r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8081
Expires: Sat, 04 Feb 2023 00:58:57 GMT
Date: Fri, 03 Feb 2023 22:44:16 GMT
Connection: keep-alive
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
23.227.38.32302 Found 0 B URL HTTP/1.1 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
IP 23.227.38.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 03 Feb 2023 22:44:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 108
X-Sorting-Hat-ShopId: 7408320621
X-Frame-Options: DENY
Location: https://orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
X-Shopify-Stage: production
Content-Security-Policy: frame-ancestors 'none'; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=55b7a00e-b373-4683-a2ae-5ebced0bb57c
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=55b7a00e-b373-4683-a2ae-5ebced0bb57c
X-Dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
X-Request-ID: 55b7a00e-b373-4683-a2ae-5ebced0bb57c
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr52aKDFs6HmskwLQuHBSxmXGQ3jy8fioL5vDraSY8mSUW5cmUO0lmr8IucI1XYvMq9hzZnIKpB04t0J2rf9jgl%2FlGoodycoik%2FYib5yMv0A%2FPaV%2FcJjrTJw%2Ft4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: cfRequestDuration;dur=275.999784
Server: cloudflare
CF-RAY: 793eb0b378be0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6526
Expires: Sat, 04 Feb 2023 00:33:02 GMT
Date: Fri, 03 Feb 2023 22:44:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7406
Expires: Sat, 04 Feb 2023 00:47:42 GMT
Date: Fri, 03 Feb 2023 22:44:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 22:43:35 GMT
content-type: application/json
age: 41
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n1fiv5DNSmYGwCzwnmdqruF13JaC/Nwoi8BpQlrwYRkC4th6sLfKrVj843nQ1LOfx0nZfQtmS0M=
x-amz-request-id: 8N0NPM8GYC674C21
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 21:52:34 GMT
age: 3102
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1058a1d834cb9da5466848681475d76b
1b6bf1c007c1e8a854631930805fe7c71db184c4
54b161a66eb0f8f8519096d66ce6457977bf392ec7d5dbc0163f39e930d9eb8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54B161A66EB0F8F8519096D66CE6457977BF392EC7D5DBC0163F39E930D9EB8F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12205
Expires: Sat, 04 Feb 2023 02:07:41 GMT
Date: Fri, 03 Feb 2023 22:44:16 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 22:44:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 21:49:06 GMT
age: 3311
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1058a1d834cb9da5466848681475d76b
1b6bf1c007c1e8a854631930805fe7c71db184c4
54b161a66eb0f8f8519096d66ce6457977bf392ec7d5dbc0163f39e930d9eb8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54B161A66EB0F8F8519096D66CE6457977BF392EC7D5DBC0163F39E930D9EB8F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12204
Expires: Sat, 04 Feb 2023 02:07:41 GMT
Date: Fri, 03 Feb 2023 22:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13598
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Fri, 03 Feb 2023 22:44:17 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.126.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.126.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fFnEqqBmUQKPTRZn97F3Xw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zYwdK0bOD2g1m8/JBivNEA/K9xU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8ab867e6005f1cd323eae9f98fed36f
a9b6fc6d69ddc6c3abddc06eb395becf1350ba5e
8763c06fd7ef48de71c0594d782aad17845ddf264d4f01c93a379072f2f78cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8763C06FD7EF48DE71C0594D782AAD17845DDF264D4F01C93A379072F2F78CD5"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Sat, 04 Feb 2023 00:33:18 GMT
Date: Fri, 03 Feb 2023 22:44:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8ab867e6005f1cd323eae9f98fed36f
a9b6fc6d69ddc6c3abddc06eb395becf1350ba5e
8763c06fd7ef48de71c0594d782aad17845ddf264d4f01c93a379072f2f78cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8763C06FD7EF48DE71C0594D782AAD17845DDF264D4F01C93A379072F2F78CD5"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Sat, 04 Feb 2023 00:33:18 GMT
Date: Fri, 03 Feb 2023 22:44:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8ab867e6005f1cd323eae9f98fed36f
a9b6fc6d69ddc6c3abddc06eb395becf1350ba5e
8763c06fd7ef48de71c0594d782aad17845ddf264d4f01c93a379072f2f78cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8763C06FD7EF48DE71C0594D782AAD17845DDF264D4F01C93A379072F2F78CD5"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Sat, 04 Feb 2023 00:33:18 GMT
Date: Fri, 03 Feb 2023 22:44:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8ab867e6005f1cd323eae9f98fed36f
a9b6fc6d69ddc6c3abddc06eb395becf1350ba5e
8763c06fd7ef48de71c0594d782aad17845ddf264d4f01c93a379072f2f78cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8763C06FD7EF48DE71C0594D782AAD17845DDF264D4F01C93A379072F2F78CD5"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Sat, 04 Feb 2023 00:33:18 GMT
Date: Fri, 03 Feb 2023 22:44:18 GMT
Connection: keep-alive
static.powerreviews.com/t/v1/tracker.js
54.230.111.7200 OK 6.0 kB URL HTTP/2 static.powerreviews.com/t/v1/tracker.js
IP 54.230.111.7:0
File type ASCII text, with very long lines (5947)
Hash c0deab05495c8a78ef78f324d98ba1a4
1732183de9eb9aec6aef289431c5a627b3fdff3e
5255f7027f727c5ed1d5c7c00a0528106458b6354ae9000b8f3c9ecc48e9e83a
GET /t/v1/tracker.js HTTP/1.1
Host: static.powerreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 6019
last-modified: Mon, 02 Nov 2020 17:13:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 16:45:48 GMT
etag: "c0deab05495c8a78ef78f324d98ba1a4"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rYFfY1W0BKM78fasr67k2es0YgpNEPQuwOjDT5CUpPOeM4cWYR3Kdw==
age: 21588
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8ab867e6005f1cd323eae9f98fed36f
a9b6fc6d69ddc6c3abddc06eb395becf1350ba5e
8763c06fd7ef48de71c0594d782aad17845ddf264d4f01c93a379072f2f78cd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8763C06FD7EF48DE71C0594D782AAD17845DDF264D4F01C93A379072F2F78CD5"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Sat, 04 Feb 2023 00:33:18 GMT
Date: Fri, 03 Feb 2023 22:44:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 80955a9b5aee1b017cac09fb3e64b263
8a9458a8c6f5c2cde004c94714af7c669384e602
4564b96af8c913d04172d8bde12f89c9b8a44076223173715b3b465ed62db1a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 500
Cache-Control: max-age=131076
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Etag: "63dce952-117"
Expires: Sun, 05 Feb 2023 11:08:54 GMT
Last-Modified: Fri, 03 Feb 2023 11:00:34 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 20:04:17 GMT
expires: Tue, 30 Jan 2024 20:04:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 355201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-789606081
172.217.21.168200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-789606081
IP 172.217.21.168:0
File type ASCII text, with very long lines (6669)
Hash d76f4bbb476dbee7564870e2adbcd0a7
bc3dd7f20cc282dfc1e89d2c65b0420ad04e41d3
bc2d07e47f2e620c17bffb0a0e740c7bfb3084fb50948b10c489cec7ab3092ec
GET /gtag/js?id=AW-789606081 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 22:44:18 GMT
expires: Fri, 03 Feb 2023 22:44:18 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61438
23.227.60.200200 OK 8.9 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61438
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01ae3cc767d6be4669764a4fe026f475
05762680ce4adec58b02e30c9af562d0aa51de19
e6fecfb0d33247324f5cc530fc99cdb21ae64e045c5f4b65917b24724a2bd543
GET /s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61438 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: image/webp
content-length: 8908
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png>; rel="canonical"
source-length: 27520
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 3246d9ad-5f7f-478d-81a7-a5ad541dd354
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Thu, 02 Feb 2023 19:51:15 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FnqnhraToF3lePIK7wjlPA9dwyjgY6Sp%2FQaPPCIPXM%2BrYCKbhxgfpFB2psHqiRX1S%2BjYsi3JvUu7RtMcuq8rGhWs0TuMyG%2FodJBkuhoCQYaLxmta4J1qrK37iBKfspQJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=434.841, imageryFetch;dur=75.177, imageryProcess;dur=358.055;desc="image", cfRequestDuration;dur=144.000053
server: cloudflare
cf-ray: 793eb0bd9c14b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553
23.227.60.200200 OK 3.2 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7edfec583a6a7aef5ee46e2852e1a4ae
d695439d6922a45056499ed58d0e81c119266f3c
9e36c65d7226a73855c14aabbfa2e8c8cb3e57ac6e02888a254d3d7842ebb7d9
GET /s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: image/webp
content-length: 3164
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 52a446c0-e2a3-4f8a-ae58-4f494fb9fd44
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 12 Sep 2022 14:32:12 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFHJgIUCl6ZBev8smgXcyqNqeYeI5q0tE%2FIr6ZPEzkL1qv8uzfU1iBIrisIkGrzCEh%2BrbEPM70zFOEUyRxq7vUI5jSkIYVtU%2BYSF7tTEGNGPJaax7D9lu%2FKvj%2FsLyWYRLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=176.843, imageryFetch;dur=45.209, imageryProcess;dur=130.508;desc="image", cfRequestDuration;dur=135.999918
server: cloudflare
cf-ray: 793eb0bdac1cb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904
23.227.60.200200 OK 3.6 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 35524ac6a4201bd41d8fb6f258f366c6
8af69206156ca181c0065bccd3b3b3295a869576
bd35244050328ca76b35f7d17240b5105ed2588cd4a9d30e6bf78b49074f3341
GET /s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: image/avif
content-length: 3572
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg>; rel="canonical"
source-length: 58193
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 2e23a121-b65e-4dad-8afb-b39037051fcf
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 19 Oct 2022 21:20:38 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXhba8ZEU7nTf0IlxizqbFYxbC993vXEzNJKD45gCDW0teijI%2FQGXCpXgqEJxrMTlTHiFOaREEX338uNvrHH2elcs5CSAiLoaYykrwoBneU3Umte4wQ1wS%2BamgZ3lqt0SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=166.777, imageryFetch;dur=47.973, imageryProcess;dur=117.775;desc="image", cfRequestDuration;dur=141.000032
server: cloudflare
cf-ray: 793eb0bdac19b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 80955a9b5aee1b017cac09fb3e64b263
8a9458a8c6f5c2cde004c94714af7c669384e602
4564b96af8c913d04172d8bde12f89c9b8a44076223173715b3b465ed62db1a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 500
Cache-Control: max-age=131076
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:18 GMT
Etag: "63dce952-117"
Expires: Sun, 05 Feb 2023 11:08:54 GMT
Last-Modified: Fri, 03 Feb 2023 11:00:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13644
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 22:44:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13644
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 22:44:19 GMT
Connection: keep-alive
tinyurl.com/hgdsuhu
104.20.139.65301 Moved Permanently 1.0 kB IP 104.20.139.65:0
Hash 06c4dd7510462124dc86d74fe8102298
72cacb02f2d0e4bff9e4ea121b37f0588e1a3384
0a275b80184b8513b99627f871548a2efc08777290c93c0af6bdb446a8ce65bd
GET /hgdsuhu HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/html; charset=UTF-8
location: https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-tinyurl-redirect: eyJpdiI6ImtWeS9veEp1NityelBpbmxQR2tiRXc9PSIsInZhbHVlIjoib0NDUmpZT3FhYWNSd3dnbUNXVityVll6bnEvNnBVdG5jY2dKV2lMVmRaUlM0SVMxSkF4NUY1dGlCT1ltTW1XViIsIm1hYyI6ImI2OWU5ODkzZjExMGY0ZDlhMjBkMmE2MmU0Yjg0MTM1NGQ0NjY5MzUxMTViMDk4NzlhZTlmYmVlZTVhNWJhNTYiLCJ0YWciOiIifQ==
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793eb0be0b8bb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 3433
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i7ZNMlYetTGgoM0beS97MTxveM1H7CI4JdAvPhYdqe9pyCCQugjgNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:58:58 GMT
age: 2721
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 2338
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/cj-event-storage.js?v=179835027038517210171675276414
23.227.60.200200 OK 5.9 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/cj-event-storage.js?v=179835027038517210171675276414
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1441)
Hash 54e805688ce4a008620fb80cb19e719a
19f7f47479496fba65ea6a6fdcc1dfbd77edce30
2bd8958ecd99811af6dc0033829140098334d693709af9b9c45f4e56e97831b8
GET /s/files/1/0074/0832/0621/t/680/assets/cj-event-storage.js?v=179835027038517210171675276414 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/cj-event-storage.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 3eb530db-109f-43a7-8517-f45a0d128a7b
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 01 Feb 2023 18:33:39 GMT
cf-cache-status: HIT
age: 109466
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEYqNI4hYEHy7W3pXJwxe%2BqyVOLqA%2BDwzZKhRwUDcGq4hF%2FQ2PJJu82ZpQgRMhajUiG24vwkIStKJrA6Yw%2B97qK0r6gLs8wBumRvaZ6ymD2pelwgIQpyHXskPcWt%2BD7VGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=71.805, imageryFetch;dur=70.417, cfRequestDuration;dur=15.999794
server: cloudflare
cf-ray: 793eb0bdbc1eb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/seed-checkout.scss.css?v=105645148385689886621675276414
23.227.60.200200 OK 15 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/seed-checkout.scss.css?v=105645148385689886621675276414
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (8495)
Hash 161cb95af8fd9f63bc1ae882bfbca105
0ab488883a6baa9389d99be3fe8529e75f974a5a
014099ff9f723c36b3da69f73405186fbb9b6cab51427c72d7a5742bb8a509bc
GET /s/files/1/0074/0832/0621/t/680/assets/seed-checkout.scss.css?v=105645148385689886621675276414 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/seed-checkout.scss.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 7da0a2f5-b7c6-40a4-b867-5650fd617d57
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Fri, 03 Feb 2023 16:32:47 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4V9tofJZyD%2Fftjx%2Br%2BuDybRZO63n5NqcNm%2BnlFFtUVtbXkn47Cqq9UYHMGByQK0TB7yjjfXeHd4jLT1j227MIGGXT%2FBjRFliztcNmTLNlzqMclmtSWGTjG17zCn76gBeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=492.539, imageryFetch;dur=56.908, imageryProcess;dur=433.657;desc="scss", cfRequestDuration;dur=132.999897
server: cloudflare
cf-ray: 793eb0bdbc20b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: 5ae7dc8b-55a8-4500-84ef-938727459c1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqHskoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-662f24ed24651faa2323de32;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mk-qCGW538M5F88fom6XC1UmuzHd7qqEDUQQBdu-tVFn7-I4r547sg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:42:12 GMT
age: 127
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d56cc20a486b3fe903651e7163685b2a
083eb0c809c2a279d21de7c6cef478b2d15263c1
0718d926a3777482979ca7ded52ee8bd042ef1f1880d2ede71e1a39f26766327
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162951
Date: Fri, 03 Feb 2023 22:44:19 GMT
Etag: "63dd5714-1d7"
Expires: Sun, 05 Feb 2023 20:00:10 GMT
Last-Modified: Fri, 03 Feb 2023 18:48:52 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cstH_9Z2AZoGB_rl976dKIH4YFSy0nny1xklDiVmgwYaNIF2GS2H4Q==
Age: 4278
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Regular.woff2
23.227.60.200200 OK 66 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Regular.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 65452, version 1.0\012- data
Hash d680a3ff3d0ce7330d40140203167fab
8cb74a330189cb6bf98fe15df3e841be9721ddb3
3a437ad0a2cc9a04a80487854fa6d261dfa6f663679e54a482f2e320809a147b
GET /s/files/1/0074/0832/0621/t/680/assets/Montserrat-Regular.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: font/woff2
content-length: 65452
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Regular.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 8671b820-1ab6-41e6-a510-14df1b04c8ef
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Thu, 02 Feb 2023 00:27:16 GMT
cf-cache-status: HIT
age: 109467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmyFSshnvOt5NrjNdzynvj5%2BZ5vvbjzE9Uc1BlLKyfDMVORG6JGaoMkBMcBrwlycjtyzEky%2BhKPCUQJ1ylzpg0umNJ%2BaHqwGE6j7YAmnbLw%2BSc2UTrO1iaxl6spmyl2Jcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=41.715, imageryFetch;dur=41.386, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 793eb0c54daf1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
52.92.209.200200 OK 25 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
IP 52.92.209.200:0
File type Unicode text, UTF-8 text, with very long lines (25227), with no line terminators
Hash 0d51680ab40fc2723ae3d1e45d529ef0
19cf347edad08092a172d89d5ac8c92152ee75bf
4d6e15d127b3b757f32d084b2243cc8cb150a67fc91b0f8f9c81d914adbdfe56
GET /addressvalidator/pobox_checker.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xfD3DsGY+ZeCZ4JBcL+A/1hVhwg71CnSaVAuDeel4RuixT7lrVOjIpj0xJe2f2SfzlYWYTCLfFo=
x-amz-request-id: NM933WV0PHVZRVNB
Date: Fri, 03 Feb 2023 22:44:20 GMT
Last-Modified: Fri, 27 Jan 2023 23:34:39 GMT
ETag: "0d51680ab40fc2723ae3d1e45d529ef0"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 25229
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-ExtraBold.woff2
23.227.60.200200 OK 65 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-ExtraBold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 64840, version 1.0\012- data
Hash f9420e120975e1a1d06483500719405b
8d21b906e9337b7d6df7df63bc07c08c664c29b7
9cbffd7dc1b087e6a41a322b695e901ae495ee9a9ace1a518873508bd171d3dd
GET /s/files/1/0074/0832/0621/t/680/assets/Montserrat-ExtraBold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: font/woff2
content-length: 64840
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-ExtraBold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 50b1085c-8b3d-4b55-94ab-9a15c4ef5dcb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
last-modified: Thu, 02 Feb 2023 00:27:16 GMT
cf-cache-status: HIT
age: 95746
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsDn7f7VG0IJ8iCeymw3W8oVp17J3RoeRgH3%2FT5XBsOVuXcFvgh9st%2Bg0azO0h5Cco2dclSgymns8j8BRb0U0eY9qBdf7KzDDsZSjt6GWVfbqud7QJ0jD69SBbMArpuOcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=72.475, imageryFetch;dur=72.196, cfRequestDuration;dur=9.000063
server: cloudflare
cf-ray: 793eb0c75f571bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Medium.woff2
23.227.60.200200 OK 90 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Medium.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 620b5db1d2c6a08593e648439e7948d4
9177f557cf56c92d9537e4153a892e1039fa4f65
40a1daec3623b391522a67e9a175329a42e80dac63b690b28aa768020292bf4e
GET /s/files/1/0074/0832/0621/t/680/assets/Montserrat-Medium.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: font/woff2
content-length: 65640
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Medium.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5eb47aa5-9114-4017-a432-fa9f3e9ad09f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Thu, 02 Feb 2023 00:27:16 GMT
cf-cache-status: HIT
age: 109467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqH%2FerIy7usIBX6YzfZeK%2BE46DY3GxTMtajzYCrFtIydR0iwLfUNnZc%2Bq5EK4fSn4MoNI4tJQ2IPn%2FZ2Wtc2LwOc5RYeil7x4%2FxqzPb5QVM6mtKSRup%2BeS9NxAyCMrpblA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=22.394, imageryFetch;dur=22.165, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 793eb0c75f5b1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-SemiBold.woff2
23.227.60.200200 OK 68 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-SemiBold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash bece03cbecaf2396d6301479a21fc910
a9e34ed714e37d7ce68eea4dfee5e62cd083dcc3
b1fc13543e7d2bae6ae9911d7231db23075c80d287ff17f52d935f02f44c87df
GET /s/files/1/0074/0832/0621/t/680/assets/Montserrat-SemiBold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: font/woff2
content-length: 65500
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-SemiBold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 7f5ffb34-1492-4347-8451-d5e910ac1112
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Thu, 02 Feb 2023 00:27:16 GMT
cf-cache-status: HIT
age: 109467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YuKnmAyS6wvvxw2uXd810XgqlE0wy2GAx%2B6wfiQy3wZ%2F7jRlrEqsRlXZrBoSDGrVL%2FcD6MFNY%2B4QAbmdNnAVRah5Ew%2FvjPCf2JeQG0fXZU8oEAhLeRl9tZNgda4cnRTzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=30.600, imageryFetch;dur=30.292, cfRequestDuration;dur=9.000063
server: cloudflare
cf-ray: 793eb0c76f5f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Bold.woff2
23.227.60.200200 OK 65 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Bold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 65396, version 1.0\012- data
Hash 8d6d7e8033c2d8bebfacbe67926427ef
8bd43238898979a4620bfce0bae846f49fbbaef5
37e5772b42530d67939d5d1725946c4433bb97991bc81939f5acd4c9106ce0bb
GET /s/files/1/0074/0832/0621/t/680/assets/Montserrat-Bold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: font/woff2
content-length: 65396
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/680/assets/Montserrat-Bold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c5b8767e-db7c-49d6-b1e5-ec65b4f64e44
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Thu, 02 Feb 2023 00:27:16 GMT
cf-cache-status: HIT
age: 109467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SjrtcnKBzMUgdznZhda4ywic4gp2SyeUkcZBZsiQ9DN%2BZ3gCaTOJu5NsXGlvRrza0gzEF3vylnnNW9XRM4IMomhs2eCmIjao6yZjOFsN1L1Igt4f8sJCiQ56GT%2FPshHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=28.390, imageryFetch;dur=27.966, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 793eb0c77f6d1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.powerreviews.com/t/v1.gif?e=c&id=mjw63zvkby&t=ldp46i09&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99
143.204.55.87200 OK 43 B URL HTTP/1.1 t.powerreviews.com/t/v1.gif?e=c&id=mjw63zvkby&t=ldp46i09&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99
IP 143.204.55.87:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /t/v1.gif?e=c&id=mjw63zvkby&t=ldp46i09&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99 HTTP/1.1
Host: t.powerreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Date: Sat, 21 Jan 2023 01:20:22 GMT
Last-Modified: Wed, 11 Jan 2023 22:37:18 GMT
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZzTUESUyXF6QLjCQNxBHjhZnZ8oIXRW0dG6myHmhZc4Cxl78csWrsg==
Age: 1200238
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
23.227.38.32200 OK 20 kB URL HTTP/2 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
IP 23.227.38.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3793)
Hash 32f5742f45de20ec7df7a29d51e6f505
cb85a2db18ec866e1c53a8873112bfab0a3ae9e9
ddf54a51382b898c4c19b08f3763358d68a36e191ae4af34db298112f9ea9815
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV5TXpFMlpEUTNZVGxtTjJOa09UVmtNalV5T1dZME1HWXpOV1ZpTUdSbFpBWTZCa1ZVIiwiZXhwIjoiMjAyMy0wMi0yNFQyMjo0NDoxNy4wNjlaIiwicHVyIjoiY29va2llLm9yZGVyIn19--76dbb91a9daa4e910e5198d9fa1929f395b2902c; _y=563d0213-d404-4ffe-ba2b-5c404a92533c; _s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; _shopify_y=563d0213-d404-4ffe-ba2b-5c404a92533c; _shopify_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
vary: Accept-Encoding
x-frame-options: DENY
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
x-shopify-stage: canary
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=3b58a9a4-28cd-4c1e-b775-f595fe160ddb
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=3b58a9a4-28cd-4c1e-b775-f595fe160ddb
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=; Expires=Fri, 17-Feb-23 22:44:17 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc; Expires=Fri, 17-Feb-23 22:44:17 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_orig_referrer=; Expires=Fri, 17-Feb-23 22:44:18 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc; Expires=Fri, 17-Feb-23 22:44:18 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:18 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:18 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:18 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:18 GMT; Domain=orgain.com; Path=/; SameSite=Lax
x-request-id: 3b58a9a4-28cd-4c1e-b775-f595fe160ddb
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP%2FM2v7h17MBeMK67F4CWz%2FA8K4Q7ZRrdoyP4Qr9vEQe5iRoomsfcH7gSEB%2FDimfLANPetl%2FTGNuV6sgoxc%2FmLVFvqOPV24bRmSaOnKifJW79R9Dzz82ZmromCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=842.000008
server: cloudflare
cf-ray: 793eb0b77e8eb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 12 kB IP 93.184.220.29:0
Hash d8f3dcb0a47c485c25416b604ef386db
19f35fe3cef731aa28f10c84948df715469beb16
b0dce41e60ae7409c00daa32c595d67a0ad4a9e7debabe7f58843e19f9a61b7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161923
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:19 GMT
Etag: "63dd63c6-2d7"
Expires: Sun, 05 Feb 2023 19:43:02 GMT
Last-Modified: Fri, 03 Feb 2023 19:43:02 GMT
Server: nginx
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 266b2d108e7dd210f0cdf75a22d612e2
16d084dc4b71345c6982a0bf34dc244f54cba90e
e28ff5c12ecadd99be995f52bd73af90b478d2b3e040ba5ba301ac0755e0164c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E28FF5C12ECADD99BE995F52BD73AF90B478D2B3E040BA5BA301AC0755E0164C"
Last-Modified: Thu, 02 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5901
Expires: Sat, 04 Feb 2023 00:22:40 GMT
Date: Fri, 03 Feb 2023 22:44:19 GMT
Connection: keep-alive
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122909950061/en-US/countries-a6584b679ebb52cb1f693a769ebedb2215344cc6-0.js?version=2021-01-25
23.227.60.200200 OK 31 kB URL HTTP/2 cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122909950061/en-US/countries-a6584b679ebb52cb1f693a769ebedb2215344cc6-0.js?version=2021-01-25
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (62586)
Hash 8011209c4b5ef94c291732b81907bb05
edc32ce8644b320273b0a2145564494ac208132d
5b5e9acf964e22345b16ec70311a707643e1d77d8c1003f48493141b8b5a0573
GET /app/services/7408320621/javascripts/checkout_countries/122909950061/en-US/countries-a6584b679ebb52cb1f693a769ebedb2215344cc6-0.js?version=2021-01-25 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
content-language: en-US
link: <https://cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122909950061/en-US/countries-a6584b679ebb52cb1f693a769ebedb2215344cc6-0.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c27f4fd3-7190-47ec-b793-68947ced19b8
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Fri, 03 Feb 2023 22:44:19 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wo2L1Zn4VcQEdLHo2%2FIf5kww7e4ylE7ks7nTWwfYeeUOPC1GqCFeGy8hhl24kfUmVYW1MlPU3TUvQVTQulhsTVCNgxVXbRoBewQ%2BVeH%2FNPjDopBUU9xU6%2B%2F9rR8BBXqyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=884.191, imageryFetch;dur=883.922, cfRequestDuration;dur=1105.000019
server: cloudflare
cf-ray: 793eb0bdbf7e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
monorail-edge.shopifysvc.com/unstable/produce_batch
185.146.173.20200 OK 0 B URL HTTP/2 monorail-edge.shopifysvc.com/unstable/produce_batch
IP 185.146.173.20:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /unstable/produce_batch HTTP/1.1
Host: monorail-edge.shopifysvc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 284
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://orgain.com
access-control-max-age: 86400
x-request-id: 2fd6d72d-c979-4b86-8f4b-76467e5780f3
x-robots-tag: noindex
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCFRiqTGaxkUXfTpjtgHeysZAKQOX5Urp2JB5%2BPILk9iI%2FS3wfI34VXWYhKl%2FqLizbvRz7JMoH%2B8Mitpy9cuaPiQTW3Eje1e07f5bFYj%2B3DmhzbBoo4NBnEJzRLrwODExvxvdXUL%2B6FjtTM8Ibo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfRequestDuration;dur=165.999889
server: cloudflare
cf-ray: 793eb0c84bddb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash bb21b4ac5c8f198136244beb5c8e0804
0eab22f7b9ca0610c0e416296b93087de5e37a63
37d542a03db1e2e120cb42dc3d6cbd94e15005cdfd605cbe070eb27e986f6095
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 03 Feb 2023 08:26:12 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G06yleNTWW7vEyP2tHhGGBrmD_WnTe5hZt3wVmRaylLPeRCYpbptug==
Age: 51489
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 934d92d64a97e2c162566a2093bccbaa
011d29150d0f9ebf892805399d5a99cf2487dc15
35ea028c51d0ff034c725aeb925a34a5ef558c2df9ba1d8c75ace9201d0a80ac
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 22:44:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 04:31:13 GMT
Expires: Sat, 04 Feb 2023 04:31:13 GMT
ETag: "011d29150d0f9ebf892805399d5a99cf2487dc15"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/s/gts1d4/Patgn0hRfbE
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Patgn0hRfbE
IP 142.250.74.163:0
Hash cf032d432610ada9a67fa443d23f3cf3
c189d5e21ce3af379c449b4710fc6baed6885477
b87ecf3ebc4cce179904db4261c5862543c3936724ad413eea96eaaf480700d4
POST /s/gts1d4/Patgn0hRfbE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvmVrk89ZTkz7FWePc5lWw8cbk1bYi8qJFrhjwFeGipdTOfI21rjA2I2W4t5lXpPN5aSAatGUAl0YueLDxPFgtxvC7Vyc4l
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Fri, 03 Feb 2023 22:43:45 GMT
expires: Fri, 03 Feb 2023 23:43:45 GMT
cache-control: public, max-age=3600
age: 35
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.mczbf.com/tags/384165514209/tag.js
54.230.111.40200 OK 17 kB URL HTTP/1.1 www.mczbf.com/tags/384165514209/tag.js
IP 54.230.111.40:0
File type ASCII text, with very long lines (53672)
Hash 3c7623c03cc15cd320f376acd97ee059
7fdb85b6d3f486d67360b911fc619f3fe810a9aa
7db37ddc3ea47f512eb8c34388279d46756f62f507f69e12e79c9fe0ce27edd5
GET /tags/384165514209/tag.js HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 03 Feb 2023 22:44:20 GMT
X-Request-ID: 4c25f319-a414-11ed-9abc-d3fd635192fc
Server: nginx
Cache-Control: max-age=1800
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zedAem06Kre-5-ug5kxGfR-8HRWRhhRXElTocwYUOr4qN14kDAXhHQ==
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Fri, 03 Feb 2023 22:44:20 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sat, 04 Feb 2023 20:49:08 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QrTmVZ5cOO3HB-rdxqubq966EMdZg9uGoWCAAguGMZjp6NqTYeN0fw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 71506493d09c01ddfeb20eea412256d2
7b578a67225fce015073f9862cde7f454b575ebb
81f599f01f62e7817a238c84dd02c4ba60c9a6f42913f192acb72fcb6354300d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126865
Date: Fri, 03 Feb 2023 22:44:20 GMT
Etag: "63dccbe0-1d7"
Expires: Sun, 05 Feb 2023 09:58:45 GMT
Last-Modified: Fri, 03 Feb 2023 08:54:56 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PGcGRnxkyucMLtm7v9MyD3cin9ZcfD1Fnnr9HBQb4rrgx8YlQlLeLQ==
Age: 3829
ocsp.pki.goog/s/gts1d4/Patgn0hRfbE
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Patgn0hRfbE
IP 142.250.74.163:0
Hash cf032d432610ada9a67fa443d23f3cf3
c189d5e21ce3af379c449b4710fc6baed6885477
b87ecf3ebc4cce179904db4261c5862543c3936724ad413eea96eaaf480700d4
POST /s/gts1d4/Patgn0hRfbE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: max-age=121491
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 08:29:11 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3781
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Last-Modified: Fri, 03 Feb 2023 21:41:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: max-age=121491
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Etag: "63dcae67-1d7"
Expires: Sun, 05 Feb 2023 08:29:11 GMT
Last-Modified: Fri, 03 Feb 2023 06:49:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.sjwoe.com/policy
143.204.55.2200 OK 47 B IP 143.204.55.2:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4df589e07db49a37b9f0f0f388dafe4d
dec69779c617f1a3d12b24c305887f06d2c0e7ef
b9a115127dd63e3f27882fddcf4431f2cffc43deb619586cd6becc6f23e57ba6
GET /policy HTTP/1.1
Host: www.sjwoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 47
date: Fri, 03 Feb 2023 20:34:05 GMT
x-amzn-requestid: cbb747b2-e139-4048-a2b4-471b61c601dd
access-control-allow-origin: *
x-amz-apigw-id: fx5ltHLcIAMFywg=
cache-control: max-age=3600
x-amzn-trace-id: Root=1-63dd6fbd-5e8f459109b7be48219061ee;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m9VAWNIGfizRdWhqxFQtEqEQKkJvlPQDeQpQfQlVbWWoxUgDd6amTw==
age: 7814
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=0d1b6540-889b-4cf7-a689-7af2c8af9e71&u_sclid=08303f1f-cb08-4ead-bc89-7960b5fc1b13
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=0d1b6540-889b-4cf7-a689-7af2c8af9e71&u_sclid=08303f1f-cb08-4ead-bc89-7960b5fc1b13
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=0d1b6540-889b-4cf7-a689-7af2c8af9e71&u_sclid=08303f1f-cb08-4ead-bc89-7960b5fc1b13 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
95.101.10.112200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
IP 95.101.10.112:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2333)
Hash a0545a0de1c0a77e362baf1751af5852
eafe09baf8917e74d799f3cceb6d4e3ebc8009a4
b4249de3174bbf476770c7888a24b0f0ca98137331f05eb27c1c35e37485c7d3
GET /i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202302032244204550373D7BBBFF26285C
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb65cc208bf59bd78cd3cb59047556141ab6e4b1f68d61f77ade21080553d4788f545e67d2aa7bf101c031bd760e68430fe61611bd4d77b05638ce920b087a0ab871babe3b6a2f418aba946b30c67320e507104a30b6f21807070074ac1421a0552
content-encoding: gzip
content-length: 1154
x-origin-response-time: 6,23.220.106.10
x-akamai-request-id: 9bc913be.46324cbe
expires: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 22:44:20 GMT
x-cache: TCP_MISS from a95-101-10-108.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LFQHDcWpnANAT1ybM8NxYXOJ8A; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-106-10.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=6, inner; dur=3
x-parent-response-time: 97,95.101.10.108
X-Firefox-Spdy: h2
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 453
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
access-control-allow-origin: https://orgain.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3IwQ0AIAgEsIlI5IQTxtGoUzC89ln2pRcZkk6IwUICrnJmzDOA/atKOdxoYKv2AGtqgxEyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 5
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
23.227.60.200200 OK 55 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (32768)
Hash 10cbee44b3785baa7c3ae42842c255f8
74c50014c3ea340ed74e5bbd7ba8426ca102ad0d
18237f153f121f1188b5666609f6a4252acf35eaeccca148115be06d0b157b6c
GET /shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://checkout.shopify.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c440c1f8-4f18-42db-94a6-5a1f76e3a501
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 05:10:36 GMT
cf-cache-status: HIT
age: 13973623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ2kGk%2FiwNO2TI2CgnbvN07p%2FNfK%2FimdG3aWb2cCWX6Xcwux2IOhJYIEoJdzGYBfdiTNnugEpcwBPULNBwza%2F8WEaByJd9sHq55LWfwy2W8WJ1BXYMcGL1gObat%2F1Eswaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=46.589, imageryFetch;dur=46.429, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 793eb0c9288f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3dc6e258fc83d07cbca03d0774670dc0
e800ba5425f2c48b4d17aa2e51ffd1d92509114e
e775242d430166a832ee4c4f85e96345e24ecaf099dd5dae836ec4ca423fe266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3781
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Last-Modified: Fri, 03 Feb 2023 21:41:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
dx.mountain.com/spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=33574981994288720&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil=
35.83.209.52200 OK 5.1 kB URL HTTP/1.1 dx.mountain.com/spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=33574981994288720&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil=
IP 35.83.209.52:0
File type Unicode text, UTF-8 text, with very long lines (19688), with no line terminators
Hash 530a26873b8478020dcb36810769fccd
2bbe903d724d8f48d8c876d560123ce3f1e186fd
8f8c33cccd53e1db01732cfd89dce24e4c2936aacc75665060a8f23e1f8e2a4c
GET /spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=33574981994288720&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil= HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Fri, 03 Feb 2023 22:44:19 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bdbf347997f914e0cede72ac901d41d0
1605fe6ca78a37093904f0bfca6fe9ea1828ea4e
bf27e501b022405c24d5816bb8923098e98c91411421e5f92dffee8283206758
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
95.101.10.112200 OK 70 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
IP 95.101.10.112:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash ffc6265c4b27e525c338cb6a34f43de5
0eae08861265bd37630a3c366ed27c53211117f7
f094142084c3ef80b74b1de14c8eaa51d0c1c8a90c1190656d54f16d21e3f58a
GET /i18n/pixel/static/main.MWE2YWY2YTgzMg.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: _ttp=2LFQHDcWpnANAT1ybM8NxYXOJ8A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175828B12D2EE402EE4177B8B8
x-tt-trace-host: 01e6cc6feeff51cb89119df47ec89889210c7d81fecb262d683454dd5be490ae464799fa4a5154b0da6f8399cd19358928510f7898d8798e90dfca3cf6407d71283b64980cceecded503ee15ed2bb4cdf6d81f41cf97626b66bd5a2f3a1ec50922
content-encoding: gzip
content-length: 69781
date: Fri, 03 Feb 2023 22:44:20 GMT
x-cache: TCP_HIT from a95-101-10-108.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=12
x-akamai-request-id: 46324dbe
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Fri, 03 Feb 2023 22:44:20 GMT
expires: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
x-cloud-trace-context: 303a0edc2b404b029600b74044615b78
content-encoding: gzip
date: Fri, 03 Feb 2023 22:44:20 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.776801489594394&2d-80.48876571112409&2m2&1d25.87260305369671&2d-80.17972840756822&2u13&4sen-US&5e0&6sm%40632000000&7b0&8e0&12e1&13shttps%3A%2F%2Fcheckout.shopify.com%2F7408320621%2Fsandbox%2Fgoogle_maps&14b1&callback=_xdc_._51x91i&client=gme-shopifyinc1&token=119705
142.250.74.138200 OK 2.4 kB URL HTTP/2 maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.776801489594394&2d-80.48876571112409&2m2&1d25.87260305369671&2d-80.17972840756822&2u13&4sen-US&5e0&6sm%40632000000&7b0&8e0&12e1&13shttps%3A%2F%2Fcheckout.shopify.com%2F7408320621%2Fsandbox%2Fgoogle_maps&14b1&callback=_xdc_._51x91i&client=gme-shopifyinc1&token=119705
IP 142.250.74.138:0
File type Unicode text, UTF-8 text, with very long lines (17507), with no line terminators
Hash 998ebe046fb365f7fad0b5e5fead1a6e
97bcdc9c6cb69f4673b3c45fd48d645dc0c018ed
91ac523e193c8cd403765989bc52617be2b0e5e94404584f64b02d9a26648d4b
GET /maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.776801489594394&2d-80.48876571112409&2m2&1d25.87260305369671&2d-80.17972840756822&2u13&4sen-US&5e0&6sm%40632000000&7b0&8e0&12e1&13shttps%3A%2F%2Fcheckout.shopify.com%2F7408320621%2Fsandbox%2Fgoogle_maps&14b1&callback=_xdc_._51x91i&client=gme-shopifyinc1&token=119705 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 03 Feb 2023 22:44:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-disposition: attachment
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: mafe
content-length: 2418
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
95.101.10.112200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 95.101.10.112:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e35cd3aeb48075134b13d5d593e609af
b967aced0b33616a54a9b7d5d3d092f28b9cca81
e25f7cb45c4d46dc9ebcf4cbe5209c87765cb94c15384780899eee7d888273e6
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: _ttp=2LFQHDcWpnANAT1ybM8NxYXOJ8A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825795F92399DF9E7BC6845
x-tt-trace-host: 01213c9428e1dc2e706424a5e4830ae2753a9403fe7ed2020932fc61a3c47c96784adda24a6c56428140d39df42ee71252f6133830581f45dad09e0f84f6c427e5570f8f5241c1349d3294ee56c52eab748dbda5cfd0ecad2a022e79233890d27b
content-encoding: gzip
content-length: 30930
date: Fri, 03 Feb 2023 22:44:20 GMT
x-cache: TCP_MEM_HIT from a95-101-10-108.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 46324e20
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bdbf347997f914e0cede72ac901d41d0
1605fe6ca78a37093904f0bfca6fe9ea1828ea4e
bf27e501b022405c24d5816bb8923098e98c91411421e5f92dffee8283206758
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5fe13ea4f73c1d4da8d04a3a043f48c6
399b83551ba1dc416c1a5269a87afae304336156
be383ce5ea9718329c79da938740853a36fb0c0e78b06b16bbd5ad6751668648
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161509
Date: Fri, 03 Feb 2023 22:44:20 GMT
Etag: "63dd4902-1d7"
Expires: Sun, 05 Feb 2023 19:36:09 GMT
Last-Modified: Fri, 03 Feb 2023 17:48:50 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -glrbR41BXMOVZRqcZmZ7p-fLCALO24iQuc71RdZK6zTS2g9TX5T8A==
Age: 6439
www.mczbf.com/384165514209/pageInfo
54.230.111.40200 OK 68 B URL HTTP/1.1 www.mczbf.com/384165514209/pageInfo
IP 54.230.111.40:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
POST /384165514209/pageInfo HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://orgain.com
Content-Length: 307
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Date: Fri, 03 Feb 2023 22:44:20 GMT
X-Request-ID: 4c6482b9-a414-11ed-b644-218a09c58ab1
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rqeDEINTa4HIqDgvfBhIg99UnyQRbgI0AgeuV8w-NKVSiuFYlpdxPw==
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 434540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 226341
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5fe13ea4f73c1d4da8d04a3a043f48c6
399b83551ba1dc416c1a5269a87afae304336156
be383ce5ea9718329c79da938740853a36fb0c0e78b06b16bbd5ad6751668648
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 22:44:20 GMT
Last-Modified: Fri, 03 Feb 2023 20:57:08 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 962MOogTiGV2j-8b6fQ3nlFlcSxVSL68AWRJLHX1HQkZe3WQq6htEg==
Age: 6432
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/json
Origin: https://orgain.com
Content-Length: 826
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: 6kn48dltj1gk
x-powered-by: Express
x-cloud-trace-context: e4ee58716e30fd599c080628e66d0e80
date: Fri, 03 Feb 2023 22:44:20 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
34.193.170.148200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 34.193.170.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term=value
35.83.209.52200 OK 5.1 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term=value
IP 35.83.209.52:0
File type Unicode text, UTF-8 text, with very long lines (19703), with no line terminators
Hash 28664cbeca0b5f7215fc676225ba2fe0
d95e15de1c2af6d58b54bdc4d0427aea33158dbb
13fb51fa931a0820d59a5b82e30ba338e6c302f2baf3d1bc759b31c5381a5730
GET /spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Fri, 03 Feb 2023 22:44:20 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
connection: close
transfer-encoding: chunked
analytics.tiktok.com/api/v2/pixel
95.101.10.112200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.112:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1140
Origin: https://orgain.com
Connection: keep-alive
Cookie: _ttp=2LFQHDcWpnANAT1ybM8NxYXOJ8A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230203224420F4C0E0203CBEC1AFB23E
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb65cc208bf59bd78cd3cb59047556141ab3228868eaede79da8138e986618107827b535c9f4fcdffee3d506341022e7564d753f5785a217cde8e3cc89ff1e2ba34398f43611d55278ae8a90dc7f7d0e894cb5ac8d4856b832f699756b6b15fdb29
x-origin-response-time: 27,23.220.106.12
x-akamai-request-id: bc70c20.46324eb0
expires: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 22:44:20 GMT
x-cache: TCP_MISS from a95-101-10-108.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-220-106-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=27, inner; dur=25
x-parent-response-time: 120,95.101.10.108
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
34.193.170.148200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 34.193.170.148:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/json; charset=UTF-8
Content-Length: 1766
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=99b6b3ee-a579-435d-9842-d5fc78800784; Expires=Sat, 03 Feb 2024 22:44:20 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.112200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.112:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1176
Origin: https://orgain.com
Connection: keep-alive
Cookie: _ttp=2LFQHDcWpnANAT1ybM8NxYXOJ8A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023020322442028BD585500C3508B91DE
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb65cc208bf59bd78cd3cb59047556141ab309ef1a820cbf4969a39dffef9e6ac14763a023b47beb7982c27ec657e233b9dbc8a3afcb69f3a6793111d3c8dd22f3ddd705115bb8c6921a43aaa606dfa4b685fb57ecb5883251ddf32cbbb5a0d7811
x-origin-response-time: 43,23.36.66.36
x-akamai-request-id: 68ba98aa.46324eae
expires: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 22:44:20 GMT
x-cache: TCP_MISS from a95-101-10-108.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-36-66-36.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=42, inner; dur=15
x-parent-response-time: 154,95.101.10.108
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b2151a57b2fa81aa681d98e8a59bbcb4
9aa666fdf41ffe1eda618ca9089a9d055cbe6dee
4ea23f6194e37ff0cfe1e18693d4887db9ad9a4a24908326cf3f4ee534ad9a64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 11:26:21 GMT
Expires: Fri, 10 Feb 2023 11:26:20 GMT
Etag: "9aa666fdf41ffe1eda618ca9089a9d055cbe6dee"
Cache-Control: max-age=563518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793eb0cec895b503-OSL
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.91200 OK 906 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.91:0
File type ASCII text, with very long lines (559)
Hash a73859ef2089f40a608b36fe9936da04
4d2017c392c9a3f76fcad657a5d6c08600cff403
38e40248f63651db8998cb9563edfd575198c6642b1be1f05dfa0b2d56d12832
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 906
last-modified: Wed, 01 Feb 2023 17:07:18 GMT
content-encoding: gzip
x-amz-meta-mtime: 1675271236.8
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 22:17:25 GMT
cache-control: max-age=3600, public
etag: "a73859ef2089f40a608b36fe9936da04"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UEl-YAioEcrIRvJBHM9KpJd7beyReNjx9mEXoMpCIwDL_wVaFTIomA==
age: 1618
X-Firefox-Spdy: h2
cdn-widgetsrepository.yotpo.com/v1/loader/nrMQniDgXcFzSiDLTJlYSA
95.101.97.70200 OK 27 kB URL HTTP/2 cdn-widgetsrepository.yotpo.com/v1/loader/nrMQniDgXcFzSiDLTJlYSA
IP 95.101.97.70:0
File type Unicode text, UTF-8 text, with very long lines (584)
Hash 37f5c3381d19736e3380a8b5b06609b2
e5043ac8e58d13e31fc614effc615b8ace98079d
bd395e7c17cc65612fd4307f826bdae6331a5c239edeaf269243d1fa1cc12769
GET /v1/loader/nrMQniDgXcFzSiDLTJlYSA HTTP/1.1
Host: cdn-widgetsrepository.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-encoding: gzip
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 8
correlation-id: 6df1e5cd-a0d6-4ddf-aef8-980f3537d72a
x-kong-upstream-latency: 322
x-kong-proxy-latency: 7
content-length: 26604
date: Fri, 03 Feb 2023 22:44:21 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
95.101.97.70200 OK 148 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (50805)
Size 148 kB (147767 bytes)
Hash d9ad2d7004d19a3b11f9b6336bd3e5ae
348e9bb595eae44c2ebd9e75771b6f743c92ea82
2e32f80fa15dd4483e4033298de1d0739e91a9bc3b7169d91948fbed95f001ab
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 42
correlation-id: 475b93ea-a839-4368-8ac4-da2e8ba6e4fc
x-kong-upstream-latency: 61
x-kong-proxy-latency: 14
content-length: 147767
cache-control: public, max-age=5019
date: Fri, 03 Feb 2023 22:44:21 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=4
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7901887003E146FF81C9943322B46F54 Ref B: OSL30EDGE0512 Ref C: 2023-02-03T22:44:21Z
date: Fri, 03 Feb 2023 22:44:20 GMT
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=56267
date: Fri, 03 Feb 2023 22:44:21 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3248
Cache-Control: max-age=122701
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 08:49:22 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.js
35.190.43.134200 OK 1.6 kB URL HTTP/2 tr.snapchat.com/config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.js
IP 35.190.43.134:0
Hash 8eee846295811939ea85cf7087d8d110
838051f10ac55ecd81ae46bf5c217af85156fab3
fa24913f7f010e28de416ed9c555f95a7cd85a0f024dbf0f92cb6c2faf26dcc7
GET /config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:20 GMT
access-control-allow-origin: https://orgain.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
2.18.172.195200 OK 1.1 kB IP 2.18.172.195:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash e86e91ccaebee6bf004dc862956ef25c
167e7e73d1ad23302eef48e7074e5182deaa7999
fdf85d7c2572c064d848fd3ee3be8d0c0aa6bb5afb9e39dbcf52c41a0147c7e7
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "e86e91ccaebee6bf004dc862956ef25c"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 21:44:08 GMT
expires: Fri, 03 Feb 2023 23:44:08 GMT
cache-control: public, max-age=7200
age: 3613
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464292800&cv=11&fst=1675464292800&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.194200 OK 931 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464292800&cv=11&fst=1675464292800&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (1997), with no line terminators
Hash 596273fdb5c686ade55d2fae541a4133
7e437f8ca1db4e04285d3778afe442fff21c496f
62676c2f2cbc7fd2e8b202a0a4a61a6a22bd0b01eb8275828fed9fbafa580aeb
GET /pagead/viewthroughconversion/789606081/?random=1675464292800&cv=11&fst=1675464292800&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 931
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 22:59:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 22:59:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 22:59:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 22:59:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/825569394/?random=1675464292909&cv=11&fst=1675464292909&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Decomm_prodid&rfmt=3&fmt=4
216.58.207.194200 OK 938 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/825569394/?random=1675464292909&cv=11&fst=1675464292909&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Decomm_prodid&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (1997), with no line terminators
Hash e98b275134199fc7baf277b4d8811eee
f1bd20d2a7f93c00d3cbb0e45c0701d21f3c6d45
a872e03bbc5fa353398c1989a5ee401313ca62711ac3f2ea4e27c523c4c5919e
GET /pagead/viewthroughconversion/825569394/?random=1675464292909&cv=11&fst=1675464292909&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1484165691.1675464293&data=event%3Decomm_prodid&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 938
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 22:59:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
100.20.58.101/is
100.20.58.101200 OK 32 B IP 100.20.58.101:0
File type ASCII text, with no line terminators
Hash e334ff4727e565a07e5e4334b2f67244
89c635e2e663b0ab30cf78a82f3bfc3eae5e9795
0da070312a0b0465257f8156042d5b86bc6d551d3644017c3df6cc04928bd66a
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 100.20.58.101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 22:44:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2006
Cache-Control: max-age=121459
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 08:28:40 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
95.101.97.70200 OK 40 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
IP 95.101.97.70:0
File type ASCII text, with very long lines (65423)
Hash 99057d0c6591036eac20884700cea1cc
3f6dfd2ea6da5697f67d8dfb724a47173b7dc591
f03feb9859fa06e78526e7c0485e5b845f952cafad3e626b465e9936a39df9e5
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
etag: W/"99057d0c6591036eac20884700cea1cc"
x-request-id: de337e4030e4653525805781153871be
x-runtime: 0.121390
access-control-allow-headers: *
content-length: 39591
cache-control: public, max-age=8183
date: Fri, 03 Feb 2023 22:44:21 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4bdSorxsfQkv9_MTtUUZoUlykp3w6tLbxXM-JW1AbcssEr522oRJbQ==
age: 34455
X-Firefox-Spdy: h2
100.20.58.101/is
100.20.58.101200 OK 32 B IP 100.20.58.101:0
File type ASCII text, with no line terminators
Hash 9b274752bb13a8d1ab5a64cf2df7774d
0e9d7fc92f43b283e9de2a4d825d0991eb06bd40
ff6f5c6780b6764748cd9a60c4d79ed4b10c0f6b191a4bd3dcef442b041aeede
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 100.20.58.101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 22:44:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&gjid=824890160&_gid=307129588.1675464294&_u=YEBAAEAAAAAAACAAI~&z=2124953604
64.233.165.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&gjid=824890160&_gid=307129588.1675464294&_u=YEBAAEAAAAAAACAAI~&z=2124953604
IP 64.233.165.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&gjid=824890160&_gid=307129588.1675464294&_u=YEBAAEAAAAAAACAAI~&z=2124953604 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://orgain.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 22:44:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash e4c7bf7752447d5f72635b80caf42066
0758140da1c363ed6b4b51285d8317a938a417bb
5c1a3ba7cbaa1aa88eff9aa3456ccdf54b3ea801f11c44f123b9f63e89f5e7bb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 22:44:21 GMT
Last-Modified: Fri, 03 Feb 2023 21:24:11 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: djABrw3-Fbe_kybBV_h9B83i_0Z4VvcrqakG9a6mfUFRVS4FgMNlTg==
Age: 4810
api.yotpo.com/conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1
34.204.249.170200 OK 3.9 kB URL HTTP/2 api.yotpo.com/conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1
IP 34.204.249.170:0
Hash f5ea3628e7bcd1426ee1c5f18a067085
c509d895dd107ade0904755fc512ed000a382e10
ee28f5f8342d0ccd30772590dfdccb212f3925e2b4f4b6e6ce1d0499db89a0c2
POST /conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1 HTTP/1.1
Host: api.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-type: application/x-www-form-urlencoded
Content-Length: 132
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:21 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-robots-tag: noindex
yotpo_parsed_request: {"format":"json","controller":"conversion_orders","action":"track_conversion"}
etag: W/"09ac17a5b7e908b8e907ec16392e1a99"
cache-control: max-age=0, private, must-revalidate
x-request-id: f404c67710f324c36f81293bec8a8677
x-runtime: 0.021689
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 39
correlation-id: 4f041022-d2b3-47da-9c97-1f51dc86f3f6
x-kong-upstream-latency: 25
x-kong-proxy-latency: 16
via: kong/2.1.4
X-Firefox-Spdy: h2
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
95.101.97.70200 OK 16 kB URL HTTP/2 cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
IP 95.101.97.70:0
Hash d22a977c440faf770e1d39ff00a7e1cc
a4b75b39d414a670e9b97506dcb9dcbfebf92c8f
be1f12383f567dff924756d7586d9089c17d082ec3dc2411358ffd637f1f1cac
GET /widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js HTTP/1.1
Host: cdn-widgetsrepository.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: JnGljnG5MsUzlBtVQtVIwwdoYV30tM7s4Riy4hQdOkIVBWM1/xjwSdX01ZJYr5X8JLqJ6bbQrxo=
x-amz-request-id: E5E1TTDR6S6B3XQ2
last-modified: Tue, 06 Dec 2022 09:10:21 GMT
etag: "aaa4223431ceb8bf734e9e241fc39c89"
x-amz-version-id: Urn5iuJOxPwl9H.GMq9Oc7wRRb1DTuGc
accept-ranges: bytes
content-type: text/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 03 Feb 2024 22:44:22 GMT
date: Fri, 03 Feb 2023 22:44:22 GMT
content-length: 16306
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.2.0-3926.js
95.101.97.70200 OK 9.7 kB URL HTTP/2 cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.2.0-3926.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (21913)
Hash 5e76fcb1200132616bd531e13894683c
cd14da9c77d46aba52ced2822bfbb9ead805656c
9c45d18b77797983fbc362db37855d061e3b6049d4b31ef4337e0a143cbdfaa0
GET /widgets-initializer/app.v0.2.0-3926.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yzl+FUSEELOHuLpKS6ra6MwQMIs92/rtCRQ9f+hFpQZgOsZJVGP/y5mr2PiO7DngvtHO4aoT6J4=
x-amz-request-id: MWAX576YDW8KRGR8
last-modified: Sun, 15 Jan 2023 23:05:49 GMT
etag: "c392a1d5bc5dd47e69a5b3883ad56167"
x-amz-meta-s3cmd-attrs: atime:1673823948/ctime:1673823948/gid:117/gname:jenkins/md5:c392a1d5bc5dd47e69a5b3883ad56167/mode:33188/mtime:1673823948/uid:110/uname:jenkins
x-amz-version-id: gaI5_HZVXcKgdfsCLu7FIMLQEFHXBRDB
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30032376
date: Fri, 03 Feb 2023 22:44:22 GMT
content-length: 9692
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.138200 OK 300 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.138:0
Hash 0471b1e0f54062f1ea116cdaa2a1ae83
9464fc4106769339f694d46223e655d5d214cbb2
8abf4804a56573c22e3cba7d5ddfd09199d317a7c2cdb7c03591d8d8a02b990a
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 22:44:20 GMT
date: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11000740&Ver=2&mid=1dbd8d33-d518-44ec-b3f2-923b020c585a&sid=6068dd80a41411edbe1b1b9d37ece861&vid=6068e080a41411ed8468fbf55e2db20c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3335&evt=pageLoad&sv=1&rn=702441
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11000740&Ver=2&mid=1dbd8d33-d518-44ec-b3f2-923b020c585a&sid=6068dd80a41411edbe1b1b9d37ece861&vid=6068e080a41411ed8468fbf55e2db20c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3335&evt=pageLoad&sv=1&rn=702441
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11000740&Ver=2&mid=1dbd8d33-d518-44ec-b3f2-923b020c585a&sid=6068dd80a41411edbe1b1b9d37ece861&vid=6068e080a41411ed8468fbf55e2db20c&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3335&evt=pageLoad&sv=1&rn=702441 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=20943537512D66EB0636279A50D86786; domain=.bing.com; expires=Wed, 28-Feb-2024 22:44:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B37CC7685D8249A0955BC2F4E3355DAF Ref B: OSL30EDGE0512 Ref C: 2023-02-03T22:44:22Z
date: Fri, 03 Feb 2023 22:44:21 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.bca0d1c28285412bb689.js
54.230.111.73200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.bca0d1c28285412bb689.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (49086)
Hash e923aa360dc485b9df86355bd040c998
03c46dbd41e9d4bdf8a9e4bfbaba3f7f2e9280ec
9c7575553c5b81f9b905dbb27c8116b175b69e7472aa6597f8cace1c6434d676
GET /modules.bca0d1c28285412bb689.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67924
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e923aa360dc485b9df86355bd040c998"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Hzypc2PylLSKdSTjCfslf37yiBjSW5rYSR2jsVYO_GVTKrO9WbsPw==
age: 34456
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/ReferralWidget/nrMQniDgXcFzSiDLTJlYSA/css-overrides/css-overrides.2021_02_24_08_27_14_706.css
95.101.97.70200 OK 715 B URL HTTP/2 cdn-widget-assets.yotpo.com/ReferralWidget/nrMQniDgXcFzSiDLTJlYSA/css-overrides/css-overrides.2021_02_24_08_27_14_706.css
IP 95.101.97.70:0
Hash 30a4e82f6f397c0a615dfd7405635ce3
e683dbda61c688a1d25dfa065d292be38dbc723e
71e4925e954eea63d4329a1fa48b11e116625e65d1c689367c3d3b39b3109674
GET /ReferralWidget/nrMQniDgXcFzSiDLTJlYSA/css-overrides/css-overrides.2021_02_24_08_27_14_706.css HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /V0Z/E85ejN8qxK0yX/kmJe+ZTHXTc5Ih6rOdKns/JTt9daNiAISn/9zmzS64yyx0QDJrOAAHkA=
x-amz-request-id: S173QTDTP3J567R0
last-modified: Wed, 24 Feb 2021 08:27:15 GMT
etag: "30a4e82f6f397c0a615dfd7405635ce3"
x-amz-version-id: ptHr7yKWbJoNgFF0ZhUZxsQfNyKUxZoS
accept-ranges: bytes
content-type: text/css
server: AmazonS3
content-length: 715
date: Fri, 03 Feb 2023 22:44:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/lib/main.73589e70.js
2.18.172.195200 OK 20 kB URL HTTP/2 s.pinimg.com/ct/lib/main.73589e70.js
IP 2.18.172.195:0
File type ASCII text, with very long lines (57031), with no line terminators
Hash e2e6ae3a0d92146f974216e640b9f99a
8ceb48ec7a0aa43ebfe0eeb0094164292f95c6d2
965349a9e9f471fadf2512567bdfae0aedff8e90a093306e2b61673c292fed0b
GET /ct/lib/main.73589e70.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e2e6ae3a0d92146f974216e640b9f99a"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 19691
akamai-x-true-ttl: 1209600
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/p/action/11000740.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11000740.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11000740.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23AEFA0ED3154F51A8B5E5F2FDFDFC83 Ref B: OSL30EDGE0512 Ref C: 2023-02-03T22:44:22Z
date: Fri, 03 Feb 2023 22:44:21 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0d4888ef7d2f7cbbb3d860e2634d530
7df63ac4568e08b98d880355c0dd50400aad4bb2
824da78de163ee49c67fe1a0f6b23f3da42043b05deadc602f9c0db8c0e8585e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3138
Cache-Control: max-age=144144
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:22 GMT
Etag: "63dd1214-1d7"
Expires: Sun, 05 Feb 2023 14:46:46 GMT
Last-Modified: Fri, 03 Feb 2023 13:54:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1675464293043&cv=11&fst=1675464293043&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1484165691.1675464293&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1675464292816&cv=11&fst=1675464292816&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=4&ec_s=1&auid=1484165691.1675464293&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&_u=YEBAAEAAAAAAACAAI~&z=882541125
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&_u=YEBAAEAAAAAAACAAI~&z=882541125
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=258631226.1675464294&jid=1537326294&_u=YEBAAEAAAAAAACAAI~&z=882541125 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/825569394/?random=1675464292909&cv=11&fst=1675461600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=853549046&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/825569394/?random=1675464292909&cv=11&fst=1675461600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=853549046&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/825569394/?random=1675464292909&cv=11&fst=1675461600000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=853549046&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.138200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.138:0
Hash 858cff675d9bbcc70dcc8c47c81fbc32
c3036599cfddfd8cd24056628bf9ecc63b71f618
fbb7e4dca0d69c5f9477ba42eee03ce088eb3776bb99afcc713b55f59effb330
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 22:44:20 GMT
date: Fri, 03 Feb 2023 22:44:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/401519874/?random=1675464292953&cv=11&fst=1675464292953&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1484165691.1675464293&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:44:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
54.195.39.4200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
IP 54.195.39.4:0
File type ASCII text, with very long lines (1056)
Hash 5706e7a50a2df62399889e4c55bf221d
46a3c327205adc152378b3632ec142c69be809ad
c6cf0aa76d95b57acca76e1557b3e7a9a12c19e876246fee78e2f7f6b11f38f1
GET /general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 22:44:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=MD8GWBYUJHKtJyBWfXC6GerNrTebooYrWahbuCFonF0=;Path=/;Expires=Sat, 03-Feb-2024 22:44:22 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 18fcb6120af1b300507d3cac6fc94010
0bfd15e4eb26873f27cbbe3c454358aed42b91d4
b6943ba02ffb64a62a74d8626f6730098ee13cc78b21cb73b66397d869d73e1b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169366
Date: Fri, 03 Feb 2023 22:44:22 GMT
Etag: "63dd6f17-1d7"
Expires: Sun, 05 Feb 2023 21:47:08 GMT
Last-Modified: Fri, 03 Feb 2023 20:31:19 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eN3sxnsjNvg90a-0iHMgwB5nWY-dhngrUO9DxnQH-WmvBClOpMRBWQ==
Age: 4549
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 18fcb6120af1b300507d3cac6fc94010
0bfd15e4eb26873f27cbbe3c454358aed42b91d4
b6943ba02ffb64a62a74d8626f6730098ee13cc78b21cb73b66397d869d73e1b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169353
Date: Fri, 03 Feb 2023 22:44:22 GMT
Etag: "63dd6f17-1d7"
Expires: Sun, 05 Feb 2023 21:46:55 GMT
Last-Modified: Fri, 03 Feb 2023 20:31:19 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qvg4A2llWFu-jGvR3k_lJz10acMwG23tsTJtt667joP9kvRQGKkc3A==
Age: 4536
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1675464294189%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLj3xDH_f3tuQAAAYYZc8KjC9_eVjlUTkmAyWV46JEPY0TU0nD3mKTVsk5P_5_Nol6i_3M-NvSidQ; Max-Age=2592000; Expires=Sun, 05 Mar 2023 22:44:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKIqXOeirQZxgAAAYYZc8Kj1Ri8xGTJGAC4BsfKYKv2UZMbPD7tTOh6cXPrPJuiuFO7bye6PeFR_yYYbz5z-w; Max-Age=2592000; Expires=Sun, 05 Mar 2023 22:44:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&224c153f-6dca-4ceb-8dc0-2174fec14e40"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 22:44:22 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675464262:t=1675550662:v=2:sig=AQEJAf3muqgT0WgPJgO4FUMy2BXpdFdw"; Expires=Sat, 04 Feb 2023 22:44:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXz02wwNaLyBq/qXYAsxg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C5BE6B9FDA8F4BECB7BCE670552E6623 Ref B: OSL30EDGE0417 Ref C: 2023-02-03T22:44:22Z
date: Fri, 03 Feb 2023 22:44:21 GMT
content-length: 0
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
35.85.106.161200 OK 1.8 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
IP 35.85.106.161:0
File type ASCII text, with very long lines (2335)
Hash 099c07b860e92829495e49b298519f0d
383f8021b1169c1ea52eb4d20b603e2783b806d7
7243f8a5ee9324a0db6626a51242cd308f4d1e8f237afa6a331dd7a845705ea9
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=12459004591821054term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 22:44:22 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
transfer-encoding: chunked
p.yotpo.com/i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo5NTA4OTcyMDV9&dtm=1675464294272&tid=708140&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo5NTA4OTcyMDV9&dtm=1675464294272&tid=708140&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo5NTA4OTcyMDV9&dtm=1675464294272&tid=708140&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:22 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=4d5f9b62-1325-458e-740f-6653bcb01319; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Sat, 04 Feb 2023 22:44:22 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
p.yotpo.com/i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1675464294776&tid=154151&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1675464294776&tid=154151&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1675464294776&tid=154151&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:22 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=48c3c74b-2191-4382-7a98-e3c117248817; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Sat, 04 Feb 2023 22:44:22 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675464295124&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 380 B URL HTTP/2 ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675464295124&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash 509f9f17664ea845ece0a38f0f7a70bf
849d5513fa36d2441b3325575ff2d074594e1591
4869150f10b5577c79966bc43ba24d1d9e7b2bb8cb89964263015cb7dae9a9e8
GET /user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675464295124&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1UTTFOMkptTlRNdFpURTJOUzAwTlRFNUxXSmxZalV0T1dRM01HWmxZek5sWWpFeQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://orgain.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 380
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1832592694304327
date: Fri, 03 Feb 2023 22:44:22 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1675464262.9c7af8e3
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/2222193?s=0.25&r=0.12061016021920723
54.230.111.91204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2222193?s=0.25&r=0.12061016021920723
IP 54.230.111.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2222193?s=0.25&r=0.12061016021920723 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Fri, 03 Feb 2023 22:44:22 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7tE7UJIhr8FDJrxEuMX5Ql8O2ADeeHM0dR63PFwRUd6nsOXoXQS-ig==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 460ac891a4ddc0c19d6919beb9c9dae9
c429982e63c5b47b682e0b5f62c67a9eb1ef94ba
4a2b65d81017c3815630a5c51f479fbd876d54f20c209ba4cd75e7f1503b7029
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 22:44:22 GMT
Last-Modified: Fri, 03 Feb 2023 22:08:21 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5iDc6L71FuYwqugcJQEAfposhhbyo7nvkiCMKvE4N7sgL3sRyjprxA==
Age: 2161
mpsnare.iesnare.com/star
54.195.39.4101 Switching Protocols 0 B IP 54.195.39.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://orgain.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e8cWecd3RGP6OqUSo3fLVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 03 Feb 2023 22:44:22 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: +/DmEl98eyeD1tI7KFUZzNc7jWU=
Upgrade: WebSocket
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=e1f9ee2
143.204.55.91200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=e1f9ee2
IP 143.204.55.91:0
File type ASCII text, with very long lines (778)
Hash 492ea994b8f16657950c24955bb616f2
b201b99513733704774c895a2746b9200201bc8d
c5b0aedb3eb05695357b16cae84dc6ea8da73300e6f9c9e826cfa96e76c7ad6d
GET /widget/widget.js?v=e1f9ee2 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 48109
date: Wed, 01 Feb 2023 17:07:44 GMT
last-modified: Wed, 01 Feb 2023 17:07:18 GMT
etag: "492ea994b8f16657950c24955bb616f2"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1675271235.25
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3ZScB4Lu31b4NzwUZyoCrPkIbuZdFb9zpROqnuaQuSnd8h-83xgo7Q==
age: 192999
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/widget-vue-core/app.v0.1.0-2295.js
95.101.97.70200 OK 31 kB URL HTTP/2 cdn-widget-assets.yotpo.com/widget-vue-core/app.v0.1.0-2295.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (59999)
Hash 741dd11639cd2d7e4b8bdc75f3c91864
907dd5e8a28b44ba9fef5396db520c705c2d7916
f1c734697f023825beb42b05ed217cec47a0277696f2cf98a20eea9ebc292936
GET /widget-vue-core/app.v0.1.0-2295.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: uWhhGh397ZknQEUHs4qMa88hxQY/ajHSiJEv48XAZ8nKnW8Lm2S3CiYUK/6SmEC7WZSndLFDvnI=
x-amz-request-id: HJTTJJAK6YZ7A6T6
last-modified: Tue, 06 Apr 2021 12:10:26 GMT
etag: "220f903f69b847cfd23909ae14383e02"
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1617711025/atime:1617711025/md5:220f903f69b847cfd23909ae14383e02/ctime:1617711025
x-amz-version-id: fY_wU7pb9WVcpu8EpZNT4SU_Q1qtQ1rW
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 03 Feb 2023 22:44:22 GMT
content-length: 30692
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2273589e70%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675464295127
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2273589e70%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675464295127
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2273589e70%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675464295127 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1475584606668897
date: Fri, 03 Feb 2023 22:44:22 GMT
akamai-grn: 0.274f2417.1675464262.9c7b08b0
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
mpsnare.iesnare.com/5.5.0/logo.js
54.195.39.4200 OK 419 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP 54.195.39.4:0
File type ASCII text, with very long lines (377)
Hash 67a5394415d7467fccb96d77302a60fc
ed5fce811e0f284ca012141fd505741a0c886fb8
d0a0247a3e595194ea61732c71c015ff1cb7332d1de41cb8fd9073de5931cce8
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 22:44:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Sat, 03 Feb 2024 22:44:22 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 38b779e7266afbe2b5b8b9e39c3e2ff5
1ff5dd4be1f2e76ea0dcd8e2c5cd94495429708d
daa2dba1f54f2a847868f40350de10e3af527a9e07fa265a9704fc9533fc9136
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168589
Date: Fri, 03 Feb 2023 22:44:22 GMT
Etag: "63dd66a0-1d7"
Expires: Sun, 05 Feb 2023 21:34:11 GMT
Last-Modified: Fri, 03 Feb 2023 19:55:12 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _5DuIaEKF13XQky_psiuTU1z7CoXYAii3_GB6FjHjJEXpKbfirhyXA==
Age: 5939
ws25.hotjar.com/api/v2/client/ws
108.128.52.239101 Switching Protocols 0 B URL HTTP/1.1 ws25.hotjar.com/api/v2/client/ws
IP 108.128.52.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws25.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://orgain.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vM7IANpO2IZkbUGpXhmzxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 Feb 2023 22:44:22 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F2R2YtLSOR0UZCj2DkmlJ2vKn0Y=
Sec-WebSocket-Extensions: permessage-deflate
mpsnare.iesnare.com/time.mp3?nocache=0.8984494916204758
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.8984494916204758
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.8984494916204758 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://orgain.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 03 Feb 2023 22:44:22 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1675464294189%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1675464294189%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1675464294189%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&84f652d1-a1ea-490f-8f0d-1760bb17e6a6"; Domain=.linkedin.com; Expires=Sat, 03-Feb-2024 22:44:22 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230203224422908923ac-d62c-4dcb-8f74-6df285b87231AQGREvTOrqTpUZ4kKApco3BkWGNMDIkL"; Domain=.www.linkedin.com; Expires=Sat, 03-Feb-2024 22:44:22 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzU0NjQyNjI7MjswMjHUHkyT+AhqS1l8f6LjPkmuhJxl3m7/kXhW01+gtywSAw==; Domain=.linkedin.com; Expires=Wed, 02 Aug 2023 22:44:22 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2426:u=1:x=1:i=1675464262:t=1675550662:v=2:sig=AQFFX5mKwhIZ7xWLlD3F7qSejGpag-wa"; Expires=Sat, 04 Feb 2023 22:44:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXz02w5pI+pxtCk8xYLXg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FC6864DEB7454A00B9CD0F144630D6A2 Ref B: OSL30EDGE0417 Ref C: 2023-02-03T22:44:22Z
date: Fri, 03 Feb 2023 22:44:22 GMT
content-length: 0
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2222193/visit-data?sv=7
52.51.89.236200 OK 151 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2222193/visit-data?sv=7
IP 52.51.89.236:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ae64384d696e71292bb83ada8e093795
bb1bd6f769e4d6d65b21c0fa8fb11afd9bdabc09
ced73823f1776cd4de9bd91909905743b7a3e9257649e1bb0cac2808763ee625
POST /api/v2/client/sites/2222193/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain; charset=UTF-8
Content-Length: 131
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:22 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
54.230.111.78200 OK 206 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
IP 54.230.111.78:0
Hash 02d15412f1b5cc464e85bd2a4fe6c4d3
c289fdbe54ef69aaa8227031990f88c90c4a85e6
730377cfe89842d930974c4dd89fbdfd3cda2818c81bf6b3cd03c9f851b632d5
GET /partner/1655794/domain/orgain.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 22:44:21 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CqzRaYc2vJDZ4d3s7M_ht30NJm20PBg0neeWpwJ_9x0dboCFBwDpvA==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:04 GMT
expires: Sat, 03 Feb 2024 02:06:04 GMT
cache-control: public, max-age=31536000
age: 74299
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:22:41 GMT
expires: Tue, 30 Jan 2024 00:22:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
age: 426102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csmetrics.hotjar.com/
52.209.24.136204 No Content 0 B IP 52.209.24.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 101
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 22:44:23 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
csmetrics.hotjar.com/
52.209.24.136204 No Content 0 B IP 52.209.24.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 100
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 22:44:23 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
p.yotpo.com/i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiMWIzYTg3ZDctYzYxNi00ZmJmLTg0YmItYTI5NjQ2NjkzZGQ0Iiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1675464295933&tid=045818&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiMWIzYTg3ZDctYzYxNi00ZmJmLTg0YmItYTI5NjQ2NjkzZGQ0Iiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1675464295933&tid=045818&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiMWIzYTg3ZDctYzYxNi00ZmJmLTg0YmItYTI5NjQ2NjkzZGQ0Iiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1675464295933&tid=045818&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:23 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=279f6ac7-3007-49e8-52d6-4fcb2f9cb6fa; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Sat, 04 Feb 2023 22:44:23 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
p.yotpo.com/i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjU1OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjg0NSwic2Vzc2lvbl9pZCI6IjE1NmI5YjAwLTdiODItNDQ1OS1iNjZhLTAyZDcxY2IzNjYxMCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1675464295874&tid=919723&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjU1OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjg0NSwic2Vzc2lvbl9pZCI6IjE1NmI5YjAwLTdiODItNDQ1OS1iNjZhLTAyZDcxY2IzNjYxMCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1675464295874&tid=919723&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjU1OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjg0NSwic2Vzc2lvbl9pZCI6IjE1NmI5YjAwLTdiODItNDQ1OS1iNjZhLTAyZDcxY2IzNjYxMCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1675464295874&tid=919723&vp=1280x939&ds=1268x1391&vid=1&duid=d423a740b09e4215&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:23 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=0ba5da27-6e45-4652-6944-212ff7d52389; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Sat, 04 Feb 2023 22:44:23 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1655794&time=1675464294189&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&efe45315-7d68-43a2-83d2-600fd25e9676"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 22:44:23 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675464263:t=1675550663:v=2:sig=AQFKAgw36yM7qEaYgRFoIeG6mKRVtwTL"; Expires=Sat, 04 Feb 2023 22:44:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXz02xCUyIr5kQiLvL/6g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 86C4E348ACE947D0A621943E95F1BBD6 Ref B: OSL30EDGE0417 Ref C: 2023-02-03T22:44:23Z
date: Fri, 03 Feb 2023 22:44:22 GMT
content-length: 0
X-Firefox-Spdy: h2
csmetrics.hotjar.com/
52.209.24.136204 No Content 0 B IP 52.209.24.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 67
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 22:44:23 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1675464262311318&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675464263078
35.85.106.161200 OK 1.4 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1675464262311318&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675464263078
IP 35.85.106.161:0
File type ASCII text, with very long lines (5425), with no line terminators
Hash 4bd224037820332db01968a1f4622e63
3b741766480b1827c3a2960537b8afd391edd1b2
c77285759cc8c042febdc360256a4f79e52a094716c20855542597714d7053d7
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=258631226.1675464294&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%22258631226.1675464294%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%22258631226.1675464294%22%2C%22dcm_gid%22%3A%22307129588.1675464294%22%2C%22mntnis%22%3A%22EfgFDwl3LMkVdLgRIfiISPlx53RX3beb%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=258631226.1675464294&dcm_gid=307129588.1675464294&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1675464262311318&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675464263078 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: guid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 22:44:23 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyMTGIN7IwtlCyMjQzNzUxMzEyMzY3NdRR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCAH7CechGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI0NDA6MTY3NTQ2NDI2Mw==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 42
server: istio-envoy
connection: close
transfer-encoding: chunked
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9&gdpr=&gdpr_consent=
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9&gdpr=&gdpr_consent=
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=4d64dbcf-a414-11ed-811c-1fbb0b03f1f9&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1427249470976846
date: Fri, 03 Feb 2023 22:44:24 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1675464264.9c7b32eb
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
151.101.130.133200 OK 1.0 kB URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
IP 151.101.130.133:0
File type ASCII text, with very long lines (2904)
Hash 907e98e80d8a57fc2f1b8392f7fbeb72
8c34f4718e8ac555c85e7344a379ac1e5b5483dd
10bdeb354adece9a6c943ddc4cd82af3070ac8dff252c558ea66d6d03cd58c76
GET /onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"5ef91d301e12c841bf7513dc6902219f"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 6905
x-served-by: cache-lga21966-LGA, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1675464264.190401,VS0,VE1
vary: Accept-Encoding
x-resp-is-stale: true
content-length: 1037
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3957cd9cd916ca080087e87f1bd68a2e
362d7bf5d8dc4953f62131c95ea711594b268f78
8fa3ca66bc95f3dc5b7ce805f3830cc4f980da12eee6daabd3212eb65c8b2761
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5594
Cache-Control: max-age=101618
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dc6260-117"
Expires: Sun, 05 Feb 2023 02:58:02 GMT
Last-Modified: Fri, 03 Feb 2023 01:24:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef456f33bbf63fab7ff0ab8f7fdf1d9d
dc0f569f5d8f4462e4f5c27f143643dc368d8c41
005d85974dabc7a7039a14927115c25edbd06041aa54f574b5c36cca2fbdd5c8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "005D85974DABC7A7039A14927115C25EDBD06041AA54F574B5C36CCA2FBDD5C8"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=740
Expires: Fri, 03 Feb 2023 22:56:44 GMT
Date: Fri, 03 Feb 2023 22:44:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 111 kB IP 104.18.32.68:0
File type gzip compressed data, from Unix\012- data
Size 111 kB (110765 bytes)
Hash 7e1674541cea9fe0b9fba53a2a63b3f6
af5a854749c4195c5f6667cda3e3873c89c70101
0fb0f1d504870ed21b34e662774b5398907907f3f3d0eb4fd0353a213ef786f3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 17:30:48 GMT
Expires: Tue, 07 Feb 2023 17:30:47 GMT
Etag: "ac5a0e6ae303b9c595755113c417ee8ccb136965"
Cache-Control: max-age=326182,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793eb0e32f14b503-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de6d9cdb81566309df3c42381b3fa384
79a8e2b42b6cc1ec6cc783d85b650350a33d6f47
45ae7401976ff350c5f886b2045758b6c55ee2f8686e94e4f43cd92ddf6c3181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45AE7401976FF350C5F886B2045758B6C55EE2F8686E94E4F43CD92DDF6C3181"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19232
Expires: Sat, 04 Feb 2023 04:04:56 GMT
Date: Fri, 03 Feb 2023 22:44:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06836e0ff4c16e1afd4aa153b567e4fc
2a48108dcb87078d9e2de122404dfef7181ec46f
5f4df49693c93a3c3b008469c85634cda5580e808878ae3895ff8e135563a88d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Last-Modified: Fri, 03 Feb 2023 21:59:03 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b474cb1bd25ab79f0675f031a4a5f808
cc2d2b52ec1267be959e08130c0f8a5a924bff72
346c049b4d27ac11091dc3835c16912617f3f05bc3fffab857553f7a3b5965e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107544
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dc8f60-118"
Expires: Sun, 05 Feb 2023 04:36:48 GMT
Last-Modified: Fri, 03 Feb 2023 04:36:48 GMT
Server: nginx
Content-Length: 280
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
151.101.130.133304 Not Modified 0 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
IP 151.101.130.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"5ef91d301e12c841bf7513dc6902219f"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 03 Feb 2023 22:44:24 GMT
via: 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
etag: W/"5ef91d301e12c841bf7513dc6902219f"
age: 6905
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1675464264.316439,VS0,VE0
vary: Accept-Encoding
x-resp-is-stale: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3957cd9cd916ca080087e87f1bd68a2e
362d7bf5d8dc4953f62131c95ea711594b268f78
8fa3ca66bc95f3dc5b7ce805f3830cc4f980da12eee6daabd3212eb65c8b2761
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Last-Modified: Fri, 03 Feb 2023 21:11:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1d4/Tq8zXXKBwmY
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Tq8zXXKBwmY
IP 142.250.74.163:0
Hash f9ff41672667788bfb8e5cae6ea91718
7d33aaa1a61c41beef45014b5fd15cda853bc533
082526a4ffff64e1a6ece7e6da497433cad4835ea512f425b9789fb9f469bdb3
POST /s/gts1d4/Tq8zXXKBwmY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a12d2b33c93356e001fa930dc46da076
58ca19d7c754b99021682668145d29b066fd268c
eaf60f67e708c99b933f4779d7f467b750e9f00902ea9984deb80571aaa3c981
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EAF60F67E708C99B933F4779D7F467B750E9F00902EA9984DEB80571AAA3C981"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7579
Expires: Sat, 04 Feb 2023 00:50:43 GMT
Date: Fri, 03 Feb 2023 22:44:24 GMT
Connection: keep-alive
cdn-widget-assets.yotpo.com/widget-checkout-redemptions/app.v0.2.78-3934.js
95.101.97.70200 OK 123 kB URL HTTP/2 cdn-widget-assets.yotpo.com/widget-checkout-redemptions/app.v0.2.78-3934.js
IP 95.101.97.70:0
Size 123 kB (123142 bytes)
Hash 1291dc651f8bc99a45b44b6fbf8c4bac
9d26813d77ca098942be60c98f1942ef68cc3a0d
52337e11657fbf6b7500c0e15b02fe114f3c8047dade7cc25f35b14ca8f63a93
GET /widget-checkout-redemptions/app.v0.2.78-3934.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PMuiXCy46GaZZefAUeaWOKQ8WsQJn+bCpsMvQ9K93LvC0vVL4lfuc6WN00yM9JI5WnDUUBXc9n4=
x-amz-request-id: E7T6WY4M2AGFKP31
last-modified: Thu, 19 Jan 2023 10:28:07 GMT
etag: "4ce35a53ff92ec72758044bae810bb95"
x-amz-meta-s3cmd-attrs: atime:1674124085/ctime:1674124085/gid:117/gname:jenkins/md5:4ce35a53ff92ec72758044bae810bb95/mode:33188/mtime:1674124085/uid:110/uname:jenkins
x-amz-version-id: 8eYLQCurZzhS_6fKhCijpSx3BBQ5pEWx
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30202940
date: Fri, 03 Feb 2023 22:44:22 GMT
X-Firefox-Spdy: h2
cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
35.227.237.110200 OK 4.0 kB URL HTTP/2 cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
IP 35.227.237.110:0
File type HTML document, ASCII text, with very long lines (10607)
Hash ea841c153d565985907f8d12822ce9f8
3e706b8dabfb579ca2151302f36a81f8c4c44d8e
ccce95900f9a1063e2ed21831da10a77a3008629d4c7caa66f6b0b18a80f568d
GET /mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn.tapcart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds5rcQ_un7otEHWGSM4bdSnt4A086v_pGlSXPpXwmh9miCZVg9bdRjfLT0HV8VgEe3VzuLHIitbEU7-o-gDxLiYIw
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1601069883388603
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3994
content-encoding: gzip
x-goog-hash: crc32c=BxpSOw==, md5=6oQcFT1WWYWQf40Sgizp+A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3994
server: UploadServer
date: Mon, 30 Jan 2023 13:00:35 GMT
expires: Tue, 30 Jan 2024 13:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 25 Sep 2020 21:38:03 GMT
etag: "ea841c153d565985907f8d12822ce9f8"
content-type: application/javascript
age: 380629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1
151.101.130.133200 OK 11 kB URL HTTP/2 static.klaviyo.com/onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1
IP 151.101.130.133:0
File type Unicode text, UTF-8 text, with very long lines (34072), with no line terminators
Hash 607fe0468230d3bfaa3a62a926b3320f
4be8c81365ebeee01c3ba704d53f5cfeec8779eb
1a3ea4144fffec497f1219534e845da9db9b89b43439432874b26af2ba332367
GET /onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jw+dBUh2+9ZK5qTQrVgGVAnBsm7XVumSn0rubCjlB9LrhdyBRoBfDgKpFu63cGUYt42Rjnmo/8A=
x-amz-request-id: V04WY01XTAWVPYMD
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "5cdc6d282041cb41c958e7b444513477"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: ttpFO4iWwdS_2rfLn9rvfZP1dcN.knlf
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga13621-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 551
vary: Accept-Encoding
content-length: 11352
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e340ecfe1b4bf34d752cb6346ff9adc5
ac5a0e6ae303b9c595755113c417ee8ccb136965
e0ec5d26eb8d0d8a2fb540f87e8e882f39337c2b54d419a4157327373ca5b3ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 17:30:48 GMT
Expires: Tue, 07 Feb 2023 17:30:47 GMT
Etag: "ac5a0e6ae303b9c595755113c417ee8ccb136965"
Cache-Control: max-age=326182,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793eb0e35e2f1c0a-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e340ecfe1b4bf34d752cb6346ff9adc5
ac5a0e6ae303b9c595755113c417ee8ccb136965
e0ec5d26eb8d0d8a2fb540f87e8e882f39337c2b54d419a4157327373ca5b3ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 17:30:48 GMT
Expires: Tue, 07 Feb 2023 17:30:47 GMT
Etag: "ac5a0e6ae303b9c595755113c417ee8ccb136965"
Cache-Control: max-age=326182,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793eb0e3586bb4fa-OSL
static.klaviyo.com/onsite/js/runtime.5e89fbad15ad6bc50dbb.js?cb=1
151.101.130.133200 OK 8.0 kB URL HTTP/2 static.klaviyo.com/onsite/js/runtime.5e89fbad15ad6bc50dbb.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (19473), with no line terminators
Hash 4c22bd089a105c68cc7cd0a6e5390056
a22676675f6a1200420b10e45472e42cda1021cb
93e74cd9d7d7c500587e6b6bb554fdcfe91bd886c90f7560d3505d59516f33b8
GET /onsite/js/runtime.5e89fbad15ad6bc50dbb.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eZAB3eC702nxkpzhANCuu4QTVE8lWyGPn9+EElQlppit9M8T6T1TM5VEMwb2jJ6thuIa4hj3dtzraPZ2Yu8Z+w==
x-amz-request-id: JR283Q7EHGZPD3J0
last-modified: Fri, 03 Feb 2023 17:28:44 GMT
etag: "f27ddd47bfc9beb64b7d3c1aad544c28"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: .7alrscAaTnWmEs8mvC2QYSnwfAI..vu
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga21955-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 920
vary: Accept-Encoding
content-length: 8049
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
151.101.130.133200 OK 12 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (36946)
Hash 85bd273072cb0dd22e5e638154e61527
a4e269d1594e4a29e19290f0f172cb1b1a082df4
58cd1b7f523caa43b29f0fa6d904d3c82491d4829575791ae47ed678a92efe57
GET /onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NenJFBdxfWBWOrE+S1hV2t+qSUo248+eqJkZ7PVIJJ3qO0AWiZoCcLd2/S6IpamlQVrMKAwIbJs=
x-amz-request-id: A9KBBNMK73VM94KF
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
etag: "14d5f5d749c7e30f46242493ff3f2893"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: rBkyHbrwP63IrT54R3TKQ6FrEMZmQNDN
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga21935-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 535
vary: Accept-Encoding
content-length: 12427
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/fender_analytics.655ce7424169cb36416e.js?cb=1
151.101.2.133200 OK 11 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/fender_analytics.655ce7424169cb36416e.js?cb=1
IP 151.101.2.133:0
File type ASCII text, with very long lines (28184), with no line terminators
Hash 9947b9a0c514938c051ff50787786915
d78e9bb27f688655db15ad8ccc5325485e0fa410
73393d7427c388e9784f76014b52851f2d3f17d19308b8f6c6a70eb4afb8748d
GET /onsite/js/fender_analytics.655ce7424169cb36416e.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0ad6sXmXMHiFUp4bdjmrAmBwFWJ1GaCj6pLMFwLo6bZqgTxKuIcly7KnmVyuEfGMLgr3EJYE/tE=
x-amz-request-id: BEFH96F66KX7MCC2
last-modified: Fri, 03 Feb 2023 16:02:43 GMT
etag: "2918e6090a854372153e5cf84e3da824"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: DA49kfUB0O0s32Ljp5UGbAPIecnc3kbk
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga21925-LGA, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 916
vary: Accept-Encoding
content-length: 10897
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/sharedUtils.ae687c467514b4d47273.js?cb=1
151.101.130.133200 OK 14 kB URL HTTP/2 static.klaviyo.com/onsite/js/sharedUtils.ae687c467514b4d47273.js?cb=1
IP 151.101.130.133:0
File type Unicode text, UTF-8 text, with very long lines (36133), with no line terminators
Hash 0db021708abc74dfe85ba118ecc34481
951536046889dba4f7ffb154aba35be53407690d
ba2dacae93edf0e6636740381c4054f26739780f7788fc679065df8d95032a00
GET /onsite/js/sharedUtils.ae687c467514b4d47273.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NnCqawIw1fpak2Up+J8/KtBbkRVWMFjw/MWRIHZNNYB9eiAhAxUuxIE2VC5q8AD8VMdQm3gq5gw=
x-amz-request-id: V04N693NW3B8EEZ0
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "1fb73e0c373ef5c434e6183564900794"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: Fmsfgx1k20uBmvmDBcCPGzYUwE5hl.MF
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga21921-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 797
vary: Accept-Encoding
content-length: 13974
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/static.18cfb961fcdbcf83a5c0.js?cb=1
151.101.2.133200 OK 1.8 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/static.18cfb961fcdbcf83a5c0.js?cb=1
IP 151.101.2.133:0
File type ASCII text, with very long lines (3927), with no line terminators
Hash dad1cfca7e143c6f971f9489945f5e4a
e7df2d2e32ab7bf4642d535c12b22fe700ecef78
bd1e924b8e386b9c009cd573e58318ae3cc3cf7c846022027d269b0d4ac98428
GET /onsite/js/static.18cfb961fcdbcf83a5c0.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cidyFX9R21NtX9uwGBs6mQVv2UQoeiERHmmJg4FpaYUT9NhNCxnaQYj/yfFMLtVKqSmFIRsz3Nc=
x-amz-request-id: E6MHX49K8258SD1W
last-modified: Fri, 03 Feb 2023 16:55:57 GMT
etag: "7956ff796e65e61f53fd9de4075e1360"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: gEtCTjDdAr9iUO0b1dPiDcxMzmi647ro
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 2165
x-served-by: cache-lga21920-LGA, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 924
vary: Accept-Encoding
content-length: 1820
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06836e0ff4c16e1afd4aa153b567e4fc
2a48108dcb87078d9e2de122404dfef7181ec46f
5f4df49693c93a3c3b008469c85634cda5580e808878ae3895ff8e135563a88d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5869
Cache-Control: max-age=155894
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dd3551-118"
Expires: Sun, 05 Feb 2023 18:02:38 GMT
Last-Modified: Fri, 03 Feb 2023 16:24:49 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b474cb1bd25ab79f0675f031a4a5f808
cc2d2b52ec1267be959e08130c0f8a5a924bff72
346c049b4d27ac11091dc3835c16912617f3f05bc3fffab857553f7a3b5965e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dc8f60-118"
Last-Modified: Fri, 03 Feb 2023 21:31:35 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1p5/Ai6Q5jbM7MM
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ai6Q5jbM7MM
IP 142.250.74.163:0
Hash 9a455322f78e939620ee01f5324a39e1
48272b40c8be14b1f94804a965e62c38233383d3
b85e016c1e8548bce6b3b23905172d392d10aef79a84b6099e2d045bc9fce3d4
POST /s/gts1p5/Ai6Q5jbM7MM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash de58fb9e0b3e39d40a0fd88d01b99ecf
21f675f4aecbb5a1f213c9ce3a7765f1414b6842
1e1731cb16612c3a570b3a009fc64ba8abd6a917f57d8525a4c50a774a2d529a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5338
Cache-Control: max-age=129466
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dcd028-117"
Expires: Sun, 05 Feb 2023 10:42:10 GMT
Last-Modified: Fri, 03 Feb 2023 09:13:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3c193d814a8e24c68ae0984b1345c5d7
4e65e27d451dfa3c8bef3f5198987a140d73c0de
73830355362352ae051b388889eb1b7004b061625414ea45d3b4908b3d2b210c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Last-Modified: Fri, 03 Feb 2023 21:25:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de6d9cdb81566309df3c42381b3fa384
79a8e2b42b6cc1ec6cc783d85b650350a33d6f47
45ae7401976ff350c5f886b2045758b6c55ee2f8686e94e4f43cd92ddf6c3181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45AE7401976FF350C5F886B2045758B6C55EE2F8686E94E4F43CD92DDF6C3181"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19232
Expires: Sat, 04 Feb 2023 04:04:56 GMT
Date: Fri, 03 Feb 2023 22:44:24 GMT
Connection: keep-alive
instafeed.nfcube.com/cdn/instafeed-4.7.6.css
172.67.69.247200 OK 3.4 kB URL HTTP/2 instafeed.nfcube.com/cdn/instafeed-4.7.6.css
IP 172.67.69.247:0
File type ASCII text, with very long lines (11747), with no line terminators
Hash 36797ab25e0b35216e25f4e34d4c4106
686ab28ff5a31c47c965247c78ed875fb8a7ce7a
790f9d3a849154bf500bcb34f12065a115f566007309537755a4b0c1f1be4a52
GET /cdn/instafeed-4.7.6.css HTTP/1.1
Host: instafeed.nfcube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: text/css
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: minify
etag: W/"6272756d-2c28"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 04 May 2022 12:45:33 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 1296858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx%2BFFjTeKcWH7%2FNBbrMnpT6GzMCe4es%2F6XaRAeWiWt%2BvDjPVbCJoaBKQ5l%2BZPbJweY2JmWwQiJvHiQk0jC3N2ILb4Cw3dZqRu1VtAojuD%2Fx3MBoaKWjotduNENUfEvQyrvtSIVJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793eb0e40b070b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
151.101.194.133200 OK 14 kB URL HTTP/2 static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
IP 151.101.194.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 77952d282f803f0f2c6889897d7a3db6
f213af41763267f891cfce9e75694b50e5536bdc
48cf51c15c1593a816e2d451ec305543741c7b52f3ab30dc1f3493fc0f9e6d6f
GET /forms/api/v6/JAEB4q/full-forms HTTP/1.1
Host: static-forms.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zorX3CX5PiaCZRId6pYM3N3aoKySYZapJcVwIrXx/Jk3uGJ0IoOJq+ybn1UbYYnmSuhOpK2GHO8=
x-amz-request-id: 1J7ZNJXNM84QP749
last-modified: Thu, 26 Jan 2023 23:14:18 GMT
etag: "1a23a5baa0fb1fe3e2760e31acd57fd2"
cache-control: max-age=5
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/JAEB4q custom-fonts/JAEB4q
x-amz-version-id: SRvAFlZyTWO_m4PAwBgrG1dG2qAVEtJk
content-type: application/json
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
via: 1.1 varnish
age: 679689
x-served-by: cache-bma1674-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675464265.627174,VS0,VE1
vary: Accept-Encoding
client-geo-continent: EU
client-geo-country: NO
access-control-expose-headers: client-geo-continent, client-geo-country
access-control-allow-origin: *
content-length: 13288
X-Firefox-Spdy: h2
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q
151.101.130.133200 OK 710 B URL HTTP/2 fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q
IP 151.101.130.133:0
File type JSON data\012- , ASCII text, with very long lines (710), with no line terminators
Hash 96c15cde38a98734a2aa2f4d411e1f6c
ce486732241fe96c55c1a6bf5580510e4056277e
a2e2869b9247092995cbe2f36fa1ca54c431828c15caa5c094a05ec01ff983ed
GET /custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q HTTP/1.1
Host: fast.a.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, HEAD, OPTIONS
cache-control: max-age=10
content-type: application/json; charset=utf-8
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 22:44:24 GMT
age: 775358
x-served-by: cache-bos4635-BOS, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 2222, 1
vary: Cookie
strict-transport-security: max-age=900
content-length: 710
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
104.16.124.96200 OK 513 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.124.96:0
Hash 49d70b9a2e6a8f56b00e80539d9e30c5
77937ae214a3c05475ec3cee1f6974d6a29eb689
570dc521a6b4508c35f63e6d8e325161f65ebfbb8b618dcb43ca5579a5db1436
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 793eb0e5ac02b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt9f9f0gbb0sUYPKbFN0pJ2rlWjXsEP4ggyRhVJ3qO-EGltV7kL27PHXdx3QfpilUOhCbSgYitVEZOksxCMkx-gmF_5baTf
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Fri, 03 Feb 2023 21:47:45 GMT
expires: Sat, 04 Feb 2023 01:47:45 GMT
cache-control: public, max-age=14400
age: 3399
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Ai6Q5jbM7MM
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ai6Q5jbM7MM
IP 142.250.74.163:0
Hash 9a455322f78e939620ee01f5324a39e1
48272b40c8be14b1f94804a965e62c38233383d3
b85e016c1e8548bce6b3b23905172d392d10aef79a84b6099e2d045bc9fce3d4
POST /s/gts1p5/Ai6Q5jbM7MM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0
3.33.220.150200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0
IP 3.33.220.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 115 kB URL HTTP/2 widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
Size 115 kB (115138 bytes)
Hash 285c78f508a4b30c6825ab55ff2ca117
c03b5c28cbf9ebb98fd0696e33651c26fec44e24
ffe3bcc557ccafca5dcaaf1e2d03acd45aea37fe937a9037d7a7de08697f31a0
GET /aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: hHZwt2NvUg38FIhTVMA1y2SjyBEiHcONrNBq2FOmOXW6eETUQCfVMcZ8QxUCej5dAh4NWD6edtM=
x-amz-request-id: 8MQJY6NZF6CSP0M3
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"6b5ee600d2b0385cffe59f410b014590"
cf-cache-status: HIT
age: 5824
expires: Sat, 04 Feb 2023 02:44:24 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 793eb0e4f86c0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jst.ai/vck-shopify.js
104.17.203.53200 OK 3.9 kB URL HTTP/2 cdn.jst.ai/vck-shopify.js
IP 104.17.203.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7ba185085bc143d7b2f6919ae4ec8ce
c2e1b876b19dbaa407f4a79c8e97cf2f621a6615
c3563b1525935225101f5abd57377ef17603f0ebe6de2bcfbc5d9cc389f76629
GET /vck-shopify.js HTTP/1.1
Host: cdn.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript
access-control-max-age: 3000
cache-control: public, max-age=700000
cf-bgj: minify
cf-polished: origSize=10925
etag: W/"259ddac425e70184b1c9890febcb1a48"
last-modified: Tue, 18 Jan 2022 22:56:21 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-77-cache: HIT
x-77-nzt: AblMCQ3tUfz/vHAGAA
x-77-nzt-ray: c0a4cc28753708ee96b4986319612d13
x-77-pop: stockholmSE
x-age: 422076
x-cache: HIT
x-amz-id-2: pVXGOrNpvK3oKKQf9k2gIw53NNyCQNsaHHRyMTaexA2qruDigYA+SZvRpyFtH7bIdWOiwLjjoi0=
x-amz-request-id: KXR8K7DSJB72E4FE
x-amz-version-id: mkHVrKu9..67dXu1ksQk643SRpaI.rtc
cf-cache-status: HIT
age: 312067
expires: Sun, 12 Feb 2023 01:11:04 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 793eb0e59aa60b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2
91.235.133.113200 OK 12 kB URL HTTP/1.1 imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2
IP 91.235.133.113:0
File type ASCII text, with very long lines (15506)
Hash 173db058eab31cbb70a67b4466a7d037
7aec8a4c3de77bdb07034a98b1c26ce61a3d83c7
36da7711bb03122ea802d2af017051a5fcaa651277d0ce99cfe36441af1db69c
GET /fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:24 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aae7ee7b0031a137b51e79dc17194ccb
66730a8b25bae40e15794fd8b8ae696121a6b13e
a939731a6074ccb4686203bef0adb1865993ab6ea6179150e049836fe5d9d5e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:24 GMT
Last-Modified: Fri, 03 Feb 2023 21:07:09 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a7e69f0eccac18036bc1e5c885e05a52
47b7ccdd76f20fee60312beeb7a84e7633c1efa0
732444758268a7ba151689a40451fe1b455b3d934bf7846ff2ecfc184c5b02de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 22:44:24 GMT
Last-Modified: Fri, 03 Feb 2023 21:04:59 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: glxL-x3PvxSrhrx7q95XZ-Ty7JcR6L-zmhe7KnIlyVwwClaZQkGrXA==
Age: 5965
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a7e69f0eccac18036bc1e5c885e05a52
47b7ccdd76f20fee60312beeb7a84e7633c1efa0
732444758268a7ba151689a40451fe1b455b3d934bf7846ff2ecfc184c5b02de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146649
Date: Fri, 03 Feb 2023 22:44:24 GMT
Etag: "63dd10d0-1d7"
Expires: Sun, 05 Feb 2023 15:28:33 GMT
Last-Modified: Fri, 03 Feb 2023 13:49:04 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Op0-pSmQ4T7yHsiU1hTJgiF6kLrNH3R8MOR5TJoLpFPT_0QYfY9wEA==
Age: 5969
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
152.199.19.160200 OK 31 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65447)
Hash 9b0df0e2d00cb47a92ca0bb8a626a5ca
703ad8039c14079293957cdedacf800e9dab324b
5fc24a6ac6859491a9379b4aaa34017a02599e16cdb47a190993909a62be9dde
GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 17447592
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 03 Feb 2023 22:44:24 GMT
etag: "803056b57d10d71:0"
last-modified: Wed, 03 Mar 2021 22:36:53 GMT
server: ECAcc (ska/F6B4)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30982
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=2
91.235.133.113200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=2
IP 91.235.133.113:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=2 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:24 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
searchanise-ef84.kxcdn.com/widgets.25743.min.js
82.102.27.18200 OK 44 kB URL HTTP/2 searchanise-ef84.kxcdn.com/widgets.25743.min.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (65492), with no line terminators
Hash 0b5cee1a2c6972a5115fa00acd46e22a
037dacab0d6fcea60bf7ce3ab8a00d51989a4c2f
7e606799865cb846ea73d622cf6a460e16309ee3d2f324cd9cfcd6f90f59f9af
GET /widgets.25743.min.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 44081
x-amz-id-2: CvGgly5/vC0aujo89YAm/xjuISv73+oNXC+NgrAIACG/raYPY9jiCp5V+0e6fpkT/AvizjTWY6Q=
x-amz-request-id: GJBVH7WQJA35577T
last-modified: Tue, 31 Jan 2023 07:52:40 GMT
etag: "0b5cee1a2c6972a5115fa00acd46e22a"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: aEdvKqSDTRP8T4jv29RqfQghuDsKJ.RN
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=1
91.235.133.113200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=1
IP 91.235.133.113:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ck=0&m=1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
imgs.signifyd.com/fp/check.js;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
91.235.133.113200 OK 43 kB URL HTTP/1.1 imgs.signifyd.com/fp/check.js;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
IP 91.235.133.113:0
File type ASCII text, with very long lines (6126)
Hash e61c39b326ac915eb7b03b0c2a09d10a
69fdf367d66cc7326ab09c8a6e038229d813dd8f
88aca6ac1020ac08fa011c6562b34ed80999df8dde56059363fc8540afe95539
GET /fp/check.js;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 1722b806e2816541
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
54.231.164.73200 OK 4.4 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
IP 54.231.164.73:0
File type ASCII text, with very long lines (17376), with no line terminators
Hash 0bae611b12a8647d527e1cae062ef1de
87c7daf655d96df6f4e166d7f1046febb83fa0ee
ff6df20364db5d2ca68f93910231e319bef2a5c6c5d1d717835df3b81669eb43
GET /6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IPCggfNSRksYJiYZUtHBWVGIZc5pMX0IXPkE629EkQZ5CEmnqPBTF80R0iJS9fW0pzUjXeLYJNQ=
x-amz-request-id: 2A1YVD3D3W4CVQF8
Date: Fri, 03 Feb 2023 22:44:26 GMT
Last-Modified: Fri, 05 Nov 2021 20:31:42 GMT
ETag: "0bae611b12a8647d527e1cae062ef1de"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: OMUfbyW2HM90knNnHstzkw0ZSAWAKMZO
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 4416
searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
82.102.27.18200 OK 9.3 kB URL HTTP/2 searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (45241), with no line terminators
Hash bb2a58f62647b1891cace1106a8aecea
432e176750c4f7e15a84dddf3252f8566dfae89e
1ed0f96675182dfdd781eeb8e29f9f39a8f3bfa93e9f6ab7a0a3a98a81a06a71
GET /preload_data.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 9339
x-amz-id-2: 3V/zEQvXtcsYISjj6t42OyVKU6moSSZ/HnlPS3UqaNq38uWWpBX4Gwv4SzYEm8qc11Ee+V2vgSc=
x-amz-request-id: 2A1W92BSS54FCB28
last-modified: Fri, 03 Feb 2023 05:37:46 GMT
etag: "bb2a58f62647b1891cace1106a8aecea"
cache-control: public, max-age=86400
content-encoding: gzip
expires: Sat, 04 Feb 2023 05:37:45 GMT
x-amz-version-id: nU3j9m25iB8IzaBcZGUrffvcCXy8C8tj
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/ls_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
91.235.133.113200 OK 13 kB URL HTTP/1.1 imgs.signifyd.com/fp/ls_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
IP 91.235.133.113:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 8d932ba24187d8844751d7251f7d1505
bb0294fd1ef5c93aa151db622b55dcf33a02dfaa
15e2f5984f91dd8afa6713a255eacc041800e9cd83e3ef25d9679170785099e0
GET /fp/ls_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3b362e6c73633d3565303b696e3a6f3632313f3e3b6967306f336d603a346e6e6c663d31613739
91.235.133.113204 No Content 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3b362e6c73633d3565303b696e3a6f3632313f3e3b6967306f336d603a346e6e6c663d31613739
IP 91.235.133.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jb=3b362e6c73633d3565303b696e3a6f3632313f3e3b6967306f336d603a346e6e6c663d31613739 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
82.102.27.18200 OK 1.7 kB URL HTTP/2 searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
IP 82.102.27.18:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (6679), with no line terminators
Hash 32a7a48418f2d538bffdd15c761caa62
226c69356ad0f585a68d86c51283b87cb4258330
af0da83cf2ec628f0f84ce82949d7003c2e0f7f507a3d0855258ce5ce16c3c0d
GET /templates.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 1669
x-amz-id-2: iO5njUTZOyw69Hnwv6qKxa5GK1fr2eabJYTQTm3qtlvskaR6YZl8oS7AIxcbx/bUYdqxjsGx+cE=
x-amz-request-id: 2A1V626DA0R7AT22
last-modified: Fri, 03 Feb 2023 00:11:30 GMT
etag: "32a7a48418f2d538bffdd15c761caa62"
cache-control: public, no-cache
content-encoding: gzip
expires: Fri, 03 Feb 2023 00:11:28 GMT
x-amz-version-id: 9EZZawTB8mksQsr3PPwu00S4Q86uW0c2
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/top_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
91.235.133.113200 OK 13 kB URL HTTP/1.1 imgs.signifyd.com/fp/top_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
IP 91.235.133.113:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 8ba4eb3faa5a8330208fd052b4addf06
23026f786303b8194d4730b674943aede8246046
25cafcfd0289e5a7358a0b412c3fa3a141af18c28e355207eba1218908561701
GET /fp/top_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ja=3e333f2626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46373630383332323e383b2f30446f7a6e6d7a712d38463e673c633e6939383b3230336663343664393e333c613b323a6c3d3c316e68632e667a3f2c60603d693136353463316566386f3a3b3a36613c3e6d3033693d3038646d313b6b69302e6a736d3d4c696e77702c6079603f4661786d6e6d702f32383338372c627b6f7d3d4c6b6e757826687b687f37446b726d6c67702466626335333e2464657c70353026767a643d55564b2c676b766a7235383031346a32386b323f6768693c646e613860613861363b39336e3c6161613a3a396b373e6f31303069326b316c393c61613634306433363c3c683f643639382c783572647f67616c576466697b682d354564616c73652378667f6d6b6c5f7f63666c6d7f795f65676c6b6b57786c69796570253545666364796f2b726e756f636657636c65626d5d696178676a617c25354766616c7367297a667f656b6e577b7d6161637e6965672d374f6e696c7b6521726c7567696c57796265616977697c6d2d374d6c6164716d237a647d67616e5f7065616c706e69736f782737456e6b647b67297a6c7d65616c557e646357706c6379657225374d6c6b6671672178667d6f6b6655646d74696e7c7a2d354d66616e736521706e7d6d63645d71766f557e61677f6f722d374d646b647b6529706c7767696e5f68697c6b2f37476669667b6d246b696435333e37383a3b&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438
91.235.133.113204 204 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ja=3e333f2626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46373630383332323e383b2f30446f7a6e6d7a712d38463e673c633e6939383b3230336663343664393e333c613b323a6c3d3c316e68632e667a3f2c60603d693136353463316566386f3a3b3a36613c3e6d3033693d3038646d313b6b69302e6a736d3d4c696e77702c6079603f4661786d6e6d702f32383338372c627b6f7d3d4c6b6e757826687b687f37446b726d6c67702466626335333e2464657c70353026767a643d55564b2c676b766a7235383031346a32386b323f6768693c646e613860613861363b39336e3c6161613a3a396b373e6f31303069326b316c393c61613634306433363c3c683f643639382c783572647f67616c576466697b682d354564616c73652378667f6d6b6c5f7f63666c6d7f795f65676c6b6b57786c69796570253545666364796f2b726e756f636657636c65626d5d696178676a617c25354766616c7367297a667f656b6e577b7d6161637e6965672d374f6e696c7b6521726c7567696c57796265616977697c6d2d374d6c6164716d237a647d67616e5f7065616c706e69736f782737456e6b647b67297a6c7d65616c557e646357706c6379657225374d6c6b6671672178667d6f6b6655646d74696e7c7a2d354d66616e736521706e7d6d63645d71766f557e61677f6f722d374d646b647b6529706c7767696e5f68697c6b2f37476669667b6d246b696435333e37383a3b&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438
IP 91.235.133.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&ja=3e333f2626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46373630383332323e383b2f30446f7a6e6d7a712d38463e673c633e6939383b3230336663343664393e333c613b323a6c3d3c316e68632e667a3f2c60603d693136353463316566386f3a3b3a36613c3e6d3033693d3038646d313b6b69302e6a736d3d4c696e77702c6079603f4661786d6e6d702f32383338372c627b6f7d3d4c6b6e757826687b687f37446b726d6c67702466626335333e2464657c70353026767a643d55564b2c676b766a7235383031346a32386b323f6768693c646e613860613861363b39336e3c6161613a3a396b373e6f31303069326b316c393c61613634306433363c3c683f643639382c783572647f67616c576466697b682d354564616c73652378667f6d6b6c5f7f63666c6d7f795f65676c6b6b57786c69796570253545666364796f2b726e756f636657636c65626d5d696178676a617c25354766616c7367297a667f656b6e577b7d6161637e6965672d374f6e696c7b6521726c7567696c57796265616977697c6d2d374d6c6164716d237a647d67616e5f7065616c706e69736f782737456e6b647b67297a6c7d65616c557e646357706c6379657225374d6c6b6671672178667d6f6b6655646d74696e7c7a2d354d66616e736521706e7d6d63645d71766f557e61677f6f722d374d646b647b6529706c7767696e5f68697c6b2f37476669667b6d246b696435333e37383a3b&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjE3NzA2ODI5M2YzYzM0MDhiNjg1NGE5Iiwic2Vzc2lvbl9pZCI6ImMwNDE4MDhkZTIwNTRlMjQ5MGRhMjE0ZjAyNjY4Njg0IiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
35.190.54.17200 OK 609 B URL HTTP/2 shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjE3NzA2ODI5M2YzYzM0MDhiNjg1NGE5Iiwic2Vzc2lvbl9pZCI6ImMwNDE4MDhkZTIwNTRlMjQ5MGRhMjE0ZjAyNjY4Njg0IiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
IP 35.190.54.17:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6802175f61adc40617e8ba87a30aa6bd
14c099df9dae2f8586dd5f38f7afd9b3d2e277e5
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
GET /pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjE3NzA2ODI5M2YzYzM0MDhiNjg1NGE5Iiwic2Vzc2lvbl9pZCI6ImMwNDE4MDhkZTIwNTRlMjQ5MGRhMjE0ZjAyNjY4Njg0IiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9 HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdulNriNVjJOZF6VYIGCwVC0iqnmG3EE00lnE5qw0QhGqbcShU4HeR8Mc90_Rh40vHH7kH0ZM2JXqpcJFVTxUKj20A
vary: X-Goog-Allowed-Resources
x-goog-generation: 1505923927946539
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 609
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 609
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 03 Feb 2023 22:09:13 GMT
expires: Fri, 03 Feb 2023 23:09:13 GMT
cache-control: public, max-age=3600
age: 2112
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
etag: "6802175f61adc40617e8ba87a30aa6bd"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/items_modern.25743.css
82.102.27.18200 OK 5.3 kB URL HTTP/2 searchanise-ef84.kxcdn.com/items_modern.25743.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (19323)
Hash c635789bf9f87204bb46737ac1e2287b
33c5e15194fc632f769525c256db9a8acaec7555
a35b7164144839746b028898510550f9fd777b42b6ccb26f44359af59ad803cd
GET /items_modern.25743.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: text/css
content-length: 5263
x-amz-id-2: ettqelKp80v4o1jBJOBkYklkEclaL48Zlm4ciurhNY7iVukNLt/A3sU5sU2/kfMkVK89Gn4yss0=
x-amz-request-id: GJBZ4ZDT3EXYFE4G
last-modified: Tue, 31 Jan 2023 07:52:44 GMT
etag: "c635789bf9f87204bb46737ac1e2287b"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: N9lrx2u2WkCjVVhgLs2_dxDid9yAYDhp
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/results_big_pictures_new.25743.css
82.102.27.18200 OK 11 kB URL HTTP/2 searchanise-ef84.kxcdn.com/results_big_pictures_new.25743.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 80e6eded7d05ac53ba809e70a883179e
a56d38e5b912016e313deae2aba839aef11ba4fe
cffaed344a0bcff6eee249b527d22372b5799bcc7ad9789741751a67dcc781c1
GET /results_big_pictures_new.25743.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: text/css
content-length: 11413
x-amz-id-2: prwhMtXiLVeZ6JXzSYi6IDbMNjiKgFV69J22kdaZbYQ18+uyCUD5/MA7eV2ZLCk/La593PCe3WM=
x-amz-request-id: 38D40BEPS9ABZK2F
last-modified: Tue, 31 Jan 2023 07:52:49 GMT
etag: "80e6eded7d05ac53ba809e70a883179e"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: 976jURukWTnYrhESeUsToE7d6P3dEkUQ
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png
91.235.133.113200 OK 253 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png
IP 91.235.133.113:0
Hash 98f143c198e23995bef8554b37667666
10712eb003169f357c0e18b139008c02e04ba9ea
ff3a686d230a89ba8fbc856924a20c6380ec513d079ba1027a77181e91534c1e
GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, w2txo5aa/1722b806e2816541919042154drinkorgainmyshopifycom
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 03 Feb 2023 22:44:25 GMT
Expires: Wed, 02 Feb 2028 22:44:25 GMT
Etag: d91c0f272c704a17a41b5d9feebf07af
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://orgain.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
searchanise-ef84.kxcdn.com/recommendation.25743.css
82.102.27.18200 OK 4.5 kB URL HTTP/2 searchanise-ef84.kxcdn.com/recommendation.25743.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (30725)
Hash f2f0c0be9c18246c35b8f062b067330b
f07be01f1f7a0ac2a15e6a633441a12f23a4afd0
dcf259a989dcc5dcec61c18ae7ed82e486f40b0c71df33842c621e459ab1ebe0
GET /recommendation.25743.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: text/css
content-length: 4517
x-amz-id-2: PAHWAn0l7gvclV6PjjZdx+P77nyv1Z2lFqHA362ln6dsTFEKBUx0X5cZKgeHAPkkUmKOVHLa0uKlHBo34syAY/IBqAfeb+hz
x-amz-request-id: GJBTS06KX5EVVZDV
last-modified: Tue, 31 Jan 2023 07:52:43 GMT
etag: "f2f0c0be9c18246c35b8f062b067330b"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: Xnm9PAecgdz87BBytRCRN6nBDPF8Wj4G
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aae7ee7b0031a137b51e79dc17194ccb
66730a8b25bae40e15794fd8b8ae696121a6b13e
a939731a6074ccb4686203bef0adb1865993ab6ea6179150e049836fe5d9d5e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5518
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:25 GMT
Last-Modified: Fri, 03 Feb 2023 21:12:27 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 79fdc56cb40d08c09b820ee32f6a8308
3feaab9d8ed3a713040a12b4bbd43f6a3914a7fa
53e30b9a6e6c73b819889922012be8fb5aa49addb3579c966178216c22deb99a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 22:44:25 GMT
Last-Modified: Fri, 03 Feb 2023 21:18:17 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M_ji3t_ZI01cJ0ji5te74yz7MWDXFB1tlL5RwMju9Snz8HQrG5dl5w==
Age: 5169
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3b362e6c73603d323564646e6c6938333362303e3b39633069356b343e666e3830386c38643331
91.235.133.113204 No Content 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3b362e6c73603d323564646e6c6938333362303e3b39633069356b343e666e3830386c38643331
IP 91.235.133.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3b362e6c73603d323564646e6c6938333362303e3b39633069356b343e666e3830386c38643331 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
widgets.automizely.com/aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 48 kB URL HTTP/2 widgets.automizely.com/aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
File type ASCII text, with very long lines (63581)
Hash d6994bdfd79f1ca9ddf5b25b8abe1532
2cad2c611cabd7869171929df1d913c332d17fca
8847864aa879035a18aba857ab6d456939f3d6e2bbea57f7dfad056cdc8852d1
GET /aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Pf2+Cmgi9EuNYdJpcLYjvFOwK77h0rwqirHhJkQ5Ca+63Wb916nMKLoMpQfzCp8d+873IHfP658=
x-amz-request-id: 8FMV141GHZ2Z70DX
cache-control: public, no-cache
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"814a77c1d853089f232466daaa15cfbc"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 793eb0e528a20b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtb1722b806e2816541am1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtb1722b806e2816541am1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&di=yes HTTP/1.1
Host: w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtb1722b806e2816541am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
nytrng.com/iframe?vcp=4dd5h0np&as_id=c041808de2054e2490da214f02668684
75.2.91.175200 OK 409 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=c041808de2054e2490da214f02668684
IP 75.2.91.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (409), with no line terminators
Hash 756ad9e8685bad6debf722ec3b1c2d3e
99e98de663ebee4f01f2fea59646893369786b63
d9d39db21bc245393b0c01019742b9467581f7c11c2644ed665f8705ce1460b6
GET /iframe?vcp=4dd5h0np&as_id=c041808de2054e2490da214f02668684 HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: text/html; charset=utf-8
content-length: 409
server: gunicorn
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear1.png;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3c313026736b645f726e66357e6e785d7b49416d5a6c565d474c72314d7847622e7361645f666174653d333e3d3f3e34363231322e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c3238303036663032313a303a323d6730336e6b6e3f313c6c323b6731346e6d6a336d33396038303263343c6b333a3332393f3e3f6a633f3265393b6a336c6a3b623b3339373931623836396c3c6b3761376b686d31673e39356e3539356c6b3d363d323964663736303638326f3f60363230386a69636e3f64303338643f6938306b666261267369645d7b636d373132343e3a3a3a33383a6569373966323b39613c386533376234613b3e3a3b3d3a31316b3e6b3a30386c353b303b3a393b39613e61363537353530323b6b6b6e3b32636b683c6e32313d303a3039323a6b6a333939636030646330316c6b3f683767333d33386c603d38313e306d30383d6a363b32633b35616331376c3269396061386b68693b3b3d3d353c303a666f2e7b696e723d32
91.235.133.113204 204 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear1.png;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3c313026736b645f726e66357e6e785d7b49416d5a6c565d474c72314d7847622e7361645f666174653d333e3d3f3e34363231322e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c3238303036663032313a303a323d6730336e6b6e3f313c6c323b6731346e6d6a336d33396038303263343c6b333a3332393f3e3f6a633f3265393b6a336c6a3b623b3339373931623836396c3c6b3761376b686d31673e39356e3539356c6b3d363d323964663736303638326f3f60363230386a69636e3f64303338643f6938306b666261267369645d7b636d373132343e3a3a3a33383a6569373966323b39613c386533376234613b3e3a3b3d3a31316b3e6b3a30386c353b303b3a393b39613e61363537353530323b6b6b6e3b32636b683c6e32313d303a3039323a6b6a333939636030646330316c6b3f683767333d33386c603d38313e306d30383d6a363b32633b35616331376c3269396061386b68693b3b3d3d353c303a666f2e7b696e723d32
IP 91.235.133.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541&jf=3c313026736b645f726e66357e6e785d7b49416d5a6c565d474c72314d7847622e7361645f666174653d333e3d3f3e34363231322e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c3238303036663032313a303a323d6730336e6b6e3f313c6c323b6731346e6d6a336d33396038303263343c6b333a3332393f3e3f6a633f3265393b6a336c6a3b623b3339373931623836396c3c6b3761376b686d31673e39356e3539356c6b3d363d323964663736303638326f3f60363230386a69636e3f64303338643f6938306b666261267369645d7b636d373132343e3a3a3a33383a6569373966323b39613c386533376234613b3e3a3b3d3a31316b3e6b3a30386c353b303b3a393b39613e61363537353530323b6b6b6e3b32636b683c6e32313d303a3039323a6b6a333939636030646330316c6b3f683767333d33386c603d38313e306d30383d6a363b32633b35616331376c3269396061386b68693b3b3d3d353c303a666f2e7b696e723d32 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=94
app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
35.227.244.1200 OK 31 kB URL HTTP/2 app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
IP 35.227.244.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (35485)
Hash 6089e268e4cd7f32d3bc71e410ced3eb
9ef382e05abeecab0cf16a29907be8f58be8ab8f
24234085754540ee2fcefbc4e64b30aeb81160b48d0cde772affe7f420b4959e
GET /app/datapartners/status?usersite_id=6177068293f3c3408b6854a9 HTTP/1.1
Host: app.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
etag: W/"0467ba22658b680d6de72dc567071b5bc495547f"
set-cookie: _xsrf=2|375d1e53|53c5f7ca831f2e4e2a2afcffdf24eb2c|1675464264; Path=/
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3ox8tdk614ykk.cloudfront.net/address_validate.js?shop=drink-orgain.myshopify.com
143.204.42.220200 OK 10 kB URL HTTP/2 d3ox8tdk614ykk.cloudfront.net/address_validate.js?shop=drink-orgain.myshopify.com
IP 143.204.42.220:0
File type ASCII text, with very long lines (10492), with no line terminators
Hash 5be44c8c7dad31ec6b2128b699b3052b
689619424cf53b4c4c27bac88e9eeda2c79ed84d
96a53756ace93a7097a10b6f901f425e2ee05f79efcdf4ee7358b3683c9fbf44
GET /address_validate.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: d3ox8tdk614ykk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 10492
date: Fri, 27 Jan 2023 23:35:14 GMT
last-modified: Fri, 27 Jan 2023 23:34:39 GMT
etag: "5be44c8c7dad31ec6b2128b699b3052b"
cache-control: max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nw7ddPxRr6xHX-pCBXieZeZDqpZLxAPkfQLfERmM3LxrZw8Znq-xoA==
age: 601752
X-Firefox-Spdy: h2
d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com
143.204.42.54200 OK 469 B URL HTTP/2 d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com
IP 143.204.42.54:0
Hash aa4027e1bb8d4cc0b494e2d5e154cd5c
1471183f8a518668b6a638254c12f527f9ea0e93
614ce7afcab38ef386e7a57aa60bd50ddd3fa7217cbcd4c54b984d1d2c8f0945
GET /shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: d34uoa9py2cgca.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 463
last-modified: Sun, 25 Mar 2018 15:39:33 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 06:13:11 GMT
etag: "374fb5d08db800d032c4e963eb0a8687"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b3ydWz9jvxVJsrmqVZR7c91aVbMTysRUFj7I5bMyretSiWE0Kpu80A==
age: 59475
X-Firefox-Spdy: h2
cdn.nytrng.com/pl.2.2.min.js
143.204.55.58200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 22:48:45 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UWFz-o5ui32ZzB48AnniOINjIF2eluaayb09O3CNwh0wqjg7KcJ6fQ==
age: 1804803
X-Firefox-Spdy: h2
affiliatepluginintegration.cj.com/getPluginJS?shop=drink-orgain.myshopify.com
54.230.111.112200 OK 6.3 kB URL HTTP/2 affiliatepluginintegration.cj.com/getPluginJS?shop=drink-orgain.myshopify.com
IP 54.230.111.112:0
File type ASCII text, with very long lines (6270)
Hash ea9966cdb6654dcef4f92ece53324874
aa21a6e95fb4e85b07107e368494f3f7e73fe73c
b0df744c6f50d9734f2b3273d168013acfbf9d37048c496eaac24d71cc1c9759
GET /getPluginJS?shop=drink-orgain.myshopify.com HTTP/1.1
Host: affiliatepluginintegration.cj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 6319
server: CloudFront
date: Fri, 03 Feb 2023 22:18:13 GMT
cache-control: max-age=1800
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QupBhZZIFsLbMk11HAuqWRKvBVpe4b5UceK8YJAa-J7e0TYse5ZDAA==
age: 1572
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
91.235.133.113204 No Content 539 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
IP 91.235.133.113:0
Hash a60910f13965e612cfdf73d3d4f28918
fc3f45ece54590221eff2d08227021c6186d5682
1c778ad25eced6ae3d68087fb86544cbe688433c0e1e43e66f127746cf85d0fd
POST /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 6
Origin: https://imgs.signifyd.com
Connection: keep-alive
Referer: https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=7AAA0D40993C1F5C12F6AA7B4BECF92A?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=1722b806e2816541
Cookie: thx_guid=41e24e28eccd9c58638e7c70c8b3a8b5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 03 Feb 2023 22:44:25 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dc82d40cd1dc1669b99a2a5bb0579950
42bd3646bacdc85e0b984b625b72aca240421854
d8f4fd91db4899925e13aba96e11f6b0a39cb8f4711340fc7ef21063142efa16
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4646
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 22:44:25 GMT
Last-Modified: Fri, 03 Feb 2023 21:26:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
checkout.shopify.com/7408320621/sandbox/google_maps?locale=en-US
23.227.38.33200 OK 0 B URL HTTP/2 checkout.shopify.com/7408320621/sandbox/google_maps?locale=en-US
IP 23.227.38.33:0
GET /7408320621/sandbox/google_maps?locale=en-US HTTP/1.1
Host: checkout.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:19 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
vary: Accept-Encoding
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=315569520; includeSubdomains
x-shopify-stage: production
content-security-policy: frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=fca9e39f-272e-4d86-abf9-c3af6cc6737e
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=fca9e39f-272e-4d86-abf9-c3af6cc6737e
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=https%3A%2F%2Forgain.com%2F; Expires=Fri, 17-Feb-23 22:44:19 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F7408320621%2Fsandbox%2Fgoogle_maps%3Flocale%3Den-US; Expires=Fri, 17-Feb-23 22:44:19 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_y=0f51bd75-9e82-44e9-b675-0e85e37c7c7d; Expires=Sat, 03-Feb-24 22:44:19 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_s=70cb7149-27e7-4aef-b7e9-d738be8c3cce; Expires=Fri, 03-Feb-23 23:14:19 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_y=0f51bd75-9e82-44e9-b675-0e85e37c7c7d; Expires=Sat, 03-Feb-24 22:44:19 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_s=70cb7149-27e7-4aef-b7e9-d738be8c3cce; Expires=Fri, 03-Feb-23 23:14:19 GMT; Domain=shopify.com; Path=/; SameSite=Lax
x-request-id: fca9e39f-272e-4d86-abf9-c3af6cc6737e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z83CB7NVie1%2BkEWt%2F7enFst4uZatVUWrqv12zl24O%2FL5Z%2Fyto7%2BGE243cLHkZH0pHowOFeZVp5kDTCR6GzgVHzp%2FNfFVmdHj4Weajw93iKD%2BFy51RAbP50Ye4u5Osv%2Fym5V8d5rC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=285.999775
server: cloudflare
cf-ray: 793eb0c7595fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/7408320621/assets/122909950061/checkout_stylesheet/v2-ltr-2021-01-25-b00d3a20261eec6ce82db3c2d8b0f010-61438
23.227.60.200200 OK 0 B URL HTTP/2 cdn.shopify.com/app/services/7408320621/assets/122909950061/checkout_stylesheet/v2-ltr-2021-01-25-b00d3a20261eec6ce82db3c2d8b0f010-61438
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /app/services/7408320621/assets/122909950061/checkout_stylesheet/v2-ltr-2021-01-25-b00d3a20261eec6ce82db3c2d8b0f010-61438 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=31556952, public
link: <https://cdn.shopify.com/app/services/7408320621/assets/122909950061/checkout_stylesheet/v2-ltr-2021-01-25-b00d3a20261eec6ce82db3c2d8b0f010-61438>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b3a5c0af-e2f7-4667-ae7d-efb01b0711e8
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
last-modified: Thu, 02 Feb 2023 20:23:54 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfHLKCx%2BvOjzfnzEocZ6Q9hqkDy3BRu2rWzR9Op%2B%2Bj7G7kO2q91OgOqfVqT0QDJV5%2FpFmk9NDuZ3PdByP5lBI7wfeqFOhLREdnqPq5WPGE2LtmzNRmfCBrn1okIhtI58Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=7017.535, imageryFetch;dur=7016.925, cfRequestDuration;dur=182.999849
server: cloudflare
cf-ray: 793eb0bd9c13b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
3.33.220.150200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
IP 3.33.220.150:0
GET /track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/widget-referral-widget/app.v1.6.8-2130.js
95.101.97.70200 OK 0 B URL HTTP/2 cdn-widget-assets.yotpo.com/widget-referral-widget/app.v1.6.8-2130.js
IP 95.101.97.70:0
GET /widget-referral-widget/app.v1.6.8-2130.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: p3wq8p+wv0ph/FCLVQaUdLN+9bI2egWMal5a30to9TY3N+SGupOe7yGupIVGfJUwvHObBp9SAjk=
x-amz-request-id: ZZ2GXQ3MEMV9MCN0
last-modified: Thu, 18 Feb 2021 15:50:31 GMT
etag: "cbfe12d046c66b46838f5a1437733c7d"
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1613663430/atime:1613663430/md5:cbfe12d046c66b46838f5a1437733c7d/ctime:1613663430
x-amz-version-id: aAxw4nFcBgG1NbaHPfCdbZfeNESECXAu
accept-ranges: bytes
content-type: text/plain
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 03 Feb 2023 22:44:22 GMT
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
54.230.82.240200 OK 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 03 Feb 2023 19:12:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nkZUSQB2uatF_yCrmI-3VzU9VrWk6O7_WJHscb59uIt167DMUQs4SQ==
age: 12710
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
GET /aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: bYcyAh/Jj1vIQOQwmtGTkmISI5RR5dtE5guOKJyW2XuIhUjSavfz843D062ohyCnppUJDUmg3cc=
x-amz-request-id: 8MQKBVB5NKH75478
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"a0629c9eea780e8f21ab0bdb2518e3e7"
cf-cache-status: HIT
age: 5824
expires: Sat, 04 Feb 2023 02:44:24 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 793eb0e3af7f0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js
23.227.60.200200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 67ea930f-a5a0-4332-a30b-179a4c79a93c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 12 Dec 2022 13:01:44 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKGEMW4jS7uEQGOrPak3uwy3xhZ0CfRRp18pcn9RDJtiiFNllopnB7PEV1dgr3bvheAFnKPPMrSvSpvM70XaDZlmbh%2BDSEw9WHJevkn1qFxOoLuCBkmU7J%2F%2BdcMK0Dz5Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=35.277, imageryFetch;dur=35.086, cfRequestDuration;dur=150.000095
server: cloudflare
cf-ray: 793eb0bdcf8c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
172.67.69.247200 OK 0 B URL HTTP/2 instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
IP 172.67.69.247:0
GET /cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: instafeed.nfcube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=19872
etag: W/"6269c6e5-4da0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Apr 2022 22:42:45 GMT
pragma: public
vary: Accept-Encoding
x-rule: cdn migration
cf-cache-status: HIT
age: 173627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8RfxBTjh9rFkWpd49CJhn78ijKjtaOxSfsV9AOtNLMu61%2B%2BgKbU0tJQMCVs8Z9NbRpLqbys9i76bkZmixBWTL3Uax8kxEx8ViUIHon%2F8aDmAAv84rjIIeufXbaVKHvDNCIqcPmB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793eb0e38abb0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
23.227.60.200200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:18 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 43fd8e2f-e3b0-414a-988e-06d08f642d31
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 01 Dec 2022 03:46:03 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSfSHeYqy4Sc74oU4IbeHRi27fWh77qSrSu8gX%2F2fdKoYTZwwNqw1RGO9LfMp4sBLNMoXk2VXl%2Be%2FpNUpehcS%2B0AXpYnOGlSllAQFqEObV5Q70YqEH4p4rHkzgOUKJtOLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=22.363, imageryFetch;dur=22.135, cfRequestDuration;dur=189.999819
server: cloudflare
cf-ray: 793eb0bd9f701bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.octaneai.com/b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com
172.67.14.78200 OK 0 B URL HTTP/2 app.octaneai.com/b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com
IP 172.67.14.78:0
GET /b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com HTTP/1.1
Host: app.octaneai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: HIT
age: 5824
last-modified: Fri, 03 Feb 2023 21:07:20 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 793eb0e43c7eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.shopifyapps.com/assets/checkout/script.js?shop=drink-orgain.myshopify.com
185.146.173.20200 OK 0 B URL HTTP/2 delivery.shopifyapps.com/assets/checkout/script.js?shop=drink-orgain.myshopify.com
IP 185.146.173.20:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /assets/checkout/script.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: delivery.shopifyapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
cache-control: public, must-revalidate
etag: W/"fe03f50715ad6e133396e4cb9a3d72eca261760d5055b7fd087eceff49887fd2"
x-request-id: 6f16b671-29f8-4f60-8a71-84597d19c90c
x-runtime: 0.002049
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDIT9A67p%2Fuiymb8QoSowhF4pZG3s7Fi14NnqrWFB%2FIYuUz%2BBiaHltzWwd2eZmpJEikNJYrAEDg7j5hRf35agxMfEaXE3JeNgXC5w4M6eXh%2B1KUzSCZJu1m0w6hD0ruosrs%2FfbuK4QaJPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: processing;dur=2, socket_queue;dur=2.933, cfRequestDuration;dur=312.999964
server: cloudflare
cf-ray: 793eb0e408feb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdks.automizely-analytics.com/analytics/v1/dc.js
104.21.81.185200 OK 0 B URL HTTP/2 sdks.automizely-analytics.com/analytics/v1/dc.js
IP 104.21.81.185:0
GET /analytics/v1/dc.js HTTP/1.1
Host: sdks.automizely-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: jhYqPMyV1xOi76W1F6oZikbyvrQq3xw7GTrLtOFigSoNKsuBfvOElMQTUpSDMI68CmC5Ev8Ldcg=
x-amz-request-id: QYRH95QCVWT7R1RG
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 07:26:21 GMT
etag: W/"d07f68d3dbe0be573d011a72f8eb1dd6"
cf-cache-status: HIT
age: 49
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjEaaVfTmtH82OwYJJdy1ShYn54LcSMiNJB0x7b%2Fs9zOxKGqWxoqvmfyy%2BSoHQZ%2FULsghsxpY7Q7ZTUVJxqYn5phLwKog2fbGzmF1Yfjai038iIe4%2BxsKsAQuw9ZVHKkM7AsAowfr1t19sCWHdyhWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793eb0e58fd61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
184.164.145.37200 OK 0 B URL HTTP/2 searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
IP 184.164.145.37:0
GET /widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com HTTP/1.1
Host: searchserverapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/x-javascript
last-modified: Tue, 31 Jan 2023 07:52:38 GMT
etag: W/"63d8c8c6-1b08"
expires: Fri, 03 Feb 2023 22:44:23 GMT
cache-control: no-cache
access-control-allow-origin: *
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
23.227.38.32302 Found 0 B URL HTTP/2 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
IP 23.227.38.32:0
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 03 Feb 2023 22:44:17 GMT
content-type: text/html; charset=utf-8
location: https://orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
x-frame-options: DENY
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
set-cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV5TXpFMlpEUTNZVGxtTjJOa09UVmtNalV5T1dZME1HWXpOV1ZpTUdSbFpBWTZCa1ZVIiwiZXhwIjoiMjAyMy0wMi0yNFQyMjo0NDoxNy4wNjlaIiwicHVyIjoiY29va2llLm9yZGVyIn19--76dbb91a9daa4e910e5198d9fa1929f395b2902c; path=/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc; expires=Fri, 24 Feb 2023 22:44:17 GMT; secure; HttpOnly; SameSite=Lax
_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=563d0213-d404-4ffe-ba2b-5c404a92533c; Expires=Sat, 03-Feb-24 22:44:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=1e2e22a1-c52d-4d9f-b087-d03d66d904c7; Expires=Fri, 03-Feb-23 23:14:17 GMT; Domain=orgain.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=7b009577-59cb-44a8-b744-539eec344bc5
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=7b009577-59cb-44a8-b744-539eec344bc5
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
x-request-id: 7b009577-59cb-44a8-b744-539eec344bc5
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVKnLMLOH8aycOT7Yw8gBy0N9LRLCKkjAYFi%2BTaxFRVAawR%2BHdQo7adf4JM9VJybrtBVcODfAQ9kRROc%2F7T35AcVDA6P5P9EtvK2rCKfzorzkUN39bweKk10oJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=398.000002
server: cloudflare
cf-ray: 793eb0b5abeab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: yezh5c4GnUp1hT8JJk4T9kozu0WDUjnZ+kWZVF3y2YPaosIuGv6rm3QrNEj7woiaMnj/H66ZxEPgnX2/hpKlrg==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 22:44:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2222193.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2222193.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-2222193.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 Feb 2023 22:44:21 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/6f863c07d1bc9f4decc8c0cf23d11ea8
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cTAjO7hDJREq61CZaqQQ36we2A315gbvhzp7kNaQG6o9auB7oaVPxg==
X-Firefox-Spdy: h2
easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
188.114.96.1200 OK 0 B URL HTTP/2 easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
IP 188.114.96.1:0
GET /redirect-app.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: easyredirects.esc-apps-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/javascript
cf-bgj: minify
age: 5825
etag: W/"9643234c1fa77f5a0767132cdbd8bd1a"
last-modified: Thu, 10 Mar 2022 10:52:17 GMT
vary: Accept-Encoding
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-id: wrUdv8BoOZK4PDVOhL5PSVX-LJFWyqPc_AyJKuhr4ZtYAEfCgrXADw==
x-amz-cf-pop: OSL50-C1
x-cache: Hit from cloudfront
cache-control: max-age=3600
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjEfWWz1aNifNdPPtdH%2FvZX4DDlQ18%2F%2FIVlxHuICEkX126LMAacm%2BG9e4O4dzzxqDU%2B0Fis46quwoqMQA7Y2ZkrWwCPlqa2K5%2FzvMHEkVvmtzDqsPnMUpo3bzVzipzgyQ0eJz7hmmpZxetFUjJzGsNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793eb0e3ae8b1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
104.17.202.53200 OK 0 B URL HTTP/2 scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
IP 104.17.202.53:0
GET /shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: scripttags.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:24 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=411
etag: W/"af7993c2ff57b7b07fbeafbaae56fa81"
last-modified: Tue, 18 Aug 2020 17:32:56 GMT
x-77-cache: HIT
x-77-nzt: AblMCRSIA2b//FUMAA
x-77-nzt-ray: af58563002f291730fd4bf63d3121c14
x-77-pop: stockholmSE
x-age: 808444
x-cache: HIT
x-amz-id-2: gVrEH9OQA41WSGTzVndmBHz9llDC0fqyPC/W4Ahei2iNB2ese8fVfMEsvz6zkLCNWn2930f5DsA=
x-amz-request-id: YGX77S50VP08CQMN
cf-cache-status: HIT
age: 5824
expires: Sat, 11 Feb 2023 22:44:24 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 793eb0e429f6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.jst.ai/ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6
104.17.203.53200 OK 0 B URL HTTP/2 my.jst.ai/ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6
IP 104.17.203.53:0
GET /ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6 HTTP/1.1
Host: my.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: application/json
cache-control: public, max-age=30
last-modified: Fri, 03 Feb 2023 14:44:25 PST
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
cf-cache-status: EXPIRED
expires: Fri, 03 Feb 2023 22:44:55 GMT
set-cookie: __cflb=04dToS6decDvtn94xCdmQthrL5q991KdoA833q4SbX; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-23 23:14:25 GMT; HttpOnly
server: cloudflare
cf-ray: 793eb0e7ff080b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/download_app_card.html
104.19.169.102200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/download_app_card.html
IP 104.19.169.102:0
GET /aftership/download_app_card.html HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 22:44:25 GMT
content-type: text/html; charset=utf-8
x-amz-id-2: DtCm4TJGM6Wq1M1Qf2c2ip1G5j9OWv2RlauaU7LL8bQ+TOjQiidO6FyZ5iOUXKK7AvnSzM/5qOw=
x-amz-request-id: 2A1MVCYDQHS3CFQN
cache-control: public, no-cache
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 793eb0eb7e770b65-OSL
content-encoding: br
X-Firefox-Spdy: h2