aebcfb17a672c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100173
x-xss-protection
0
last-modified
Wed, 17 Jul 2024 21:43:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jul 2024 22:34:30 GMT
xclose.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
2 KB
0
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/xclose.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSYaNOce4oqBTc23vjDG%2Bnd6JNjdBITT0U5HL6SEdVtTlGc%2FS2v278S0ogCcyDEgwxyhd5X2aMS1UKnLfJMQxYFYb%2FjTqzV2JSj8xFIiSoS%2BgW09snL0TGmpff4joWT6RIgiM%2FgTjnAZxgLw5byyeJcE2dFGRI8xldun"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323d9a03662-FRA
alt-svc
h3=":443"; ma=86400
content-length
2498
expires
Thu, 17 Jul 2025 22:34:30 GMT
fat-arrow.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/
943 B
1 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/checkout/fat-arrow.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad117ec1bd250d48148c9c14cfaa4491144d54758010a1508fa96a151a9dd80

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gWuDE9gbVgPBNNVHV451RgXqpEdUwAaT%2FtJ4CXPOgGUWh0iBIv0neON8qGPPQbV2DKMTmUBLnZFGgud8o5eoqrmPwndf6hzXgCUZZ%2BR5XKGcD5ERXj2rpIh6oDFWiYrxfUkkh4e6G0YpTek0j%2Fibek5wzrbonVOiYbO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db323f9be3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
943
expires
Thu, 17 Jul 2025 22:34:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:23:09 GMT
x-content-type-options
nosniff
age
141081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22820
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 07:23:09 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v14/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:43:13 GMT
x-content-type-options
nosniff
age
114677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23316
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:23:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 14:43:13 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/checkout/style-checkout.css?v=1518889471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:52:27 GMT
x-content-type-options
nosniff
age
139323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18728
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 07:52:27 GMT
v.gif
dev.visualwebsiteoptimizer.com/
35 B
51 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=51174&d=offer.buysuresleepdirect.com&u=D1BAEADB39C5DD60C5D381CBB2F4C7768&h=b3eb498d22c4227272825e213a2bd136
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:29 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
097f6c701a0e36893dcee29b2e18dd5ad9e4ef3a91bc249a97bb6207cd0cd31f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 17 Jul 2024 22:34:30 GMT
age
832
x-cache
HIT, HIT
content-length
811
x-served-by
cache-lga21929-LGA, cache-fra-eddf8230108-FRA
server
nginx
x-timer
S1721255671.548852,VS0,VE1
etag
"937b8acbd795204d9222c089e3a2807f"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
36, 0
js
www.googletagmanager.com/gtag/
248 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9TNTNW3KZ9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLF7PPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa93d824f1e908497f698391cd4f4dc7d83be06ed83ee5261213b3113df1a793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89807
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jul 2024 22:34:30 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLF7PPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 22:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
323
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Jul 2024 00:29:07 GMT
6gzzp74dle
www.clarity.ms/tag/
638 B
1003 B
Script
General
Full URL
https://www.clarity.ms/tag/6gzzp74dle
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22d655a2e029dd545f53fca7a6809b1a48644a53814c66591ff62b86b2ce66aa

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Wed, 17 Jul 2024 22:34:31 GMT
x-azure-ref
20240717T223430Z-17c86fbf54dnkkjdm5ap313bm400000008kg000000000v4q
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
fender_analytics.f692ee00c71150d7db91.js
static-tracking.klaviyo.com/onsite/js/
31 KB
13 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 17 Jul 2024 22:34:31 GMT
x-amz-request-id
41Y2RTP149KA3F25
age
835
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12748
x-amz-id-2
mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230128-FRA
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"cb6418619f08d5e582cf68f2d2432438"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
10, 453
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Wed, 17 Jul 2024 22:34:31 GMT
x-amz-request-id
F82JVRQFRQE0D0ND
age
835
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1029
x-amz-id-2
XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by
cache-lga21976-LGA, cache-fra-eddf8230128-FRA
last-modified
Wed, 27 Mar 2024 10:30:34 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3169, 472
runtime.7ff3ebc3099743cd438f.js
static.klaviyo.com/onsite/js/
20 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.7ff3ebc3099743cd438f.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20df2c1c2170ba0eb77de27df09eee23ec72623191fb14da51646ec5d0fe1982

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
VoBOz0BOmB0XD6FGKXJy.zNt3Bl6JQ0g
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 17 Jul 2024 22:34:30 GMT
x-amz-request-id
BE7VQ4R20VNKZYAF
age
834
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7697
x-amz-id-2
KTqeMjT3YG0zZijeNMlQ9pd9Qq6dTFAYw9AbjTJ+Ng/Qn5oWN/SBzsWzJNuD9OHVIgTnbnwYIhkcVP7Nn8dTZw==
x-served-by
cache-lga21920-LGA, cache-fra-eddf8230045-FRA
last-modified
Wed, 17 Jul 2024 19:57:18 GMT
server
AmazonS3
etag
"279229b19205851d17c512bf01339b0e"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f1c6516e02f57938c63fa8c4fa01601397355ffd
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
37, 516
sharedUtils.58c71a5d906c1c27c8e6.js
static.klaviyo.com/onsite/js/
48 KB
18 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer
https://offer.buysuresleepdirect.com/
Origin
https://offer.buysuresleepdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Wed, 17 Jul 2024 22:34:30 GMT
x-amz-request-id
FY7ATG7XXCNQ66H2
age
834
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17916
x-amz-id-2
dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU=
x-served-by
cache-lga21941-LGA, cache-fra-eddf8230045-FRA
last-modified
Thu, 27 Jun 2024 09:36:48 GMT
server
AmazonS3
etag
"6cc01be3baf017cfa85878bcac0f9e8f"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
912e2bb7dd18552828727b3c1954397389e047e7
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
425464, 444
destination
www.googletagmanager.com/gtag/
359 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-BFXEWPXKBT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TNTNW3KZ9&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec67a4ccd4a8ff4be95cf5c19fa5f6e4b3c8126dadcff743808b1fe6c48e2d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118546
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jul 2024 22:34:30 GMT
collect
gtm-khd4rlt-owq2o.uc.r.appspot.com/g/
3 KB
2 KB
XHR
General
Full URL
https://gtm-khd4rlt-owq2o.uc.r.appspot.com/g/collect?v=2&tid=G-9TNTNW3KZ9&gtm=45je47f0v9118702274z8859802891za200zb859802891&_p=1721255670359&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1820430497.1721255671&ecid=1854972480&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1721255670359&sst.ude=0&_s=1&sid=1721255670&sct=1&seg=0&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&dt=Sure%20Sleep&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=Checkout%20Page&ep.offer=Sure%20Sleep&ep.gtm_version=GTM-NLF7PPH%3B%2011%3B%20&tfd=2267&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TNTNW3KZ9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b27e024b5125d45bb2443efa3f247b23d262e18d4ce27cba147873d322486f48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/j/
1 B
215 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1577944666&t=event&ni=0&ds=GTM-NLF7PPH%3B%2011%3B%20&_s=1&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&ul=de-de&de=UTF-8&dt=Sure%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Debugging&ea=pageView&el=%7B%22event%22%3A%22pageView%22%2C%22offer%22%3A%22Sure%20Sleep%22%2C%22ua_property%22%3A%22UA-94105246-55%22%2C%22page%22%3A%7B%22type%22%3A%22Checkout%22%2C%22isReload%22%3Afalse%2C%22isExclude%22%3Afalse%7D%2C%22experiment%22%3A%7B%7D%2C%22gtm.uniqueEventId%22%3A1%7D&_u=YADAAUABAAAAACAEK~&jid=148809622&gjid=1570245142&cid=1820430497.1721255671&tid=UA-94105246-10&_gid=334571005.1721255671&_r=1&gtm=45He47f0n81NLF7PPHv859802891za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=1820430497.1721255671&cd2=1721255670890~event~pageView~~1721255669900&npa=1&z=711127243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1577944666&t=event&ni=0&ds=GTM-NLF7PPH%3B%2011%3B%20&_s=1&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&ul=de-de&de=UTF-8&dt=Sure%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Debugging&ea=pageView&el=%7B%22event%22%3A%22pageView%22%2C%22offer%22%3A%22Sure%20Sleep%22%2C%22ua_property%22%3A%22UA-94105246-55%22%2C%22page%22%3A%7B%22type%22%3A%22Checkout%22%2C%22isReload%22%3Afalse%2C%22isExclude%22%3Afalse%7D%2C%22experiment%22%3A%7B%7D%2C%22gtm.uniqueEventId%22%3A1%7D&_u=YADAAUABAAAAACAEK~&jid=148809622&gjid=1570245142&cid=1820430497.1721255671&tid=UA-94105246-28&_gid=334571005.1721255671&_r=1&gtm=45He47f0n81NLF7PPHv859802891za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=1820430497.1721255671&cd2=1721255670890~event~pageView~~1721255669900&npa=1&z=711127243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1577944666&t=pageview&ds=GTM-NLF7PPH%3B%2011%3B%20%3B%2024&_s=1&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&ul=de-de&de=UTF-8&dt=Sure%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAEK~&jid=435727315&gjid=914806772&cid=1820430497.1721255671&tid=UA-94105246-55&_gid=334571005.1721255671&_r=1&gtm=45He47f0n81NLF7PPHv859802891za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=1820430497.1721255671&cd2=1721255670895~pageview~pageView~~1721255669900&cg1=Checkout&cg2=0&cd7=Checkout&cd8=0&cd9=0&cd11=%7B%7D&npa=1&z=1406885422
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1577944666&t=pageview&ds=GTM-NLF7PPH%3B%2011%3B%20%3B%2024&_s=1&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&ul=de-de&de=UTF-8&dt=Sure%20Sleep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAEK~&jid=435727315&gjid=914806772&cid=1820430497.1721255671&tid=UA-94105246-28&_gid=334571005.1721255671&_r=1&gtm=45He47f0n81NLF7PPHv859802891za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&cd1=1820430497.1721255671&cd2=1721255670895~pageview~pageView~~1721255669900&cg1=Checkout&cg2=0&cd7=Checkout&cd8=0&cd9=0&cd11=%7B%7D&npa=1&z=1406885422
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BFXEWPXKBT&gtm=45je47f0v881947278z8859802891za200zb9118702274&_p=1721255670359&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1820430497.1721255671&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721255670&sct=1&seg=0&dl=https%3A%2F%2Foffer.buysuresleepdirect.com%2Foffer%2F1%2Fcheckout-now-v1.php&dt=Sure%20Sleep&en=screen_view&_fv=1&_ss=1&ep.gtm_event=pageView&ep.page_type=Checkout%20Page&ep.page_isReload=false&ep.page_isExclude=false&ep.offer=Sure%20Sleep&ep.gtm_uniqueId=1721255669900.1&ep.gtm_version=GTM-NLF7PPH%3B%2011%3B%20&ep.gtm_template_v=24&ep.gtm_tag_name=GA4%20Event%20-%20screen_view&tfd=2430&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-BFXEWPXKBT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
263 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BFXEWPXKBT&cid=1820430497.1721255671&gtm=45je47f0v881947278z8859802891za200zb9118702274&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-BFXEWPXKBT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BFXEWPXKBT&cid=1820430497.1721255671&gtm=45je47f0v881947278z8859802891za200zb9118702274&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=468835556
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offer.buysuresleepdirect.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/
267 KB
57 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
694bb4ba02cb71253345d3b381688415442de03cf96fff346a02c9e75d8c3d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 17:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57813
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 20:36:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 17:01:05 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/
185 KB
57 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d0f022bdf580179774bc81dddec059afdeaa5733ad5fa5c5b36dd66b85b6b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 17:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57830
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 20:36:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 17:01:05 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/
98 KB
26 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b285c5328b11aafd5fa761154b17f100224f32271da8000fb115290dc081c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 17:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26431
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 20:36:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 17:01:05 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/
47 KB
14 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/9/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273fd2df6b529eafd032f0e410c9018a60fdcd749daf5c667f093482663134c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 17:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
20005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14495
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 20:36:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 17:01:06 GMT
main.js
offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame F277
Redirect Chain
  • https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
8 KB
4 KB
Script
General
Full URL
https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b052517aeb3559d32bd1cc9fb1a3f01d67d2fe91f2ac92ff9dd8dd8c75322fe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKePKGvWjMizwEF3Ek4snxM64F2jv8QXWnDRRAgFKpTwfZCfSUdoYyZwycCfyEzRrzAgvEIyISOJDts%2FgAJB9c6rUuwEVUe0sjuaY6%2Bpd97fGVadQIAx5b7Vz9lU%2BYhj7RXmTahuxg0ipgTwZhFN8lsPy%2FTVHZriiEeP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8a4db328be703662-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 17 Jul 2024 22:34:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSiCnXaTCaj2ijtx8jzz5j642%2Bd7gvHoLlbNtCWCCGkTdSTqj32p7XShm0xWrX%2BIDtCEMx7QmvdaE86xAX2huQ%2FnaNhsm3TXSlHwKziN6aKxJ65H4i4DhsSw6XuRjXi29ccwphqx%2B7d0Ug%2B%2FFx6BXlu0NbKcO8FV5Dby"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
8a4db3287e2b3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
setSessionParams.php
offer.buysuresleepdirect.com/offer/1/
126 B
626 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/setSessionParams.php
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce06221395633baced595a57be2c81fa5214747111532ff753a2cd40ac0b541

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XECjm4oYyoyd0OgbRTu762ZQgKjWau4dux%2BID3yIGPgde0wLqhNGZlCfiRNEYS2WNqPe517CyRx5OIqDinYrkFSD9errCR2umPSWN0fhmNTpvTyOwkFclodq2L0%2F4YqVdaz%2BGMDMtYD05CCOIl27NYFwMQIcyDXd1tjL"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db3288e3a3662-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
setSessionParams.php
offer.buysuresleepdirect.com/offer/1/
126 B
630 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/setSessionParams.php
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce06221395633baced595a57be2c81fa5214747111532ff753a2cd40ac0b541

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4DLjE3tmbUuiSVs%2BM7KSrxbnZ7NPlTLMzfg4vB8VnVt3K2Vmtj3vUUcvdK1glbK%2BCSiNREi%2BBHC4SN2HWIM0OFwS3icXpmVdnKnMdXMCJ0oSKpHNlYBUG%2BIcdl2wZe%2BYE1jL96%2Bx2GA02tmBPJb3Bpd06qmo1HiwFww"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db3288e3e3662-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
get-refresh-token
offer.buysuresleepdirect.com/offer/1/ajax.php/
64 B
587 B
Fetch
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/ajax.php/get-refresh-token
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5770fde0dfa3d7583915b34d2b9657666705ade4a8eb2a50ea66e6899a8c218c

Request headers

Accept
application/json
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=St4eOZZpghGNiYa%2BzXYsUBpEUfKtKji2Av4iaKsB235efGHx56LJS0zAA1FLFhRITSltfDPW%2BlZNmInj0GZ9z0Q87nxptOENawtJtBr%2BNOv7gam%2B%2B%2BLhyW%2BAa0lARr%2BdghztzWVwYKZaiEGALRFueTgtfMyHqVgsLa%2B0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db3288e473662-FRA
alt-svc
h3=":443"; ma=86400
content-length
71
expires
Wed, 11 Jan 1984 05:00:00 GMT
initialize
offer.buysuresleepdirect.com/offer/1/ajax.php/extensions/checktrafficnew/
16 B
551 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/ajax.php/extensions/checktrafficnew/initialize
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHw%2FuR5UESSqoNn6G%2BNY0lUuir%2FVtXtN1%2BNHvMcyQW0DJA7IxhscTsIogD%2FyYssTMVGI6YiMr2Mo1uLLn6P%2BrawDsdxA8WizFiitFgWvOfid6dK9ZakdiKd2T%2BQoybJdp55zE8nz%2Bn97oRHOOTuWV2wp5RrqmEMzPew%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db3288e493662-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
Wed, 11 Jan 1984 05:00:00 GMT
tick-input.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
538 B
1 KB
Image
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/tick-input.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/app2.css?v=14.30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8806fd0b2e8a7d0421894ef684a2f9b629024c6cf29990097bdc040a113c40c8

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/app/desktop/css/app2.css?v=14.30
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUdQsy%2F%2FJhQX1%2FMDIV%2F97cHzkle69vNIWyac4M1ETD%2BpUGZzbV5QH8FZiGYlFnEdU5oxlcsD6eu8Lyb2g5qLLJzKCfBR57Gp8hEx%2BSubEm5TBkrca7ABMIdCFFRQTOmQXf%2BNhLi%2FZxsbpOPczpXQ8beuLTr%2BNITuLWDe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db3289e523662-FRA
alt-svc
h3=":443"; ma=86400
content-length
538
expires
Thu, 17 Jul 2025 22:34:31 GMT
setSessionParams.php
offer.buysuresleepdirect.com/offer/1/
126 B
632 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/setSessionParams.php
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce06221395633baced595a57be2c81fa5214747111532ff753a2cd40ac0b541

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXLnNbB5X4vj8cHvzTeYWoFF3Ne9XIe7BVRnei5fQV4Jdl1%2BEaAmuWxQ8h%2FvkVtNjjYkP%2BNqTzbpctWyd%2BOGo6RWBW8IyMptg9RQugTsJ2V9omzmH8YBmOV8q8JwaTm%2BhnjpS5O8BDPULnRL%2FX1PEVc%2FMYdeU1jW0xnr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db3289e553662-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
8a4db31edcb43662
offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F277
0
715 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a4db31edcb43662
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wjg6ILILLuFAaap6peL6b1YMkUwfTaDfboRHlEBc%2B4Upbmc7Idg9IkzE63J1Q8wjgyW4Uac2CKm6dFrAmNs9kcPZnwrcXwRyEzUB8h%2BX%2B8wAl5Jubtmph60m6SSQwsN8YPUY6p9lyQ6mPsO%2BiUFoFSydiDYU2yNF71M8"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8a4db3297f1c3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/s/
0
55 B
Image
General
Full URL
https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&_gsid=BFXEWPXKBTtLWkXpHxaLe7CYR-p3fbkA
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_set_cookie
gtm-khd4rlt-owq2o.uc.r.appspot.com/
48 B
48 B
Image
General
Full URL
https://gtm-khd4rlt-owq2o.uc.r.appspot.com/_set_cookie?val=PFC1dIDtbYpF7dfZqeIJWXZWJvl%2BKBHFfG2mwmZ5iBwYFBrqakrkqD1p9%2BW0Cj6mbn3ROyDtZn3K3PxwoPLyeJDS%2B3OFaWUhsiG0cGJ2zqQKtP6r8xuj0x8PkRX1Riwdu%2B7pN8Sqp3wTYEaplrdk4JtGCnTP%2FONMkRSRkaSxLVvBWi7GPzRqCJbUV2FIzcaiiWJNM8BGbq%2BHO76SGjtK34gvm5AeHG%2FmejT4WgF9QZI25SJ9f2U%2BSuf0
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
collect
region1.analytics.google.com/g/s/
0
53 B
Image
General
Full URL
https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&_gsid=BFXEWPXKBTdsZZOjPQHIY7TZVpwju5cg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&tid=G-BFXEWPXKBT&cid=1820430497.1721255671&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&aip=1&z=196486315
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
55 B
Image
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&tid=G-BFXEWPXKBT&cid=1820430497.1721255671&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&aip=1
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
0
551 B
Image
General
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&dbk=4926997617032569702&dma=1&dma_cps=syphamo&en=ads_conversion_Checkout_1&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&npa=1&tid=G-BFXEWPXKBT
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x2efa114d566dd7ef","source_keys":["1"]},{"key_piece":"0x513ee752a14e5731","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"4926997617032569702","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["11133577969"],"5":["07-17","07-16","07-15"]}}
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_set_cookie
gtm-khd4rlt-owq2o.uc.r.appspot.com/
48 B
48 B
Image
General
Full URL
https://gtm-khd4rlt-owq2o.uc.r.appspot.com/_set_cookie?val=kP9yUvfECA%2FK%2BEugHioHyjZtHvS4W%2FoXseTRFtFGCYK%2BwJwDatkKz7e9q430r19yW0HofSUi%2F%2FhKZllSgHtbn5E5QlObkpYqqrFD1FCuz7EVC%2FTHW3YFXGnx6AXKCaj5L4cOFuoOXbXhDCN0gHUoFoUXtUwFKA3rh8ynzHgAc%2B65tvpooX2LvvrJIf9BGXKMv6f6c%2FWjmn0f62jGxqdPzJuOjyFpUS0qrvADhfMLS7Q5Kn%2FpgHjD9e59Kefg6ClA%2BdN2WTBhqBCC7bGrC8NvEuBFhxgy5yXQO6pZTsHM
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
collect
region1.analytics.google.com/g/s/
0
53 B
Image
General
Full URL
https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&_gsid=9TNTNW3KZ9IsjEUBZbBcNLNxyFoXovDg
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&tid=G-9TNTNW3KZ9&cid=1820430497.1721255671&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&aip=1&z=637819192
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
44 B
Image
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&tid=G-9TNTNW3KZ9&cid=1820430497.1721255671&gtm=45j91e47g0v9118702274z8859802891z9858053261za200zb859802891&aip=1
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/
2 KB
2 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 17 Jul 2024 22:34:31 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/
3 KB
4 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 17 Jul 2024 22:34:31 GMT
place
offer.buysuresleepdirect.com/offer/1/ajax.php/extensions/checktrafficnew/
0
506 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/ajax.php/extensions/checktrafficnew/place
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vs8oFx1BPSGx1DUW4StkGXOop3FtRDez0pyApGaKYTmDo0d9JBDpropowAYHCzoyVgaQawbv05%2FyJrutBuSvQHoxuy1SxDJqmUhrGhq%2FWM8weB9imCKz9w%2FS4l4eAVVJK2Ghn%2F2%2ByFj%2Bp69VT%2FEpzGRlhILW9F6t4%2BOF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db32bb9493662-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Wed, 11 Jan 1984 05:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6gzzp74dle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240717T223431Z-17c86fbf54dnkkjdm5ap313bm400000008kg000000000v7g
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
461e6d15-601e-0050-1940-d8ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&RedC=c.clarity.ms&MXFR=19ECA2979D0E61520B87B628990E6FAC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&MUID=368BDDB6B9676A5E31D8C909B80C6B88
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&MUID=368BDDB6B9676A5E31D8C909B80C6B88
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 33C7E7181A5E42D7A54B7BBCC3760AB7 Ref B: FRAEDGE1617 Ref C: 2024-07-17T22:34:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EB95BBE5EB034C8DA441DD5E06EB3CF7&MUID=368BDDB6B9676A5E31D8C909B80C6B88
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
conversion
www.mxj5trk.com/sdk/
0
0
Fetch
General
Full URL
https://www.mxj5trk.com/sdk/conversion?effp=6090e92b2c6e73b0a959afb728b455ef&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&transaction_id=&aid=503&adv_event_id=1&event_source_url=offer.buysuresleepdirect.com
Requested by
Host: www.mxj5trk.com
URL: https://www.mxj5trk.com/scripts/sdk/everflow.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.205.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.205.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
application/json
Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:31 GMT
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
access-control-allow-origin
https://offer.buysuresleepdirect.com
access-control-allow-credentials
true
x-eflow-request-id
54653dc3-158f-4e00-ab5e-ef71b70e1c12
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://offer.buysuresleepdirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
2 KB
2 KB
Other
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb308e21482e3487b2734acf21dba42b88a3a859f0ca3627751f72ca728443b8

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:32 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YvkdbYAo5MjeoGD4%2BjK4sOsCCXeF4o%2BVw92370TM%2BURg%2B9WJx%2B4zXMW4Rw%2BvGwStt58Rsxcbcd3zZGxLH6W0AfvyANXr%2BEWyUnPWKD8FJzeW0fCiipQrnlizoQGUPuO4Kz6WYzDW7SwSmXBPS4pJb5%2B6uh%2FSd%2FgZTPU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db32daae73662-FRA
alt-svc
h3=":443"; ma=86400
content-length
1701
expires
Thu, 17 Jul 2025 22:34:32 GMT
collect
p.clarity.ms/
34 B
398 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
43378b030a7ae4837077c15e4ffef90699bc25b1d125935c8fa9c5dfb735c5a6

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 22:34:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://offer.buysuresleepdirect.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
setSessionParams.php
offer.buysuresleepdirect.com/offer/1/
62 B
590 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/setSessionParams.php
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9b873c7f3f697ecca06cbe15ddbed0af6c8be0154be1fdb03a5242a69c4ece

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irwN7WrHTPpo2eH3BVQZjcASZrmtOejxyGVKDwA45vACtK4jse9Q%2F%2B%2Bv0pfSCLUYxAoOXZYmFHiFQVJyzo0czexddkBtvY40Dt4xD6RjxQ8n0xfnflY706KnR2hR8nv6dQ1KJbsBOYGyUDB3Mm%2B0cN8fxW5hzhUJvhIj"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db32e4b7b3662-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
setSessionParams.php
offer.buysuresleepdirect.com/offer/1/
126 B
634 B
XHR
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/setSessionParams.php
Requested by
Host: offer.buysuresleepdirect.com
URL: https://offer.buysuresleepdirect.com/offer/1/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce06221395633baced595a57be2c81fa5214747111532ff753a2cd40ac0b541

Request headers

Accept
*/*
Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 22:34:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prdddMW%2FZjCEtXhcoNoVskQ4IisiZyHc%2BiLdDCaAWFNvYR3ht%2F1zADHzsr37RWI7gFcOgPFuOoaPiC%2B%2FvPL5XBqF%2Bk0pkf%2B%2BMsv0jGUa4QECpAjKJHLJa4E6zk3rbDxbRGDHx9HQmV0txZHcTqCMI6B3JEZ4XDKskxDA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8a4db32e6ba03662-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
favicon.png
offer.buysuresleepdirect.com/offer/1/app/desktop/images/
2 KB
2 KB
Other
General
Full URL
https://offer.buysuresleepdirect.com/offer/1/app/desktop/images/favicon.png?v=1596762634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb308e21482e3487b2734acf21dba42b88a3a859f0ca3627751f72ca728443b8

Request headers

Referer
https://offer.buysuresleepdirect.com/offer/1/checkout-now-v1.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 22:34:32 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 07:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05KV%2BTmcpKQl6Upo%2FXt%2FkMTvE7VMsy3WObKRO3byTHmsTCaYUR5Wuy3ERkpGIngB1tEAXnR54xaxypi%2B6YLW00SsRV%2FoRziU4hcZteUYvPX9my32USyv%2BdMRWk3kLjMC4SevTKD3PVUGu3t%2BUC9FElBEeB%2FLzV1dJhJf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8a4db32facdb3662-FRA
alt-svc
h3=":443"; ma=86400
content-length
1701
expires
Thu, 17 Jul 2025 22:34:32 GMT
collect
p.clarity.ms/
0
292 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://offer.buysuresleepdirect.com
Date
Wed, 17 Jul 2024 22:34:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
p.clarity.ms/
0
292 B
XHR
General
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://offer.buysuresleepdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://offer.buysuresleepdirect.com
Date
Wed, 17 Jul 2024 22:34:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _vwo_cookieDomain object| _VWO string| _vwo_mt object| VWO number| _vwo_acc_id object| google_tag_manager object| google_tag_data object| dataLayer object| EF object| vwo_iehack_queue function| $ function| jQuery string| GoogleAnalyticsObject function| ga function| clarity object| _learnq string| __klKey object| gaGlobal object| gaplugins object| gaData function| _UA-94105246-28_originalSendTask object| webpackChunk_klaviyo_onsite_modules function| onYouTubeIframeAPIReady object| regeneratorRuntime object| math string| AJAX_PATH object| app_config object| app_lang object| validator_data object| cbUtilConfig object| validator object| cb object| FwUtils number| cSpeed number| cWidth number| cHeight number| cTotalFrames number| cFrameWidth string| cImageSrc function| startAnimation function| continueAnimation function| stopAnimation function| imageLoader function| openNewWindow function| openWindow function| queryString function| asyncProspect object| AppHelpers object| appLocation function| xverifyCustomHtml function| getClientId function| setClientId function| addCsrfTokenToForm function| ouibounce string| errorClass string| validClass object| country object| zipSelector string| restricted_countries string| dev_mode object| addressFinder object| addressSelect object| candidateStates function| stateFilter function| checkMasking function| fillInAddress function| arrangeAddress function| attachListener function| gm_authFailure number| step string| firstProductTotalValue string| secondProductTotalValue string| thirdProductTotalValue string| fourthProductTotalValue string| fifthProductTotalValue string| discountTimes string| fl function| leaveFromTop function| leaveFromTop1 function| startTimer function| checkSecond function| innerButton_discount function| updateProductPrice function| getShippingPrice function| showPriceCheckout function| product_selection function| validateCoupon function| enableSplitCampaigns function| disableSplitCampaigns object| firstArray object| lastArray object| locationArray function| setSessionParams object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| _klOnsite object| klaviyo object| __e3_

19 Cookies

Domain/Path Name / Value
offer.buysuresleepdirect.com/offer/1/ Name: PHPSESSID
Value: 1beaf9c77243ed5d9eb7efe6d60ea6be
.offer.buysuresleepdirect.com/ Name: _vwo_uuid_v2
Value: D1BAEADB39C5DD60C5D381CBB2F4C7768|b3eb498d22c4227272825e213a2bd136
.buysuresleepdirect.com/ Name: _ga_9TNTNW3KZ9
Value: GS1.1.1721255670.1.0.1721255670.0.0.1854972480
.buysuresleepdirect.com/ Name: _gid
Value: GA1.2.334571005.1721255671
.buysuresleepdirect.com/ Name: _gat_UA-94105246-10
Value: 1
.buysuresleepdirect.com/ Name: _gat_UA-94105246-55
Value: 1
offer.buysuresleepdirect.com/ Name: __kla_id
Value: eyJjaWQiOiJOV05qTWpRME9Ua3ROVEJqTWkwMFl6RmxMV0V5TkRZdE16VXpNVGhrWkRBMlltRTAiLCIkcmVmZXJyZXIiOnsidHMiOjE3MjEyNTU2NzEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmZXIuYnV5c3VyZXNsZWVwZGlyZWN0LmNvbS9vZmZlci8xL2NoZWNrb3V0LW5vdy12MS5waHAifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MjEyNTU2NzEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmZXIuYnV5c3VyZXNsZWVwZGlyZWN0LmNvbS9vZmZlci8xL2NoZWNrb3V0LW5vdy12MS5waHAifX0=
.region1.google-analytics.com/ Name: ar_debug
Value: 1
.buysuresleepdirect.com/ Name: cf_clearance
Value: KM0oDfrKZwiCPQDndhTDTCduXGULH7M6sPhd_jX9ta0-1721255671-1.0.1.1-6Aq2Oryy4Nqt3dBlE3ZVo1FIGOghyegFqweRHmXD72lMW4lfYN7z9cD0MIr2YjNmO9qLmZdfhijusMLF1YU7Tw
www.clarity.ms/ Name: CLID
Value: cbe51a9d61414acfb0e4a5a4adec3f05.20240717.20250717
.buysuresleepdirect.com/ Name: _ga
Value: GA1.2.1820430497.1721255671
.buysuresleepdirect.com/ Name: _ga_BFXEWPXKBT
Value: GS1.1.1721255670.1.0.1721255671.59.0.0
.bing.com/ Name: MUID
Value: 368BDDB6B9676A5E31D8C909B80C6B88
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 368BDDB6B9676A5E31D8C909B80C6B88
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 368BDDB6B9676A5E31D8C909B80C6B88
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buysuresleepdirect.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
code.jquery.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
gtm-khd4rlt-owq2o.uc.r.appspot.com
holidayofferbadges.s3.amazonaws.com
maps.googleapis.com
maps.gstatic.com
offer.buysuresleepdirect.com
p.clarity.ms
region1.analytics.google.com
region1.google-analytics.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
www.buysuresleepdirect.com
www.clarity.ms
www.google-analytics.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.mxj5trk.com
13.74.129.1
151.101.66.133
20.122.63.128
2001:4860:4802:34::36
2606:4700:3031::6815:132c
2606:4700:3031::ac43:b937
2606:4700::6812:bb1f
2620:1ec:bdf::42
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2014
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a04:4e42:600::649
34.117.205.107
34.96.102.137
52.216.211.233
06ea8235348eff3bcd2d88daedc709f1aae822b21ce392124e25f5d29de98e3d
097f6c701a0e36893dcee29b2e18dd5ad9e4ef3a91bc249a97bb6207cd0cd31f
0b285c5328b11aafd5fa761154b17f100224f32271da8000fb115290dc081c74
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
133f42d8a5e6234a3cadc33decb3b2289bae46acde3503cb2bce0ec6396fb8d4
13b017fc90dd71504dbd2e3fbcd45a2fd8b62c4f1de7bcaeb89d096a7e653775
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
185dea2f3c9d81a1e8cdf9d66c03ed55985422fdb39cc8047ecb6e7d73c947d2
1ad117ec1bd250d48148c9c14cfaa4491144d54758010a1508fa96a151a9dd80
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c44b88db5db6a8703473488721f477e4e4e5f9d92b9701c8dfed55b4b9c7783
1e528b84ff29b9f80f3ed6f6e1c52c3d106c6140bf9593881f70105e83a2d17f
20df2c1c2170ba0eb77de27df09eee23ec72623191fb14da51646ec5d0fe1982
22d655a2e029dd545f53fca7a6809b1a48644a53814c66591ff62b86b2ce66aa
273fd2df6b529eafd032f0e410c9018a60fdcd749daf5c667f093482663134c9
2c1d5359a11186bfb777678154f4aec747069f6f393a9f911f0c17b9093abd37
314b074d0362794037beb8b4d12d2493de3cf35848391a80bfe5ff55ee8b0844
330db7a50d1ae42872a38200a500f85fbf3c3667d1c93a8856db0c0abe8339fe
38cd30cd6d72b4cd4075c9a82dbe5a8f185590b440fc658e9b4c82419f6997f7
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
43378b030a7ae4837077c15e4ffef90699bc25b1d125935c8fa9c5dfb735c5a6
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
4d0f022bdf580179774bc81dddec059afdeaa5733ad5fa5c5b36dd66b85b6b18
4e74d51df9e880731f844687b2799027b532dc2db6049fdd479ec3f14a37223b
5770fde0dfa3d7583915b34d2b9657666705ade4a8eb2a50ea66e6899a8c218c
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5d901648ffe973792ea60cfafba50cf65506d8f4cdb7f2d3a11e937ae8388ba7
5e2975080484cbd155df2640cf883b661d04c8d800b73d763d493445640326cb
694bb4ba02cb71253345d3b381688415442de03cf96fff346a02c9e75d8c3d0f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8e591e72a475eda9a69cd2b2bd43858c341ce1c4549cad54a09a4be6307be1
70f14539548f3043f1c3697f01f9f8089e228529131981178abcab281dd4a4f0
7ce06221395633baced595a57be2c81fa5214747111532ff753a2cd40ac0b541
7d6f52a1706467f18d442698e791700e696b1be1791f965cb2d69ea481a2b6f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84391e5ccc6f7d4428436dfcd1c06b5fead9af983c20f5282d22731abdc87e78
8601d42320b8c420d6f2c88e8f1f9495e04dedb281ef5455247b9635b42e3e50
8806fd0b2e8a7d0421894ef684a2f9b629024c6cf29990097bdc040a113c40c8
8d226a3b601fd2897a54f3506204fc027fab10d7db4e5c7e94d848284af49a07
8ef95a4f3669c8d75c88a9ccc6fce6ae63e80e3a643fc76ca3ed7b8c594e39c0
95c79579693edffe7706792734b37750df66eb7c661da88323c3b2ea711a826b
9794a946016559d35a2ace8bf934df7ff524db1d1132c5e68c53ca102989ea97
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fcdefd81e282dc826b49d4b2aab8df5cf723c395a35a6458aebcfb17a672c14
a1c567765edf6f5abb1392849cba0ee33ac2ca61fba64ed0756ecda942a5f7cf
a7116e321dfee87ef3884823c24378895819f27c0f0dd576c50156b6cfc9729c
aa93d824f1e908497f698391cd4f4dc7d83be06ed83ee5261213b3113df1a793
b052517aeb3559d32bd1cc9fb1a3f01d67d2fe91f2ac92ff9dd8dd8c75322fe6
b149731c8be228d34b7048030754b754d845036f78aea451868d6d49303d902f
b27e024b5125d45bb2443efa3f247b23d262e18d4ce27cba147873d322486f48
b831a157e77e203df373404b01973e0a9ac5e5bc328d0fbc21e01472db83f181
bb308e21482e3487b2734acf21dba42b88a3a859f0ca3627751f72ca728443b8
bde31bb69536c37fece6bcb15953427374042d0f1211dbfcadcdca48a8a88d0f
bf30cb0a92a77230578efd8e3f5f96d502139741aa8eb27461a4e70ec2948a8c
bfd01e33266af298471c1e7a6e7b02d122a766e4797024cf4023a7b521a78fec
c75f9edc24359709539b2eb498647616fac90721780edc8328c4d031918a7b43
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49110983de7dac03e408d58f8118433d6940de31bfdcc86b154e5ce19250fce
e57f728bf72bd9b5e7d855e59c8f6a62fab89b200d91586ae68b3afe2f10f533
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
ea9b873c7f3f697ecca06cbe15ddbed0af6c8be0154be1fdb03a5242a69c4ece
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
ebf14d599e60ea7b541e80ce86bda9bdc1f5fac6a71c5941652868471d105084
ec67a4ccd4a8ff4be95cf5c19fa5f6e4b3c8126dadcff743808b1fe6c48e2d53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d0dcceefcc36ebd3aaacace50e579cfdd02f1f934ee7daccb7b4443f628ebb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc1737b0ee880c47fe84c0681893d3a08f2ad9179c10fd396523b4a7c7c79b35