orgain.com/collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake
301 Moved Permanently 225 B URL HTTP/1.1 orgain.com/collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 0fd515f03230621c0358aeaa8e8a3f0c
c1f856e9c4751353587410c5c3eb57dcb110cfe5
ba9de3cb64e44ba523e5a56c3a3bc855dd5e6f857a158819fbe393694dcc152b
GET /collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 21 Jan 2023 23:11:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 108
X-Sorting-Hat-ShopId: 7408320621
X-Storefront-Renderer-Rendered: 1
Location: https://orgain.com/collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake
X-Redirect-Reason: https_required
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 7408320621
X-ShardId: 108
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
X-Request-ID: 24a7bc5d-e782-4e69-9205-a75814212c1e
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdoPUt5fJZIZKlKuumKn6RU69Cg%2FuVyDoO9qUN%2F3%2FBCp%2F2KJeLdHWfxmUsTdGZ6gcXzMgTJy5Pb3siWUJxPFPzl7MYr79WCev5UUTzwwNN4WZ%2Fd9AAuFkaV0HIg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: processing;dur=14, db;dur=5, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=171.000004
Server: cloudflare
CF-RAY: 78d3ba55bf3eb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4516
Expires: Sun, 22 Jan 2023 00:26:31 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5578
Expires: Sun, 22 Jan 2023 00:44:13 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 22:34:45 GMT
content-type: application/json
age: 2190
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19478
Expires: Sun, 22 Jan 2023 04:35:53 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ch3VdMbDrnjCQtW1lPNYoyCtpUjh46GQp0FBm6v7xFhygX39MF2DSO7HXa3DEXv7mpSQbEXiiiw=
x-amz-request-id: 9DB4K6N3TZ28WRM3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 22:47:02 GMT
age: 1453
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8541959714ce152a0096a29d5db84fb
131f8e8e6f3c05c4a2db71fea89e7e8f1f7866d0
97184ce66d34714b0a7e71da01aaf2c7fa4ca38635bc7123aa4fe64f3f9c63d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97184CE66D34714B0A7E71DA01AAF2C7FA4CA38635BC7123AA4FE64F3F9C63D5"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 22 Jan 2023 05:11:15 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8541959714ce152a0096a29d5db84fb
131f8e8e6f3c05c4a2db71fea89e7e8f1f7866d0
97184ce66d34714b0a7e71da01aaf2c7fa4ca38635bc7123aa4fe64f3f9c63d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97184CE66D34714B0A7E71DA01AAF2C7FA4CA38635BC7123AA4FE64F3F9C63D5"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 22 Jan 2023 05:11:15 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15ba07243d8edda30f5a90b52108c444
ca72cd13cf9c2ee11ea991fa5f988eef7b01b2f3
a34f369c9e92d917c61ab18a8722ea38cd061127990f27204afac403bd1c28f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34F369C9E92D917C61AB18A8722EA38CD061127990F27204AFAC403BD1C28F9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18692
Expires: Sun, 22 Jan 2023 04:22:47 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15ba07243d8edda30f5a90b52108c444
ca72cd13cf9c2ee11ea991fa5f988eef7b01b2f3
a34f369c9e92d917c61ab18a8722ea38cd061127990f27204afac403bd1c28f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34F369C9E92D917C61AB18A8722EA38CD061127990F27204AFAC403BD1C28F9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18692
Expires: Sun, 22 Jan 2023 04:22:47 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15ba07243d8edda30f5a90b52108c444
ca72cd13cf9c2ee11ea991fa5f988eef7b01b2f3
a34f369c9e92d917c61ab18a8722ea38cd061127990f27204afac403bd1c28f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34F369C9E92D917C61AB18A8722EA38CD061127990F27204AFAC403BD1C28F9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18692
Expires: Sun, 22 Jan 2023 04:22:47 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15ba07243d8edda30f5a90b52108c444
ca72cd13cf9c2ee11ea991fa5f988eef7b01b2f3
a34f369c9e92d917c61ab18a8722ea38cd061127990f27204afac403bd1c28f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34F369C9E92D917C61AB18A8722EA38CD061127990F27204AFAC403BD1C28F9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18692
Expires: Sun, 22 Jan 2023 04:22:47 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15ba07243d8edda30f5a90b52108c444
ca72cd13cf9c2ee11ea991fa5f988eef7b01b2f3
a34f369c9e92d917c61ab18a8722ea38cd061127990f27204afac403bd1c28f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34F369C9E92D917C61AB18A8722EA38CD061127990F27204AFAC403BD1C28F9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18692
Expires: Sun, 22 Jan 2023 04:22:47 GMT
Date: Sat, 21 Jan 2023 23:11:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.css?v=15489174626454023701674087628
200 OK 44 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.css?v=15489174626454023701674087628
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (51095)
Hash ea47e98163b3a8f2e418665c0ab8f648
fd70f09b9de995f0f138afe63fe8c5d96f3dd62d
c3a195bdf157cbc8da32d321353d57ae8dfa4d6c3c3368b6bf516e0fd1002c26
GET /s/files/1/0074/0832/0621/t/665/assets/theme.css?v=15489174626454023701674087628 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 0b888b75-3ab7-4d39-9040-c45d11160d49
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Thu, 19 Jan 2023 00:20:31 GMT
cf-cache-status: HIT
age: 252018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On7RkDEmtnOmhzUh8iDKcZbJVeffo0e6SqUSEqrcVpVwmaiB%2FRaBRZrzXQn8p1nemiLkeiC1wWhp564tkEWrFHJEWNg7UK9qcB6FWmvKc70ST5gMFLHkUfEr%2FKOfvd2bJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=94.924, imageryFetch;dur=64.740, cfRequestDuration;dur=96.999884
server: cloudflare
cf-ray: 78d3ba5a79e2fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
orgain.com/collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake
404 Not Found 81 kB URL HTTP/2 orgain.com/collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20485)
Hash a83cc0dcad6ab9674a729fd9b4fec803
a20cb104a048fbdf2440184d6433dcabaee47c79
92015faf7c5456d332f610e94415df5696f85d8b856a2f347e86aa40585af794
GET /collections/drinks/products/20g-plant-based-protein-shakehttps:/orgain.com/collections/protein-shakes/products/20g-plant-based-protein-shake HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
x-storefront-renderer-rendered: 1
set-cookie: keep_alive=86685059-d7e6-49b9-bb65-5b47d6a7bf19; path=/; expires=Sat, 21 Jan 2023 23:41:15 GMT; HttpOnly; SameSite=Lax
cart_currency=USD; path=/; expires=Sat, 04 Feb 2023 23:11:15 GMT
_cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=orgain.com; path=/; expires=Sun, 22 Jan 2023 23:11:15 GMT; SameSite=Lax
_y=17c089e6-9565-4983-82bb-bba37fa98132; Expires=Sun, 21-Jan-24 23:11:15 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=0871978d-3c9a-4365-abb0-c6516e142b5d; Expires=Sat, 21-Jan-23 23:41:15 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=17c089e6-9565-4983-82bb-bba37fa98132; Expires=Sun, 21-Jan-24 23:11:15 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=0871978d-3c9a-4365-abb0-c6516e142b5d; Expires=Sat, 21-Jan-23 23:41:15 GMT; Domain=orgain.com; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-alternate-cache-key: cacheable:07717ff318540899f00fa5604b82752c
x-cache: hit, server
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 7408320621
x-shardid: 108
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
x-request-id: 5d826f26-4bac-4fd1-91e7-71d596ad01e1
x-download-options: noopen
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QivcJSD%2Fjqz7qq3wJ2sjE58%2BAYqLH5nIhArTuVTudJc8U7OQNEn%2BCGEafC3OKHcFRJfP%2BwuX0X27w5pIxV6LbUhT9eAcwXqz6K8tK3yD8HQRhXfpw7XPOlNq6eA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=27, db;dur=12, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=286.000252
server: cloudflare
cf-ray: 78d3ba588ec70b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-789606081
200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-789606081
IP
File type ASCII text, with very long lines (6573)
Hash 9ae8bd5e86e6692de1b9fdeb00aa034e
d97c3f4c5d5b5cec65da6a12a5e8631cd2d5230e
4478fbb056552865fc57732ae915f0cf640a172d778b62766e50dbc60f300093
GET /gtag/js?id=AW-789606081 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 23:11:15 GMT
expires: Sat, 21 Jan 2023 23:11:15 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q
200 OK 1.0 kB URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q
IP
File type ASCII text, with very long lines (2904)
Hash 29d5d987fba89d07a05fddab1ba839a2
55ff2137857d8ce69516b9ae247a4b83e945e21e
070ffab7a8a3e4f3941d75f504f4f8eb29834313300f5f1010923e73705d50bb
GET /onsite/js/klaviyo.js?company_id=JAEB4q HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"3c96ed32080050e15caa0aacc122e549"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:15 GMT
age: 89820
x-served-by: cache-lga13624-LGA, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1674342676.683219,VS0,VE1
vary: Accept-Encoding
content-length: 1038
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-401519874
200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-401519874
IP
File type ASCII text, with very long lines (1921)
Hash 1069c29d7bb5d82620663eef7b7c9403
66c0bd610d5984859ea691c73bdeb14ee7bff3a5
2052007de231dc6bfbd0b5bffed5ffe19370e87f2fe69093b6bac9f724c7329d
GET /gtag/js?id=AW-401519874 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 23:11:15 GMT
expires: Sat, 21 Jan 2023 23:11:15 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 20:38:32 GMT
expires: Sun, 21 Jan 2024 20:38:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 9163
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 22:48:58 GMT
age: 1337
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
use.typekit.net/hve6bnt.css
200 OK 817 B URL HTTP/2 use.typekit.net/hve6bnt.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 32b37ccc53a2f31f92e82ce9df39a870
8d53e37488e9c45eb4b88eb016b181447816aeaa
5e5ee5412fb9bf800eca0bb60bbbc13f1410a6ac80bac01f207925f0e5211480
GET /hve6bnt.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 817
date: Sat, 21 Jan 2023 23:11:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/otp7vvr.css
200 OK 585 B URL HTTP/2 use.typekit.net/otp7vvr.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 0c221258450133edd22d6c348d783b20
7d38f58557473be17a2712949549f4d9210b3356
e68a5219d17578d8fb9f251801937a8c2e9529016832de3b258789a9e93c00a5
GET /otp7vvr.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 585
date: Sat, 21 Jan 2023 23:11:15 GMT
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.js?v=64153904576584936851674087629
200 OK 26 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.js?v=64153904576584936851674087629
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash bdc981502ecf683c00c445c29e67964c
37a0bc0ea3e5e4cf2b91f6a088f42c50eaa833df
98c51a8914ef9efb75fdc9d9491662d2cee0761aac962e4f94046a67c27dca4b
GET /s/files/1/0074/0832/0621/t/665/assets/theme.js?v=64153904576584936851674087629 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/theme.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: ad86d18d-0ba9-4158-9bcb-a1e5d00f4af4
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
last-modified: Thu, 19 Jan 2023 00:20:31 GMT
cf-cache-status: HIT
age: 252018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwCaDb0OkHDJaBGHT4hdsq%2B1p2Ct3GSsrtRTB%2Bi5nRM3pPOCBGvSELbVpKfhGAskLniQgtSWQNWwuoT2wR6uCkhlTpQO3m%2BHb%2BWVy6x%2FDaMrXheEFI4xXWrHcebzm8TA6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=61.571, imageryFetch;dur=43.261, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 78d3ba5ada1dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6383
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:15 GMT
Last-Modified: Sat, 21 Jan 2023 21:24:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
p.typekit.net/p.css?s=1&k=otp7vvr&ht=tk&f=28122&a=1307898&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=otp7vvr&ht=tk&f=28122&a=1307898&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=otp7vvr&ht=tk&f=28122&a=1307898&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=hve6bnt&ht=tk&f=28749.28752.28754.28757.28760.28762&a=17543494&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=hve6bnt&ht=tk&f=28749.28752.28754.28757.28760.28762&a=17543494&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=hve6bnt&ht=tk&f=28749.28752.28754.28757.28760.28762&a=17543494&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
200 OK 12 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
IP
File type ASCII text, with very long lines (36946)
Hash 85bd273072cb0dd22e5e638154e61527
a4e269d1594e4a29e19290f0f172cb1b1a082df4
58cd1b7f523caa43b29f0fa6d904d3c82491d4829575791ae47ed678a92efe57
GET /onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NenJFBdxfWBWOrE+S1hV2t+qSUo248+eqJkZ7PVIJJ3qO0AWiZoCcLd2/S6IpamlQVrMKAwIbJs=
x-amz-request-id: A9KBBNMK73VM94KF
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
etag: "14d5f5d749c7e30f46242493ff3f2893"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: rBkyHbrwP63IrT54R3TKQ6FrEMZmQNDN
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
age: 89826
x-served-by: cache-lga21935-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 25117
vary: Accept-Encoding
content-length: 12427
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/runtime.9a4041dfcca9e1641efb.js?cb=1
200 OK 8.1 kB URL HTTP/2 static.klaviyo.com/onsite/js/runtime.9a4041dfcca9e1641efb.js?cb=1
IP
File type ASCII text, with very long lines (19473), with no line terminators
Hash ffe85caaac0501146a22bae94a70e336
8f6d253f7f3d0f73f613e39abfaa34c95abbecf4
282d9def34d8183013919d0d0051eee05c3f18ae3d623167839ddd3ee4a7fe59
GET /onsite/js/runtime.9a4041dfcca9e1641efb.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hph6/AtPEElxQZ3cG0ekXIFIIzBHXNJzWf75iWraSygacJeYNCsv2QJOjHd0erfnVH3bsvF3QA0=
x-amz-request-id: 2QPKVXRPWRMWFYAQ
last-modified: Thu, 19 Jan 2023 16:06:03 GMT
etag: "342e47673a32a6143beda7d881542162"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 8E8TX0rBYq33eU6g_EBPwZP9Lky599Lg
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
age: 89827
x-served-by: cache-lga21983-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 39070
vary: Accept-Encoding
content-length: 8053
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
200 OK 24 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (32755)
Hash b09d27a4f2f73135100bb09f9bab64a5
b05d1d4b11ff426ba4f7b1c62f128c17974abefb
3963e3735de6301cc2281a8061a46fb79893aa3b2501bc0672bb71100eeeb963
GET /shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 6ce98486-01ba-42dc-a85d-b4f10737909b
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Fri, 26 Aug 2022 03:53:21 GMT
cf-cache-status: HIT
age: 217639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNoBEGUXcedz7bilrTXboiOLnOCf2T3v5TtyUFe%2BnzUxzJASTbIVcZt%2FpjJ5a1udrENeblvWkkHUqPJ3m%2BdK5QI%2BlbGXhbfaOXlbNeb3yK5C8qMZd9TwHHm%2BPoOc85on0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=16.370, imageryFetch;dur=16.158, cfRequestDuration;dur=103.999853
server: cloudflare
cf-ray: 78d3ba5a7bfcb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qAh2QvwxkH/o+3yyBaBUWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yY+TQADXzfHQEvE6mVGBEZygYIc=
static-us.afterpay.com/javascript/present-afterpay.js
200 OK 58 kB URL HTTP/2 static-us.afterpay.com/javascript/present-afterpay.js
IP
File type Unicode text, UTF-8 text, with very long lines (50830), with NEL line terminators
Hash 159d13b1eaf1bebb9062eb2ff9433972
b6d2b07bbcdaf3a73c044119f87675c04f68fca8
018c785f6b5f11e9f6adb1df28c5715af3a46a5067976a4518923f745f0ef122
GET /javascript/present-afterpay.js HTTP/1.1
Host: static-us.afterpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Mon, 08 Mar 2021 20:41:35 GMT
x-amz-version-id: _dEVtS5BWj9ns3aBIO2VEUDdAkiFdwxE
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jan 2023 22:52:25 GMT
etag: W/"39a97151f15d23ae34bcc32fd988dde8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GUWvvjeRASshH9PSdrp3_dciB0Gq6w-AxACfVxeT24iFAb8YTl5pUw==
age: 1161
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/static.afc80bee31dc9e622dc1.js?cb=1
200 OK 5.3 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/static.afc80bee31dc9e622dc1.js?cb=1
IP
File type ASCII text, with very long lines (12659), with no line terminators
Hash 11ebf21f15c50424dd6beb159a12b25e
bdd433be7297384f5660dfe49154d266dda64432
c13b107bff92bbb4ed98886fa87d14faba7f3010b9f9d502eaf133e2321c51cb
GET /onsite/js/static.afc80bee31dc9e622dc1.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZFZ8THkCuT87hlNdYT/1gE0cGMwUOTZwHkpxdf7ULnVqWD+3NU8uwHPgGM4vlbagxFgSA7mLY3o=
x-amz-request-id: 8QKB1CHS4E49FXPS
last-modified: Mon, 05 Dec 2022 14:41:22 GMT
etag: "9aa89eda5d828bf8fce2ee83e11483a0"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: jO5CINofch2U3rpuRhEwzIKTUk198WIK
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
age: 89827
x-served-by: cache-lga21925-LGA, cache-bma1675-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 35976
vary: Accept-Encoding
content-length: 5321
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
200 OK 16 kB URL HTTP/2 sc-static.net/scevent.min.js
IP
Hash 7c86c46c8f3a32e131be89b0e1b5ffaa
4e9a8a5b2c27c898dc6f1a6e166e53a3873c78ae
617a529bf3589f4604dc7c72f2532d7e999d44120e32fa535fe31b98784e1ec5
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Sat, 21 Jan 2023 23:11:16 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 22 Jan 2023 22:21:36 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3uTNzpJxWHJLDLLPP7ES7cCn14iyh6a-87L5fmKQTsklNjuEOIBjiA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 901251426b462434a1f2327a74aa8431
edd27f595ccfe8bbc90fbae9d809be7407061279
86a14fa65ff89c567880e81f87293ed28afece88f45a9d742fa474cfd5ceff74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86A14FA65FF89C567880E81F87293ED28AFECE88F45A9D742FA474CFD5CEFF74"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14564
Expires: Sun, 22 Jan 2023 03:14:00 GMT
Date: Sat, 21 Jan 2023 23:11:16 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash a7799daf7d2e34ecc2dc52f92b408936
4693aafdffe0d9f5cb4ac519a1403dbc467efe67
a9347df88c5588621bea3b474d603907697d79f9d039520f30d9b0e9572884b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:16 GMT
Last-Modified: Sat, 21 Jan 2023 21:50:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn.shopify.com/extensions/1271edce-f5ff-49af-83e0-1d493583a921/1.0.0/assets/hulkapps-cookebar.js
200 OK 348 B URL HTTP/2 cdn.shopify.com/extensions/1271edce-f5ff-49af-83e0-1d493583a921/1.0.0/assets/hulkapps-cookebar.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 2fb95e8da1f111492bd5c6fbc8430ccd
57660fc040d2e68d7edf2cbf9b12664bff2e02e9
45bb8dc0f49f715844cec31e792c65f1b4e3e78c9917e3510275867871ad08c5
GET /extensions/1271edce-f5ff-49af-83e0-1d493583a921/1.0.0/assets/hulkapps-cookebar.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/extensions/1271edce-f5ff-49af-83e0-1d493583a921/1.0.0/assets/hulkapps-cookebar.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 48a6013d-c933-4d38-b064-3ba2adf01ae6
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 04:17:33 GMT
cf-cache-status: HIT
age: 12855125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ns4hK43LhWuPakkodUV1nAsj0w4D9pNxOenjjayG2hQQaava3isQJJnniLxhlHnwyYEPBZ2%2BPgakQ0odiRU0qyLZz66EtwdrHIjvtLn2Ge8cN4Dh7Rv163CLwOUBGuo0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=47.818, imageryFetch;dur=47.664, cfRequestDuration;dur=13.000011
server: cloudflare
cf-ray: 78d3ba5a99eefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1
200 OK 471 B URL HTTP/2 static.klaviyo.com/onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1
IP
Hash a7799daf7d2e34ecc2dc52f92b408936
4693aafdffe0d9f5cb4ac519a1403dbc467efe67
a9347df88c5588621bea3b474d603907697d79f9d039520f30d9b0e9572884b3
GET /onsite/js/sharedUtils.3de4f7002f4cb2b9833f.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rjXa6WzcApvwnCzg9VsgyIOa9Z/+AOdyUep+nz2C9l8Y9WmzTkf/3AyXkbcFBNADbgKH7kTMl9s=
x-amz-request-id: FA9HX3FB03RQ4E33
last-modified: Wed, 11 Jan 2023 17:07:32 GMT
etag: "41ee777bf771519f538138ed79a3786d"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 9aF2q4NxY0Kun_gDXNyDk5ygoGoGgvoW
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
age: 89827
x-served-by: cache-lga21943-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 36470
vary: Accept-Encoding
content-length: 13990
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=33b14418-ffd9-419b-b9e4-c03004404ac5
200 OK 6.7 kB URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=33b14418-ffd9-419b-b9e4-c03004404ac5
IP
File type ASCII text, with very long lines (23416), with no line terminators
Hash 77583503c65fd94187c4418dffc49c98
8f4e8b928fdd3fdc5ba1dc02e03e58a015569963
15fbb7cd4c6fe1c6c1cb2f5e4c95119ca48e37584bcca9ed8c69fd30b08b7d8c
GET /ekr/snippet.js?key=33b14418-ffd9-419b-b9e4-c03004404ac5 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: application/javascript
x-amz-id-2: wgG7/9HV3bQU7I+Ah2oxXUAZdsiNm8K0kv1pWTY+aklOBknmm9BSQ/1PjHsieIHLFxOvYSIc1no=
x-amz-request-id: 8ZFJD0E6K2PJH837
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 39
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZJrjk%2BBYLDA0q%2FxjXYn3G2DpiJFghBLJgVaOc7He%2FEr9hqXPQvB%2BphJ%2BSEbx1AjivAUg2tm7XB1HOR0n2AAxf6pnD%2BeERzv5qDDl0DMtLTZ0JwzmNRqes5gZLNCtDC5pW0notU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba5a9b94b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cookiebar.hulkapps.com/hulk_cookie_bar.js?extension=true&shop=drink-orgain.myshopify.com
403 Forbidden 741 B URL HTTP/2 cookiebar.hulkapps.com/hulk_cookie_bar.js?extension=true&shop=drink-orgain.myshopify.com
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ce388a2a0e0d902c4f63a7d5cfd4ef48
6a9d0666cf6fe7562d5f63a839a578b0954f949d
ad64d1e7c5d87f76cfa6687e1bab75bb452748948ec485d6569493b04d20df0e
GET /hulk_cookie_bar.js?extension=true&shop=drink-orgain.myshopify.com HTTP/1.1
Host: cookiebar.hulkapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/json; charset=utf-8
status: 403 Forbidden
cache-control: max-age=14400
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block, 1; mode=block
x-request-id: 98991ab6-3d05-44f6-b3a9-3701a7c109a8
x-download-options: noopen
x-runtime: 0.008041
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-powered-by: Phusion Passenger(R) 6.0.12
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm90Nl0tZVmvMKiZOJ97P%2FBjKQTbta3caW7kj%2FebBJM7I9h%2BD5JHKnLJjwK6fYxgeP9%2BObB%2BV2cTa3vs69OopZmCXRj%2Fwq8zgx9cbDM%2ByS4LHp6hsg0QSPf%2B03s65slUrzQ9Tk%2B07zI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba5f0f47b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
200 OK 13 kB URL HTTP/2 static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 31aff58e492b4e70f75564507fc34ae5
2f625abd13518d1ca1694ef4900512501b3b4f54
cb2100c7017e53a5c3c7dcba83f1326dd3c75aa9510a7c20e384dacf179aed0f
GET /forms/api/v6/JAEB4q/full-forms HTTP/1.1
Host: static-forms.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4yuvmpdKnfxHQWNu+BWBBjjuB+j6JNdEgTOMkOBQSNN79CraGS8j1IU+mvY4fm5I/MVZR1JdjOE=
x-amz-request-id: KT798Y3VYVE9JXWD
last-modified: Wed, 18 Jan 2023 22:18:40 GMT
etag: "15361b004350f67f55cc415d07d83407"
cache-control: max-age=5
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/JAEB4q custom-fonts/JAEB4q
x-amz-version-id: x64E.067bD2JEx8GfhH5E2eJk5egkOJY
content-type: application/json
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:16 GMT
via: 1.1 varnish
age: 252018
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674342677.530041,VS0,VE3
vary: Accept-Encoding
client-geo-continent: EU
client-geo-country: NO
access-control-expose-headers: client-geo-continent, client-geo-country
access-control-allow-origin: *
content-length: 12858
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=85ee7c33-4a96-4ae8-ae60-3a9074aa94ae&u_sclid=ac53f19e-2913-4597-a506-9862cdf91819
200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=85ee7c33-4a96-4ae8-ae60-3a9074aa94ae&u_sclid=ac53f19e-2913-4597-a506-9862cdf91819
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&u_scsid=85ee7c33-4a96-4ae8-ae60-3a9074aa94ae&u_sclid=ac53f19e-2913-4597-a506-9862cdf91819 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 13
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a7799daf7d2e34ecc2dc52f92b408936
4693aafdffe0d9f5cb4ac519a1403dbc467efe67
a9347df88c5588621bea3b474d603907697d79f9d039520f30d9b0e9572884b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:16 GMT
Last-Modified: Sat, 21 Jan 2023 21:50:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
config.gorgias.chat/gorgias-chat-bundle.js?rev=a53fb725&applicationId=11178
200 OK 169 kB URL HTTP/2 config.gorgias.chat/gorgias-chat-bundle.js?rev=a53fb725&applicationId=11178
IP
File type ASCII text, with very long lines (33046)
Size 169 kB (168898 bytes)
Hash 080babca25bdc3d00a0e0cc563370be9
73dfbca32ecbf7ab93c7a52e83db4f20d2837efc
365bd132a8f904302ee4ff7c2e882903883d6a48fca06dd87a1ca7b57c55ac37
GET /gorgias-chat-bundle.js?rev=a53fb725&applicationId=11178 HTTP/1.1
Host: config.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: max-age=31536000
etag: W/"6d8ad-BiSwSB6nxMBJJmwMt+O/2yggeds"
via: 1.1 google
cf-cache-status: HIT
age: 52164
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba5f8c21b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
200 OK 148 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
IP
File type ASCII text, with very long lines (50805)
Size 148 kB (147735 bytes)
Hash e850d676acb3f75bf7ef01754d850ce8
bc21a174781ddeb300d94d5127789fb43971b373
2075df7b267ce5c9f4d81916deaf26b2caf6757b5637d24ee514b463051125d6
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 6
correlation-id: 324764ee-3953-40ab-8355-3799f096cef6
x-kong-upstream-latency: 53
x-kong-proxy-latency: 10
content-length: 147735
cache-control: public, max-age=10128
date: Sat, 21 Jan 2023 23:11:16 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=160
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP
File type ASCII text, with very long lines (4593), with no line terminators
Hash fc322cd537acbe09a494306a9191124a
757cca3916c8efd2ded11be90b3e8a790b5b73dc
2406d172868e70c8fa25558401afc349b30abae39e0090ed0d11d7367692d170
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 21 Jan 2023 06:03:07 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XqXDivx8wyEHxVI0FthUw35wgjyJjxg-RNDkhZM9VDUHEk7TrODxiw==
Age: 61690
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash 91c4ea42bc7f1df938d8cd8de8d598db
ccecbe4405d83510ca1a6291c374ea8ab1da33d9
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.afterpay.com/afterpay-1.x.js
200 OK 65 kB URL HTTP/2 js.afterpay.com/afterpay-1.x.js
IP
File type ASCII text, with very long lines (65463)
Hash 3cdc2562a509c2b5ccbc3f316b4b6e5e
824911aa4cbf2553a7f05ac3273116fe7ef254da
44488d434de6403e7750496b7d293a88ebff219587f9d4de189648c0ef0cad8a
GET /afterpay-1.x.js HTTP/1.1
Host: js.afterpay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
x-amz-id-2: hTTG1YcCtmcVGIkGADy9JMTm1LMygEFn8Gl0buCHFQgnTap6Mn5Ve+rEtwm7987NGOHG3M+XA18=
x-amz-request-id: 1M6HTJAP40CJY0X9
last-modified: Tue, 17 Jan 2023 05:54:25 GMT
etag: W/"235a8c438d2c3b018b38e847f2d854e2"
cf-cache-status: HIT
age: 340
expires: Sun, 22 Jan 2023 00:11:15 GMT
cache-control: public, max-age=3600
set-cookie: __cf_bm=bh7jCwmVmc6pKjqiYXSAH4cH_RDSFITvUxfJpdM7xS8-1674342675-0-ATeQVKfmc0t7BcYrVxZwd3jG5zZ+f6Y+OLY7/v15iqt7rzEHDn9eRnOel6IChjt+BsFekXSwZh7aa6XQ7QCBjoTiQg04QpaS4nsWh4+w0ivb; path=/; expires=Sat, 21-Jan-23 23:41:15 GMT; domain=.afterpay.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78d3ba5aa866b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP
Hash 5e3d0c695f3dc3e53ed27298d8f57a1e
4af3da48301b7052d7dff0fa0f0fd9a2f1cff0e2
40aa00683c3dbf147668ac4962215ed723ba74249812a93672e74877f2c4867e
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
200 OK 5.8 kB IP
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsBZBa0rpK7m_n0uYXfAY3TSuIZX3QR3-cSBaEBkAMq02eXh8FQAPG96ZvibBHO1O-J7-WP8uhNWDbflEnGBk_MuQ
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 21 Jan 2023 23:08:43 GMT
expires: Sun, 22 Jan 2023 00:08:43 GMT
cache-control: public, max-age=3600
age: 153
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
200 OK 40 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
IP
File type ASCII text, with very long lines (65423)
Hash 99057d0c6591036eac20884700cea1cc
3f6dfd2ea6da5697f67d8dfb724a47173b7dc591
f03feb9859fa06e78526e7c0485e5b845f952cafad3e626b465e9936a39df9e5
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
etag: W/"99057d0c6591036eac20884700cea1cc"
x-request-id: f43d303b80b925cdbd3d466e5c610aa8
x-runtime: 0.136123
access-control-allow-headers: *
content-length: 39591
cache-control: public, max-age=10189
date: Sat, 21 Jan 2023 23:11:16 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.mczbf.com/tags/384165514209/tag.js
200 OK 16 kB URL HTTP/1.1 www.mczbf.com/tags/384165514209/tag.js
IP
File type ASCII text, with very long lines (49099)
Hash 24bb5934dec342ded2890369f055f046
ec5298b826f50bcc343425d1e4a15835c8918fe6
95cd7826f911692ca1c617a015bce5d63104665135621c790c3c8e82d65dc57f
GET /tags/384165514209/tag.js HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 21 Jan 2023 23:00:55 GMT
X-Request-ID: 7637d2f6-99df-11ed-81cf-59029225ac23
Server: nginx
Cache-Control: max-age=1800
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vr0FLCeoeq6vQPSdk4FW8vMN2GCmWq6xydDa5pHzz-u30iDuaS_Mfg==
Age: 621
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP
Hash 5e3d0c695f3dc3e53ed27298d8f57a1e
4af3da48301b7052d7dff0fa0f0fd9a2f1cff0e2
40aa00683c3dbf147668ac4962215ed723ba74249812a93672e74877f2c4867e
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shop.pe/widget/widget_async.js
301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash a62aa481fefd14685674daefce0a9aa7
09a643a2f874a4811781207afde14baa230286be
b806532f5d8fefbcad8dfff3441ca986aa549ab7e57923122e584fd371906f6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5876
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:16 GMT
Last-Modified: Sat, 21 Jan 2023 21:33:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727
assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/gcmw.js
200 OK 158 kB URL HTTP/2 assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/gcmw.js
IP
Size 158 kB (157509 bytes)
Hash 322cb3020b6d9ccbeca34bf5b3350a55
81f05ed27ec2d2ec7f1fc8db38efcdd942ec6d0f
7bd58fcca83f479f33448774d60f25230e6f743e185f6f3f5abb0af0d9f63472
GET /dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/gcmw.js HTTP/1.1
Host: assets.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvKACRnzsdV4PyslGaCMSOpdr8qEXMm7Vxl8dT-XsIvKY9XLQxRUDMzB6xVMETMnpSpnOJ_zYr8FIPDn7hvNT_7mA
cache-control: public, max-age=31536000, s-maxage=31536000
expires: Sat, 20 Jan 2024 16:49:51 GMT
last-modified: Fri, 20 Jan 2023 16:45:50 GMT
etag: W/"274a6e7693801579c33c06ee1ff9e394"
vary: Accept-Encoding
x-goog-generation: 1674233150772218
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 162637
x-goog-hash: crc32c=I+7uYQ==, md5=J0pudpOAFXnDPAbuH/njlA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 106991
server: cloudflare
cf-ray: 78d3ba615e14b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.tvpixel.com/js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1
200 OK 32 kB URL HTTP/2 c.tvpixel.com/js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1
IP
File type ASCII text, with very long lines (60150)
Hash 694ebb87d47c39e9140d81c9f8dae670
27d8b1393d18c5225a644bc39579281712eb6518
406402af8509abe488b428e346dff904c6b257e8651478e3825d21b8ab64c021
GET /js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1 HTTP/1.1
Host: c.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jan 2023 00:58:46 GMT
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vd3etorkxGZgsIOA5zMMUic1FZh2X9Ah63gn6w7o1MywFToBpxYejw==
age: 79955
X-Firefox-Spdy: h2
www.sjwoe.com/policy
200 OK 28 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash cb03d8f455e88d7bb7050795f9f9cfc9
ad15e9674b599d400994e2e83d094e696c76eb98
4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b
GET /policy HTTP/1.1
Host: www.sjwoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 28
date: Sat, 21 Jan 2023 01:32:40 GMT
x-amzn-requestid: c7e55cae-67b9-407a-a61d-547921ff469b
access-control-allow-origin: *
x-amz-apigw-id: fEcMzGYWIAMFh9Q=
cache-control: max-age=3600
x-amzn-trace-id: Root=1-63cb40b8-5886d7bd3e104a8218a28556;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UDAnRKIUWLKJXj4vW3JV7zx9KSg5FqBuV89gqTkzhCJtjR07KCL2hg==
age: 77916
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2333)
Hash 478554be545396b232695487f1cfef12
339f808efa23bf1930149cbba14f1c1ad0ed2f30
a9e14674ea865a8f44b037f0f383caf0f46405dae8378f3f9cd2e42fba831701
GET /i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230121231116A718CA905A3A11A2B5CC
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf609f4b4e4a15cb784589c3c3b4546dc825d0ac1490e2a38bb09cb0504a961274250c0ab86e2647787ded04dc37820e267ca7701fc3418f190837024f4914b7e2094af4c6b5811cca37181123b756652afd2cce6fe3a04ad40dbb56c1a42290adc9
content-encoding: gzip
content-length: 1155
x-origin-response-time: 11,23.48.215.78
x-akamai-request-id: 6bf819c.154be159
expires: Sat, 21 Jan 2023 23:11:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 23:11:16 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2KekwjaJN7neqq55CCGTz5FCiSg; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-48-215-78.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=11, inner; dur=5
x-parent-response-time: 111,23.36.79.13
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 74c3f327c4b3002fde5ef788129d6245
f99cd82f3208a2750f5be61301719411d3456ea0
c56110fcf0f726745765a3708a795b832279b24811675e6d757a8d84c3a4b144
GET /i18n/pixel/static/main.MWE2YWY2YTgzMg.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: _ttp=2KekwjaJN7neqq55CCGTz5FCiSg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825CE9047AAB28A1A92E1C9
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f0d03b7468ad8b1cb3b9a087e8ba0c9271348d0471c1aab4c6b5f4ed91206a643c3d77d2de7d14e7830204a6ea5a19be4f4e8a330ae4e711c3e2cbdf6ca25d12c
content-encoding: gzip
content-length: 68835
date: Sat, 21 Jan 2023 23:11:16 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
x-akamai-request-id: 154be21b
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
File type gzip compressed data, max compression\012- data
Hash f41399d1d139fc4ae5e474fee6ce20e5
9d29a9704874abd5db6afbf2e5520eb3ac1e7167
de7a858c55cb99126c82c17aba1b9443947b54c6e9ef95cee6e93fa23dfcc0d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ec4951f9bda8c0ddac587e0a218e8993
8ff0025f4ea6b8ff3fe74f16452fe4ab6d515077
e815ffcde6bc5977feb699570d059ad060be10fc95f57ea27935db15a276bdac
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 23:11:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 04:16:21 GMT
Expires: Sun, 22 Jan 2023 04:16:21 GMT
ETag: "8ff0025f4ea6b8ff3fe74f16452fe4ab6d515077"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a487239b9323c3f9fbf578f3da256b76
ff0948282e13d7484bae9a447a6b47905ef936ee
73aea6b277fcb0e3d7298545f31a1bbc449938690418f5bdeaf5a9f023f12264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.klaviyo.com/onsite/js/vendors~ClientStore.2e3aa6941a04805c58f8.js
200 OK 22 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~ClientStore.2e3aa6941a04805c58f8.js
IP
File type ASCII text, with very long lines (64287)
Hash 103f819128a0b6b6f23f26666a125154
3a889e823206b0bcfd006ae9beb4e5fbcf77c716
045257d42b0760b9561276913b56f6c326b614a428ce3c309eaf42e6c5af97a1
GET /onsite/js/vendors~ClientStore.2e3aa6941a04805c58f8.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: AIx88jmhpQ8GXb+BGoU7mYgPMXSGksARqBelsKhJJofrazRVdepkPJvzY9wMnUMDYffI7o0qluE=
x-amz-request-id: SXQAY7WMBWQS5180
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
etag: "817c4c26394fc9954331b4d682cc6eba"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: MwpUwQpQbMRiTzIrr1HTZoDSSqXP9fa3
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89827
x-served-by: cache-lga21934-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 9270
vary: Accept-Encoding
content-length: 22125
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/ClientStore.233d1ce5fc472ed19ac0.js
200 OK 22 kB URL HTTP/2 static.klaviyo.com/onsite/js/ClientStore.233d1ce5fc472ed19ac0.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash ccc6ac36558f8c67657d1b7212c7ce12
ec5437370c4868028e877238d47dfff1a8450a33
870c6508e5821ba025b19dfa6676a4ac7cb7ca76a3b8b124f334f9ceafbbc20c
GET /onsite/js/ClientStore.233d1ce5fc472ed19ac0.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: SKJwNOrSqZUYA5zY6uUbzqJ70rdeoRKRYAf24eOMWfdmB7OnHfNPqknsS2S+Kw8H6PYMzAf5urY=
x-amz-request-id: QXBY7V4TT51GSF2Z
last-modified: Thu, 19 Jan 2023 16:06:03 GMT
etag: "9ff61b2c63e1b8b9eb2d8130c4293061"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: CULvwFjp.UV5A4UJo8YXSi3hqj79bd4m
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89827
x-served-by: cache-lga21933-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 9649
vary: Accept-Encoding
content-length: 22419
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: _ttp=2KekwjaJN7neqq55CCGTz5FCiSg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
content-length: 30917
date: Sat, 21 Jan 2023 23:11:17 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 154be2f0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 223a8687c6aa064f5aeb6354ba15b47b
2d5393010d5bee692aee603f7b3a85c296f6b761
a2a9ec34f12cc33c2da49d0f3dace6bd73b61874d97ecf6218b3582f4b18e6a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155772
Date: Sat, 21 Jan 2023 23:11:17 GMT
Etag: "63cc257e-1d7"
Expires: Mon, 23 Jan 2023 18:27:29 GMT
Last-Modified: Sat, 21 Jan 2023 17:48:46 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q3Lodish3-D6HbMdMcJurHOeHMzSTIjoCawddDL7f1QyC-nTsT4BbA==
Age: 2323
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 223a8687c6aa064f5aeb6354ba15b47b
2d5393010d5bee692aee603f7b3a85c296f6b761
a2a9ec34f12cc33c2da49d0f3dace6bd73b61874d97ecf6218b3582f4b18e6a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 23:11:17 GMT
Last-Modified: Sat, 21 Jan 2023 21:23:02 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IUkX_cn7DZAW4nZFEypj4mO4MAcMHHaIPhUpAky9OlZTYuH_m0mFLg==
Age: 6495
static.klaviyo.com/onsite/js/532.dd9a1df84d96cf83ca19.css
200 OK 1.7 kB URL HTTP/2 static.klaviyo.com/onsite/js/532.dd9a1df84d96cf83ca19.css
IP
File type ASCII text, with very long lines (6145)
Hash 0dc1c7a389b78ca81cb988e822f60b27
46b51d1f25d7fd5801faf6fade531a522ebcf959
173dfa0bd0f19b6527e56113ebe3e9b56602cdde00eb79c8b589a64e128be82a
GET /onsite/js/532.dd9a1df84d96cf83ca19.css HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rF+SgaY1JPHmOI2PeI/zWSe/LyjjtU/QsBKqPGP86t3Wu2nwz7zm08yMVPyC0AkKxgU4BT1hYZw=
x-amz-request-id: XKPN5MDSG2QEZVZT
last-modified: Wed, 17 Aug 2022 13:59:48 GMT
etag: "a178d611a5a0600884426f0e16e9f9e4"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: NmgOJvBkHXpa0JV2BKocdZJD4tDGqyDN
content-type: text/css
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89828
x-served-by: cache-lga21983-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 61, 9202
vary: Accept-Encoding
content-length: 1654
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/styles.d7b395d2f5dbaa22d3f4.js
200 OK 118 B URL HTTP/2 static.klaviyo.com/onsite/js/styles.d7b395d2f5dbaa22d3f4.js
IP
File type ASCII text, with no line terminators
Hash aed4a1e86839f6eeb25e3b78728a5337
62901eb059a346acbc5720e098d646aafe17785b
bb09fcb60f1ade6836c860d4621b6b60173fb739d4368e3a614049541d901314
GET /onsite/js/styles.d7b395d2f5dbaa22d3f4.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: D5h44SsDzb7Frje9HET0O2P/wbq/sOAYvbfk6ihM6h+5QYHBKS5W9vPCB7az9KDNOQALRppkfCc=
x-amz-request-id: RA0SBVPER0EQKQ5B
last-modified: Tue, 25 Oct 2022 15:47:53 GMT
etag: "d1cd41990e04b6f014ab4f09d2e7abba"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: IoLTxoYxePImRAQ1caSeFQestkDqEHVU
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89828
x-served-by: cache-lga21966-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 8900
vary: Accept-Encoding
content-length: 118
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/vendors~Render.bb03d19e0b7d2674d1c6.js
200 OK 3.8 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~Render.bb03d19e0b7d2674d1c6.js
IP
File type Unicode text, UTF-8 text, with very long lines (11537), with no line terminators
Hash aad4ae3bb13b0fccb1542ab6667eedc9
49fad64686fd898e3a522496d78d03623e53c535
50084fd035c7c80d7901ea1e47247e2434cff0294585f2ac83fbf32eeed00df6
GET /onsite/js/vendors~Render.bb03d19e0b7d2674d1c6.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: eihKJXnbDoyZunSm9f9zEbJGmUB26EWNxIP7mDosfrPAfYFyxFESusuQ71RehbwkGysmgtcpL1I=
x-amz-request-id: KZYC9MVJYR789H91
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
etag: "982ced59f7037b46e55d6a855c145856"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: m46DWrbLJ1PLG2P1n3RSHdhHC8IjP8vw
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89828
x-served-by: cache-lga21969-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 9038
vary: Accept-Encoding
content-length: 3819
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/Render.084700c7d60486445cc9.js
200 OK 27 kB URL HTTP/2 static.klaviyo.com/onsite/js/Render.084700c7d60486445cc9.js
IP
File type ASCII text, with very long lines (18578)
Hash 9150b1856519eec299e29948fea2af2d
02bc1e64b6410114d10a555c6a8a4edbbaf282ff
3de6929f0697bfdb30d8342d66c5ab1da5fc2af7acce8f7403c0f38453a689e7
GET /onsite/js/Render.084700c7d60486445cc9.js HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rtAcA1Bo7sag0uBoJo+ireu9jawE1ltT1EBdds7yMnvPs5+YjPdm24es7TOthmTo9XNve8ayk1g=
x-amz-request-id: CA9MCV01Y86HZ0AT
last-modified: Thu, 19 Jan 2023 16:06:03 GMT
etag: "062b12b6b4b89db2baeea677a86ae312"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: UAYfadwoQZD8SwJZ7o01u11doLY8a37J
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 21 Jan 2023 23:11:17 GMT
age: 89828
x-served-by: cache-lga21924-LGA, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 9397
vary: Accept-Encoding
content-length: 27254
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: cnc02u3xqt0p
x-powered-by: Express
x-cloud-trace-context: cdbe8f2a02370e5dc919fa71aca1b83f
content-encoding: gzip
date: Sat, 21 Jan 2023 23:11:17 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 956
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Cookie: _ttp=2KekwjaJN7neqq55CCGTz5FCiSg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023012123111711DDC204516C7E9AA43A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf609f4b4e4a15cb784589c3c3b4546dc825d5f8320142085f0d90d9bc8361f5778562515c52b105c3f8d5d0dfb3beb297cf5070dc3347fcd736bb5fa66bfba66e05b94a337c75ce1d87940cf652fa394a29aef127e8ef73ee95488f5f314ac61b5b
x-origin-response-time: 24,23.48.215.47
x-akamai-request-id: 67ba15f.154be2ff
expires: Sat, 21 Jan 2023 23:11:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 23:11:17 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-48-215-47.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=24, inner; dur=16
x-parent-response-time: 123,23.36.79.13
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.mczbf.com/384165514209/pageInfo
200 OK 68 B URL HTTP/1.1 www.mczbf.com/384165514209/pageInfo
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
POST /384165514209/pageInfo HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://orgain.com
Content-Length: 346
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Date: Sat, 21 Jan 2023 23:11:17 GMT
X-Request-ID: e89bc53e-99e0-11ed-81cf-59029225ac23
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: raAj8TNr2W_Af6qvTxwrUqJazikZDd4pgZATM-_g8nQZuVm3zKHnqQ==
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a487239b9323c3f9fbf578f3da256b76
ff0948282e13d7484bae9a447a6b47905ef936ee
73aea6b277fcb0e3d7298545f31a1bbc449938690418f5bdeaf5a9f023f12264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&cb=90771344907206770term=value
200 OK 5.2 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&cb=90771344907206770term=value
IP
File type Unicode text, UTF-8 text, with very long lines (19799), with no line terminators
Hash 94a0b1988c79c6ab6d891d5c0936af94
2b0a75ab8d3159d7675ad0c55cd55b9231649fe7
f3bb62b094520ab0b2f8c1f43578e3a58ba434f99cefa74b6b22ac8c8c7a8da2
GET /spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&cb=90771344907206770term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Sat, 21 Jan 2023 23:11:16 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
transfer-encoding: chunked
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1844
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=a7f82949-8cd7-4c3b-a912-4786628b4cf7; Expires=Sun, 21 Jan 2024 23:11:17 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9072
Expires: Sun, 22 Jan 2023 01:42:29 GMT
Date: Sat, 21 Jan 2023 23:11:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9072
Expires: Sun, 22 Jan 2023 01:42:29 GMT
Date: Sat, 21 Jan 2023 23:11:17 GMT
Connection: keep-alive
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/json
Origin: https://orgain.com
Content-Length: 1006
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: o2mze6cgb3y7
x-powered-by: Express
x-cloud-trace-context: e105980a1647714216f270c4de7fc2cb
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9072
Expires: Sun, 22 Jan 2023 01:42:29 GMT
Date: Sat, 21 Jan 2023 23:11:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg
200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e6e79a6d39c1a68916ba137d2a26bc8
008b963daf94069a9ad22e5f170e2f3569e73709
df945becb760ffae4d118bf4bd7f10e766003cf8a4134687969d0f6a47a39319
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18374
x-amzn-requestid: 7b64c39d-6328-4c21-884e-c35a72227396
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHN7fGzpoAMFj5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d16-78583c755c0a76b5268c879d;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:45:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jeBRrvGvpmegIpee7ux6WNGJJQ2XXXdLs91g8hX4HFr2gChsd_4GOg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:45:58 GMT
age: 5119
etag: "008b963daf94069a9ad22e5f170e2f3569e73709"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: 51921a6d-e5d4-4d5b-89d8-e966ce56a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBlKKEBSIAMFVSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca1bda-4e652a0913dc6d744ed92121;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 04:43:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xTyrULEpWdbNOLTX93KUkEsaAcfClLOZjKXojtNtzNsPqMqPsLUaQg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:18:07 GMT
age: 49990
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b7dac109bc648666356225a0d21ed17
f07e82cffe064c296cb1b2c80f7b09feb7552bbe
cc8997d71cd85021addccb0f6a0f00edf95f9747333ff0a436581db4ede78f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6102
x-amzn-requestid: 256e7b90-3052-41f7-abcf-43c455a2ee7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFfEZtIAMFWhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d56-3237bb0a1f86766b5eb86e82;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PcHoBpKnLZj86KR261shofMwYYOoYLkwFHLgXS4ICo5jaySNb3f8_Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:00:49 GMT
age: 4228
etag: "f07e82cffe064c296cb1b2c80f7b09feb7552bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 375f2cf298e45122ca727fb63f0e5ea7
eb746e6842127741552c7dcc48e8a92193ca3075
8b5e5432f69dad1428c3a735f7a0d07823658e03befc7b6e15f6f5c3306fbaa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5196
x-amzn-requestid: 24221211-6673-4d7b-88de-2ef8c9a62f1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWRFPUIAMFf-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-286d3bb84ad3362d615479ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zqdZgSWyXzoBBGx5Ef3zI6evJsyFmKlShUQvB3TdBGm-wrfU3ACoWw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:52:26 GMT
age: 4731
etag: "eb746e6842127741552c7dcc48e8a92193ca3075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2bxIP5fBGoswPsQAvhRGhNlrHNQtiCpgWFr_S3fjQuyEXPW8amllzw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:50 GMT
age: 4347
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2aec02a691f126259e2a3c701e322ffe
af9161eefc1ee381a8f531c593ea7354d73493eb
e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4796
x-amzn-requestid: 9ad3dcbc-3d19-4619-a8cb-b316a8d51290
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULpHgKIAMFmYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a4a-769bcf2f4d7787d007ec30e2;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qdepf4pi9QDNo7J3IRI2er_vh0llZImHpcWvtlLjwRmUxGM6aRHCFQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 12:57:16 GMT
age: 36841
etag: "af9161eefc1ee381a8f531c593ea7354d73493eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/33b14418-ffd9-419b-b9e4-c03004404ac5
200 OK 9.9 kB URL HTTP/2 ekr.zdassets.com/compose/33b14418-ffd9-419b-b9e4-c03004404ac5
IP
File type JSON data\012- , ASCII text, with very long lines (325), with no line terminators
Hash 5a956136ddb587e6c0c64d8d14f86309
8aa1c5b33efb8717f6452ee77a4cd8ce0cc414e5
1beb5a5da5f0e71942885d06b02cfae4ab7451ee6213b7b4997cdbad90ebd899
GET /compose/33b14418-ffd9-419b-b9e4-c03004404ac5 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"85bcd8f6b7681b264007ea6286320cde"
x-request-id: 78b790b1da880a21-SEA, 78b790b1da880a21-SEA
x-runtime: 0.003152
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwlxNNaSL5F9IiYJkO5vO7hycPlNc7yt0riJRDnKdZnkzxiU6eqxW9T%2BPLrmSnyXBDWifFU3HlILsHHoYVRiIsk9EgT52kYliRpf6u6nZ4PLAeYQ7w%2FVl6JSyghUmY92O08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba60cbd1b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
200 OK 16 kB URL HTTP/2 cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
IP
Hash d22a977c440faf770e1d39ff00a7e1cc
a4b75b39d414a670e9b97506dcb9dcbfebf92c8f
be1f12383f567dff924756d7586d9089c17d082ec3dc2411358ffd637f1f1cac
GET /widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js HTTP/1.1
Host: cdn-widgetsrepository.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: JnGljnG5MsUzlBtVQtVIwwdoYV30tM7s4Riy4hQdOkIVBWM1/xjwSdX01ZJYr5X8JLqJ6bbQrxo=
x-amz-request-id: E5E1TTDR6S6B3XQ2
last-modified: Tue, 06 Dec 2022 09:10:21 GMT
etag: "aaa4223431ceb8bf734e9e241fc39c89"
x-amz-version-id: Urn5iuJOxPwl9H.GMq9Oc7wRRb1DTuGc
accept-ranges: bytes
content-type: text/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 21 Jan 2024 23:11:17 GMT
date: Sat, 21 Jan 2023 23:11:17 GMT
content-length: 16306
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=27180
date: Sat, 21 Jan 2023 23:11:17 GMT
content-length: 4777
x-cdn: AKAM
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
200 OK 906 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP
File type ASCII text, with very long lines (559)
Hash d86662fb4063e393752762c7372e1a41
69ba04e02bd520200fa58f773ae32dd6ed1cbed8
f97f39992ee9da3170cac3acfeaeb9074207ffac37c853480cc08a0f9fbb280d
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 906
last-modified: Thu, 19 Jan 2023 16:13:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1674144808.01
accept-ranges: bytes
server: AmazonS3
date: Sat, 21 Jan 2023 22:39:09 GMT
cache-control: max-age=3600, public
etag: "d86662fb4063e393752762c7372e1a41"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 14wXTJl1yGmygub11469HPgYxEZzJS2dHrRWKW4r4SMOEc1948wZKw==
age: 1930
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1381
Cache-Control: max-age=146892
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Etag: "63cc067c-1d7"
Expires: Mon, 23 Jan 2023 15:59:29 GMT
Last-Modified: Sat, 21 Jan 2023 15:36:28 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 22:41:07 GMT
expires: Sun, 22 Jan 2023 00:41:07 GMT
cache-control: public, max-age=7200
age: 1810
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +6dHR7UNdrg7wJtolJ9RuVVFiDGi4CxI08t+MZuVHGs0mDFui024SPOWfAwdIlKzz4u7/ooaf15ZW8Gun7rJrA==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 23:11:17 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/671.js
200 OK 32 kB URL HTTP/2 assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/671.js
IP
Hash 429d19323d3ebf7eaee89419df5b45e5
489ecc62847c88b5155875933f9df4344e27fe17
db9061634c51bb923f5a416822fa28d1b0c76d3caa3c7e45c46ca61535937feb
GET /dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/671.js HTTP/1.1
Host: assets.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvJhfo_QVpw47ZNbq2zR08edG1bqVLe0zbgAXnqL8nZZC_TPs3NVO69aK4SNjrl1_9lz4aHP2HL0kZKXVtY5mvhUMhg1zjl
cache-control: public, max-age=31536000, s-maxage=31536000
expires: Sat, 20 Jan 2024 16:49:51 GMT
last-modified: Fri, 20 Jan 2023 16:45:52 GMT
etag: W/"4c0ed1c235098de8dec7e5466e5a19d2"
vary: Accept-Encoding
x-goog-generation: 1674233152118192
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12153
x-goog-hash: crc32c=wfvcmw==, md5=TA7RwjUJjejex+VGbloZ0g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 107503
server: cloudflare
cf-ray: 78d3ba615e11b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75DC3038BED648BC9BFBE55F95A9C0C9 Ref B: OSL30EDGE0116 Ref C: 2023-01-21T23:11:17Z
date: Sat, 21 Jan 2023 23:11:17 GMT
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js
200 OK 51 kB URL HTTP/2 static.zdassets.com/web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js
IP
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 4b65b8db7a2f65bdb8f0f5e01be3f00c
f6a7fbaacd77e979bd612d73b089e5dc02396b27
721e6465659353cdd82068e050b1e9cf754481c036e80d1ce4afb6d403d54f42
GET /web_widget/latest/web-widget-framework-73f767e20e4f3af7aaf1.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mq7czFgK6QKJS/nFTuwHvLtJrEhiEe7yk5CEfB3+pjYtbQNBEQ6ET7ZWVLgN1sba/JZ6g9VZMd0=
x-amz-request-id: SMYTEQGHD383CCFV
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:30:18 GMT
etag: W/"cf9c6cdd1ca55fd360e7bdc92359938a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:30:17 GMT
x-amz-version-id: sTOcIduw73kbIjRTJdem6uITZKCYLKb7
cf-cache-status: HIT
age: 333865
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fq3igVkF7ULa%2FiOTthXS3uQ7mQP3tzTSEFbbvvUFX3%2B6hs9mCjyAXmoRsXB49LlCRz14gKWSI%2FmXgOQOIRFQIVWny5j3sYD19D8WePqIl%2BdPjQiN674G3op6tJu%2Bb%2F5CJeb5UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba65dfc6b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
telemetrics.klaviyo.com/v1/metric
204 No Content 0 B URL HTTP/2 telemetrics.klaviyo.com/v1/metric
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/metric HTTP/1.1
Host: telemetrics.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 932
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 21 Jan 2023 23:11:17 GMT
x-amzn-requestid: e134c43d-daa7-49fb-b607-30335dc1580c
access-control-allow-origin: *
x-amz-apigw-id: fHabZGbDoAMF1Ng=
x-amzn-trace-id: Root=1-63cc7115-6fbc1a794a6f8f4d466984d8;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8oe-PtQGi4haf8Z7sTMrsFD9mV55MmyOBlRGUqZVeRabEpTiiLExQw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 934afff89c9ec1b89e313f12a5cc0287
f0cc482c8bcfd8f05b17855050476815ae22decf
462c89a4abea94a01a540ddc7a70553da11a590f5fb8c91d6098340beb4a5c7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2716
Cache-Control: max-age=142108
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Etag: "63cbee95-1d7"
Expires: Mon, 23 Jan 2023 14:39:45 GMT
Last-Modified: Sat, 21 Jan 2023 13:54:29 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1674342675585&cv=11&fst=1674342675585&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 932 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1674342675585&cv=11&fst=1674342675585&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2181), with no line terminators
Hash be6cd8039825469e297d2cbd8a63b52a
f3939f2faf6c92fce2be75cb110108bff35b8783
9358e09d3863527c936558542a0d86e96b31f0f9ed34d66ebb14b80969656a88
GET /pagead/viewthroughconversion/401519874/?random=1674342675585&cv=11&fst=1674342675585&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 932
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 21-Jan-2023 23:26:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674342675601&cv=11&fst=1674342675601&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 933 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674342675601&cv=11&fst=1674342675601&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2181), with no line terminators
Hash 5848ad4d9b2b179006abf10f86849d15
f2f334d2053e947f6091b3158142d563826efa80
944dae7bee2f49b57935f1b4f5fa3be8cd45638b02d7e8ca6a152d992622388b
GET /pagead/viewthroughconversion/789606081/?random=1674342675601&cv=11&fst=1674342675601&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&auid=695628607.1674342676&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 933
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 21-Jan-2023 23:26:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=475172728&t=pageview&_s=1&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=767634760&gjid=1306358093&cid=1899207404.1674342677&tid=UA-9393434-7&_gid=1275319378.1674342677&_r=1&_slc=1>m=2wg1i0TVRLGS7&z=531330814
200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=475172728&t=pageview&_s=1&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=767634760&gjid=1306358093&cid=1899207404.1674342677&tid=UA-9393434-7&_gid=1275319378.1674342677&_r=1&_slc=1>m=2wg1i0TVRLGS7&z=531330814
IP
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=475172728&t=pageview&_s=1&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ul=en-us&de=UTF-8&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=767634760&gjid=1306358093&cid=1899207404.1674342677&tid=UA-9393434-7&_gid=1275319378.1674342677&_r=1&_slc=1>m=2wg1i0TVRLGS7&z=531330814 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://orgain.com
date: Sat, 21 Jan 2023 23:11:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 21-Jan-2023 23:26:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1381
Cache-Control: max-age=146892
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Etag: "63cc067c-1d7"
Expires: Mon, 23 Jan 2023 15:59:29 GMT
Last-Modified: Sat, 21 Jan 2023 15:36:28 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
IP
File type ASCII text, with very long lines (1056)
Hash 4ca2e5bfab6b4510881d946e28e56646
099ea22c87612a6cbd672cc4828ee9c912756a9a
a2ae406bba3162c5b3e6041530dff8abef20b212520fa7e955502056e3735aeb
GET /general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 23:11:17 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=eqvWv6YDo3e3eiPNnN/6R0WuCkXDAR99FauL9GBEhoc=;Path=/;Expires=Sun, 21-Jan-2024 23:11:17 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8a66a0326282070a1cdebcc1c7c011d8
84e66888c3ac633f7a74c4f0adb25710ab5fb0f2
0844951d314f46096835a667f964ec85904224786f14ed753fe3b05d9bf1049f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 17:58:12 GMT
Expires: Sat, 28 Jan 2023 17:58:11 GMT
Etag: "84e66888c3ac633f7a74c4f0adb25710ab5fb0f2"
Cache-Control: max-age=585413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d3ba683f5bb50b-OSL
www.google.com/pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9958e5aeee4219307b96862dce19adc1
8ee1f96330c3158e8668111ad6cd61796dc796c7
89e1e860cef0db59b9ae0da0cbfda59387739186d73cce775f02970972feef9b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169407
Date: Sat, 21 Jan 2023 23:11:17 GMT
Etag: "63cc4b95-1d7"
Expires: Mon, 23 Jan 2023 22:14:44 GMT
Last-Modified: Sat, 21 Jan 2023 20:31:17 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XELVhZLS8fU6W76xqbUgByN7xscKDUSTCnLr5R56CLheD9zGfyqkrw==
Age: 6207
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p.yotpo.com/i?e=pv&page=404%20Not%20Found%20%E2%80%93%20Orgain&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo3Nzg4MDMzMDh9&dtm=1674342676033&tid=193142&vp=1280x939&ds=1268x1171&vid=1&duid=7f5a3f2f863b460c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake
200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=pv&page=404%20Not%20Found%20%E2%80%93%20Orgain&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo3Nzg4MDMzMDh9&dtm=1674342676033&tid=193142&vp=1280x939&ds=1268x1171&vid=1&duid=7f5a3f2f863b460c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=pv&page=404%20Not%20Found%20%E2%80%93%20Orgain&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo3Nzg4MDMzMDh9&dtm=1674342676033&tid=193142&vp=1280x939&ds=1268x1171&vid=1&duid=7f5a3f2f863b460c&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=6e5ef365-b86a-4aee-45d4-dac11f895c98; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Sun, 22 Jan 2023 23:11:17 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nJ29KeVIGbyZva7GUzhMwTBIObH3npRVvY3-2ERyVc6eGlcUSxSabg==
age: 305891
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2222193.js?sv=7
200 OK 3.9 kB URL HTTP/2 static.hotjar.com/c/hotjar-2222193.js?sv=7
IP
File type ASCII text, with very long lines (7669)
Hash 8da7e300ae21fd28dcea83c45a003ac6
b789ab3ff9eacf6a6153275c849690877126ec85
dde3e199bed8aa4cc49bf79655ec985a636609de54b5cfe3759b7f101015051f
GET /c/hotjar-2222193.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 21 Jan 2023 23:11:17 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/e79594d767bdedfa653cc3d1f4b11cde
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UsisyingdCshkvO1Vbyfevs2XNtCx_ZuJzP2AXc0NFIYrG_yzpt6XQ==
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674342676831&dep=2%2CPAGE_LOAD
200 OK 380 B URL HTTP/2 ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674342676831&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash 509f9f17664ea845ece0a38f0f7a70bf
849d5513fa36d2441b3325575ff2d074594e1591
4869150f10b5577c79966bc43ba24d1d9e7b2bb8cb89964263015cb7dae9a9e8
GET /user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674342676831&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1HVmhOMk0zWlRNdE5UZGpOQzAwT0Roa0xUZ3lZakl0TmpCbVltSXlOamxsWVRCaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://orgain.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 380
x-envoy-upstream-service-time: 6
referrer-policy: origin
x-pinterest-rid: 2328237565585902
date: Sat, 21 Jan 2023 23:11:17 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1674342677.39fc73a
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
101 Switching Protocols 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://orgain.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SZJsbEoPyl6UKOAl8HqVrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sat, 21 Jan 2023 23:11:17 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: +2to5S6SumEYP4U8zjOMPR+/eJY=
Upgrade: WebSocket
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&gjid=1306358093&_gid=1275319378.1674342677&_u=YEBAAEAAAAAAACAAI~&z=1151996690
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&gjid=1306358093&_gid=1275319378.1674342677&_u=YEBAAEAAAAAAACAAI~&z=1151996690
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&gjid=1306358093&_gid=1275319378.1674342677&_u=YEBAAEAAAAAAACAAI~&z=1151996690 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://orgain.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
35.160.46.251/is
200 OK 32 B IP
File type ASCII text, with no line terminators
Hash 1bcad31f2cc61a6ec53bc8ae49b1f36f
92e5769ef078929ad00f8fe18f0a2b3a3ca6188b
92ed9524453278167d4eafa5722d7bc41e91f9422463c72f83df9046b7d7b792
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 35.160.46.251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
static.zdassets.com/web_widget/latest/classic/web-widget-8165-c772b95.js
200 OK 198 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-c772b95.js
IP
File type ASCII text, with very long lines (65307)
Size 198 kB (197724 bytes)
Hash 8531affa784615175f8ae151693d5957
e998ed04c2bea79d02db35db84ab9191a5c6af2d
586f028b686bb2eae77d047b071fd6f18625c5b7f424e7f8c1808533e4defe01
GET /web_widget/latest/classic/web-widget-8165-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Mg07F3WgH1IFZaCpXM4iADLz0iU0PjMENwuZDlMlcdvTcrVwHojXGoEnmGqrn293CD7djRJbBjw=
x-amz-request-id: PSW6242C75ERY88H
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:00 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:32:59 GMT
x-amz-version-id: zXfbGqseD554bGjo5Pk5Zk7Rgy7Bcg.T
cf-cache-status: HIT
age: 333864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plXf4WkrJ8%2BE%2FR76X5Er%2BLuZFDgD2wUWtnk6sD%2BnnaClh%2FKahY7o2pp96rBSxpSJ69vq%2FGthnye1Shcwpaowyy94ajkJJX9CkG3geJkNQqe6ICkyGrpeWvf8XIXQkjFMLCGcv5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba694b3eb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-c772b95.js
200 OK 115 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-c772b95.js
IP
File type ASCII text, with very long lines (13518), with no line terminators
Size 115 kB (114756 bytes)
Hash 8fe4dbb34144ff7d17e649f9fbf8fc9b
812b14541d6775641fc23374f1b869eba140346c
8627c96c93e141d4d6bb5ff413315b24280015fd76f093d77e968db3c9d382fe
GET /web_widget/latest/classic/web-widget-classic-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: QQP0x9XbhB5Dk0riyJ2Pf2/hCrkW1LdRrUO0HwYc6FwdVMTj776JL4VVlafER2dB3nfuB+T5WiE=
x-amz-request-id: SMYGN16Y410TVGQ5
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:00 GMT
etag: W/"cd4729daed11132efcc597973fc717b3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:32:59 GMT
x-amz-version-id: 0QaNwqgOUsm.0YUSER1MEc2b.uBhA3aM
cf-cache-status: HIT
age: 333864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2B%2Bpnww3DzNjKAC7kIusA4%2BufdvVVHfa248%2FGiKW9jB%2BEkF0lYt%2BkhO%2Be6tMnzaxIFIwWgVFLD%2FF4lV%2B5tyrB36RD7vlMX8GRLKERDewORFyvWhDGNVD2MLgz2nXfGvkId%2Fu3yM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba692b20b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
drinkorgain7149.zendesk.com/embeddable/config
200 OK 312 B URL HTTP/2 drinkorgain7149.zendesk.com/embeddable/config
IP
File type JSON data\012- , ASCII text, with very long lines (387), with no line terminators
Hash b1f537ece47f099995900a38179ded5c
6e47887324151f32187ac44b8da246513f8089a5
c945fb0a3b460144b8c0d56d4f16cff4d9dd731a6cf263420c2b046185c17d81
GET /embeddable/config HTTP/1.1
Host: drinkorgain7149.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-6f4f8d9996-w8x54
x-request-id: 78d3ba667ed1b512-ORD
x-runtime: 0.002647
vary: Origin, Accept-Encoding
x-cached: MISS
last-modified: Sat, 21 Jan 2023 08:41:52 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6CP0q%2FJjQOKGW8uZUdsfCBDoeI%2FbcBLu6QvQACYUhDSu%2BL2dyF3SD7oo8ju%2FhyY%2BGtYn4qnsVYML8wNFEvtU5i65XJUP2NCY62i12BDgTfWcL1rc0SHT89JVtAJCCBQr4vqmJEiw8Q3BD4Kyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=eff086cb3e6dcddcde007da9df932bc5b7cbd2d2-1674342677; path=/; domain=.drinkorgain7149.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78d3ba667ed1b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11000740&Ver=2&mid=68cda453-1f98-4ad8-a280-71e74e0659a6&sid=e8596e1099e011eda3b8d9e5988c4fb9&vid=e859951099e011ed8b1d651c10f39880&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=404%20Not%20Found%20%E2%80%93%20Orgain&p=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&r=<=1650&evt=pageLoad&sv=1&rn=474525
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11000740&Ver=2&mid=68cda453-1f98-4ad8-a280-71e74e0659a6&sid=e8596e1099e011eda3b8d9e5988c4fb9&vid=e859951099e011ed8b1d651c10f39880&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=404%20Not%20Found%20%E2%80%93%20Orgain&p=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&r=<=1650&evt=pageLoad&sv=1&rn=474525
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11000740&Ver=2&mid=68cda453-1f98-4ad8-a280-71e74e0659a6&sid=e8596e1099e011eda3b8d9e5988c4fb9&vid=e859951099e011ed8b1d651c10f39880&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=404%20Not%20Found%20%E2%80%93%20Orgain&p=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&r=<=1650&evt=pageLoad&sv=1&rn=474525 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=04F26FEB6893687914877D4B69666923; domain=.bing.com; expires=Thu, 15-Feb-2024 23:11:18 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 102C5E5BFDFB407084BFDEABC392D5DA Ref B: OSL30EDGE0116 Ref C: 2023-01-21T23:11:18Z
date: Sat, 21 Jan 2023 23:11:18 GMT
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=2085405
200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=2085405
IP
File type ASCII text, with very long lines (778)
Hash bff3a0037cd355647d70d5e007d1bd42
3036edbddcdbbb8ed2a4a6b39350f9902c20c551
14b6807df5269a367d2ce8a123e64193baa9d057fe3777ea6b8329b6c7002dea
GET /widget/widget.js?v=2085405 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 48092
date: Thu, 19 Jan 2023 16:15:21 GMT
last-modified: Thu, 19 Jan 2023 16:13:32 GMT
etag: "bff3a0037cd355647d70d5e007d1bd42"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1674144805.85
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: htnZ-567OZxptKzl4mcM61RPmWzroO_Lk_141FDyyDXfpVriZhUycQ==
age: 197758
X-Firefox-Spdy: h2
mpsnare.iesnare.com/5.5.0/logo.js
200 OK 419 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP
File type ASCII text, with very long lines (377)
Hash bef368e786e5d3dfd2c366546d30f3ad
17bb45c8af18aec63899251b92ed40fc61749aa5
08b6cba695819232bd97a0e148cbeb630c2b37acc83ed5929f61aef938180c7b
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 23:11:18 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Sun, 21 Jan 2024 23:11:18 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ct.pinterest.com/v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674342676833
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674342676833
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1674342676833 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 3552345486240702
date: Sat, 21 Jan 2023 23:11:18 GMT
akamai-grn: 0.540a655f.1674342678.39fc780
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&tid=2613712472924&cb=1674342677111&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&tid=2613712472924&cb=1674342677111&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&tid=2613712472924&cb=1674342677111&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1279306000061732
date: Sat, 21 Jan 2023 23:11:18 GMT
set-cookie: _pinterest_ct_ua="TWc9PSYvdnY3YmtiOUFSUE5FRjZqUXlzRHJ1U2tnZ3NBVjVwVFV5R2x6M25nc21vaXM2eXh6TlozYzVIVmI5bGFNNmxmeWpDK3R6Z0N2bjViUUxYMHJBNkh3YWdBdTFIT2laTWhscHRDQ0pZa3dkbz0mTGFJU1FaeEJXZ2VBaXFLQU8xc2E3MHY5aWdRPQ=="; Expires=Sun, 21 Jan 2024 23:11:18 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.540a655f.1674342678.39fc786
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpsnare.iesnare.com/time.mp3?nocache=0.1800185903707635
206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.1800185903707635
IP
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.1800185903707635 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 21 Jan 2023 23:11:18 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/11000740.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11000740.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11000740.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE7BB6BDA41043FEBD80B22FA39D0314 Ref B: OSL30EDGE0116 Ref C: 2023-01-21T23:11:18Z
date: Sat, 21 Jan 2023 23:11:18 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1674342675743&cv=11&fst=1674342675743&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F404>m_ee=1&auid=695628607.1674342676&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/401519874/?random=1674342675585&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3720239657&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/401519874/?random=1674342675585&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3720239657&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/401519874/?random=1674342675585&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3720239657&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/825569394/?random=1674342675614&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2015864200&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/825569394/?random=1674342675614&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2015864200&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/825569394/?random=1674342675614&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2015864200&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/789606081/?random=1674342675601&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2470393757&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/789606081/?random=1674342675601&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2470393757&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/789606081/?random=1674342675601&cv=11&fst=1674342000000&bg=ffffff&guid=ON&async=1>m=2oa1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&tiba=404%20Not%20Found%20%E2%80%93%20Orgain&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2470393757&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&_u=YEBAAEAAAAAAACAAI~&z=1489758896
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&_u=YEBAAEAAAAAAACAAI~&z=1489758896
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1899207404.1674342677&jid=767634760&_u=YEBAAEAAAAAAACAAI~&z=1489758896 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 23:11:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674342676727%26url%3Dhttps%253A%252F%252Forgain.com%252Fcollections%252Fdrinks%252Fproducts%252F20g-plant-based-protein-shakehttps%253A%252Forgain.com%252Fcollections%252Fprotein-shakes%252Fproducts%252F20g-plant-based-protein-shake%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKJgTvWRpxlowAAAYXWmb7a3J5ZdLKZOzuD6nTv3FABqbtTTr6zhHAKwuDUwSgXidmmN9FbYo3HvQ; Max-Age=2592000; Expires=Mon, 20 Feb 2023 23:11:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKa23o2oPFLBQAAAYXWmb7aVbKVaDiTCitAFxTyJdcRQYOlPIisHSkvGBmYQV118MFNiuymJMfQgfHxuBUkQA; Max-Age=2592000; Expires=Mon, 20 Feb 2023 23:11:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&abe36356-7f1d-4185-8f41-5c3440d46ec7"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 21-Jan-2024 23:11:18 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2416:u=1:x=1:i=1674342678:t=1674429078:v=2:sig=AQGoGeWOTAR76HZCQfSBKnTM5Xy-NbuJ"; Expires=Sun, 22 Jan 2023 23:11:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXyzkiRcNLpQNNlYewbgQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 48607E52A9224033B7CA16D643054844 Ref B: OSL30EDGE0507 Ref C: 2023-01-21T23:11:18Z
date: Sat, 21 Jan 2023 23:11:17 GMT
content-length: 0
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674342676727%26url%3Dhttps%253A%252F%252Forgain.com%252Fcollections%252Fdrinks%252Fproducts%252F20g-plant-based-protein-shakehttps%253A%252Forgain.com%252Fcollections%252Fprotein-shakes%252Fproducts%252F20g-plant-based-protein-shake%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674342676727%26url%3Dhttps%253A%252F%252Forgain.com%252Fcollections%252Fdrinks%252Fproducts%252F20g-plant-based-protein-shakehttps%253A%252Forgain.com%252Fcollections%252Fprotein-shakes%252Fproducts%252F20g-plant-based-protein-shake%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674342676727%26url%3Dhttps%253A%252F%252Forgain.com%252Fcollections%252Fdrinks%252Fproducts%252F20g-plant-based-protein-shakehttps%253A%252Forgain.com%252Fcollections%252Fprotein-shakes%252Fproducts%252F20g-plant-based-protein-shake%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&69e38c3b-ee08-486e-8876-3a304c37bc26"; Domain=.linkedin.com; Expires=Sun, 21-Jan-2024 23:11:18 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230121231118eccb7f47-f08c-45ac-8ad3-f5ebf6088cd3AQFHsHu6sUfgi4SPWkae-UxUKxnRGX_-"; Domain=.www.linkedin.com; Expires=Sun, 21-Jan-2024 23:11:18 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQzNDI2Nzg7MjswMjGzGlRCcChZXEXJZeU+Y+S7I7uAXZydqD3qKEwEk3zRsA==; Domain=.linkedin.com; Expires=Thu, 20 Jul 2023 23:11:18 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2446:u=1:x=1:i=1674342678:t=1674429078:v=2:sig=AQEYCRrb7lV6jp7f3IZHOR6bXYo55RPw"; Expires=Sun, 22 Jan 2023 23:11:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyzkiVKjoW1gi9vzh/9w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2F2AF6ABBAF140229F51BBE845A8854F Ref B: OSL30EDGE0507 Ref C: 2023-01-21T23:11:18Z
date: Sat, 21 Jan 2023 23:11:18 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d7a676fdcc1e018511914b62ca5eaa5c
890830d0fc121557067e288cab995f30eb1c703f
20378da6a3856545348fb807fa04d99729b2fab1145e31f58467da57afbd0129
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 23:11:18 GMT
Last-Modified: Sat, 21 Jan 2023 22:01:48 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B112a6mmLgljwp2IdL1A88wGn2ubehXzFksiAaaqrlIz8-7zpFbfvA==
Age: 4170
www.facebook.com/tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&rl=&if=false&ts=1674342677559&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674342677557.503233207&it=1674342676807&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&rl=&if=false&ts=1674342677559&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674342677557.503233207&it=1674342676807&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&rl=&if=false&ts=1674342677559&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674342677557.503233207&it=1674342676807&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 23:11:18 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1655794&time=1674342676727&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&80819930-6481-41df-8060-5607cbc8ad52"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 21-Jan-2024 23:11:18 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2446:u=1:x=1:i=1674342678:t=1674429078:v=2:sig=AQEYCRrb7lV6jp7f3IZHOR6bXYo55RPw"; Expires=Sun, 22 Jan 2023 23:11:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyzkiZGwNugGp0pnWBvw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 88B6907A6DD84C48A45027B93829280F Ref B: OSL30EDGE0507 Ref C: 2023-01-21T23:11:18Z
date: Sat, 21 Jan 2023 23:11:18 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e90b8f7894ebbc0056a52f0920d2a68f
0b9861aff194a9a0807fc42d5b506aa6fbb5f27b
45e0d611ccb0b1b599e0ae1d5578530904b0f3289f75b1c028ed7c3d2698b7fe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162968
Date: Sat, 21 Jan 2023 23:11:19 GMT
Etag: "63cc4327-1d7"
Expires: Mon, 23 Jan 2023 20:27:27 GMT
Last-Modified: Sat, 21 Jan 2023 19:55:19 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pcQwFMlNS8cA4SpuNpw4E4nBNM20S8qQKrel53eoRrAgEnifBhEaEA==
Age: 1928
ws33.hotjar.com/api/v2/client/ws
101 Switching Protocols 0 B URL HTTP/1.1 ws33.hotjar.com/api/v2/client/ws
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws33.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://orgain.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IkGEKBe1u9iCl70aJfrv6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 21 Jan 2023 23:11:19 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eeyefmjXt39EjpSUjE7qVFGGDvc=
Sec-WebSocket-Extensions: permessage-deflate
in.hotjar.com/api/v2/client/sites/2222193/visit-data?sv=7
200 OK 151 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2222193/visit-data?sv=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 395657efb4b9eedeeb3267ac3d11d147
840fc2ae982d3192cf36a726f79eef435ac1f13d
55ea72095acfdafde89869d5a400d87bec27093c428758fb9c50490f8a59fce5
POST /api/v2/client/sites/2222193/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 147
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:18 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
200 OK 1.3 kB URL HTTP/2 cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
IP
File type JSON data\012- , ASCII text, with very long lines (2550)
Hash 55332c6485b3c493332a2ed553ed9538
52f3d55f4aa12e183853d7f5483b8d896c52af2e
3eac2a5186d25a104aec20bed34958d34d85186e12780543cd404de09b2ba6c5
GET /partner/1655794/domain/orgain.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 21 Jan 2023 22:25:25 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uEoVFHw7ALjK7ppX7wcEqzUlkuUOUBvMxMm648NutKiwgtneTBDGvg==
age: 2752
X-Firefox-Spdy: h2
gs.mountain.com/gs
200 OK 144 B IP
File type ASCII text, with no line terminators
Hash 9e07778a6a0d476583c825d6958ad8f7
9b85d67df54ce93106a94fb161f5d7ae165ec4ee
ef2d9f6a630fc12f4ae92cfd030b9dd5fbd8128a0f8a04ba25e9036c9cd1ca52
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: guid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 23:11:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1899207404.1674342677&shpt=404%20Not%20Found%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%E2%80%93%20Orgain&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221899207404.1674342677%22%2C%22shpt%22%3A%22404%20Not%20Found%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%E2%80%93%20Orgain%22%2C%22dcm_cid%22%3A%221899207404.1674342677%22%2C%22dcm_gid%22%3A%221275319378.1674342677%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1899207404.1674342677&dcm_gid=1275319378.1674342677&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&shadditional=shopify%3Dtrue%2Cgoogletagmanager%3Dtrue%2C%5Bobject%20Object%5D&shcq=0&cb=1674342679345980&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674342680048
200 OK 1.3 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1899207404.1674342677&shpt=404%20Not%20Found%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%E2%80%93%20Orgain&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221899207404.1674342677%22%2C%22shpt%22%3A%22404%20Not%20Found%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%E2%80%93%20Orgain%22%2C%22dcm_cid%22%3A%221899207404.1674342677%22%2C%22dcm_gid%22%3A%221275319378.1674342677%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1899207404.1674342677&dcm_gid=1275319378.1674342677&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&shadditional=shopify%3Dtrue%2Cgoogletagmanager%3Dtrue%2C%5Bobject%20Object%5D&shcq=0&cb=1674342679345980&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674342680048
IP
File type ASCII text, with very long lines (5783), with no line terminators
Hash f8716d6f73fe3bfd2bdf1d8d1dc96f0e
2f5b29d336357d266bf8c10c0e809cb6dfb71871
efba1f43e8963e941eb4d178eae754181b2e4a7b0bf48e3b11642dec56816703
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=1899207404.1674342677&shpt=404%20Not%20Found%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%E2%80%93%20Orgain&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221899207404.1674342677%22%2C%22shpt%22%3A%22404%20Not%20Found%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%E2%80%93%20Orgain%22%2C%22dcm_cid%22%3A%221899207404.1674342677%22%2C%22dcm_gid%22%3A%221275319378.1674342677%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1899207404.1674342677&dcm_gid=1275319378.1674342677&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&shadditional=shopify%3Dtrue%2Cgoogletagmanager%3Dtrue%2C%5Bobject%20Object%5D&shcq=0&cb=1674342679345980&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674342680048 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: guid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sat, 21 Jan 2023 23:11:20 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyMTGIN7IwtlCyMjQzNzE2MTKzMDA3NdVR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCAF95fGlGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI0NDA6MTY3NDM0MjY4MA==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 14
server: istio-envoy
connection: close
transfer-encoding: chunked
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76&gdpr=&gdpr_consent=
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76&gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=e9d9eaea-99e0-11ed-8bb3-ddc347569b76&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
200 OK 1.1 kB URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b1aad9b1ceec105db26a84165822831
353a8e1abfb811a24feebe60751128b9dcd3e420
21a9e4abd256a200e5d06ad440ec94aa0cc277450c7a561067fde213f6b9e391
GET /track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1005326155852690
date: Sat, 21 Jan 2023 23:11:21 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1674342681.39fcba8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
304 Not Modified 0 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"3c96ed32080050e15caa0aacc122e549"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 21 Jan 2023 23:11:21 GMT
via: 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
etag: W/"3c96ed32080050e15caa0aacc122e549"
age: 89826
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1674342681.223351,VS0,VE0
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
IP
Hash 4571e69480d916ef6aa494045295d718
9969befc6b340a2d224f10db4ed425e7caaf82e6
c4595a31db06d5b508fed7cb0dc09e48f4718383651ee06dde942e389659278d
POST /s/gts1d4/UmzLkw4brhg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f7dd7babf8e05d2b9cbeeaa3c458bc9e
39be6d8f8c386b33c863fec0a4d53580e60c982a
120c03ab9efc06b90347d732c7e07936bd4959bd2bf3a57514b8d21360b3a1f6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "120C03AB9EFC06B90347D732C7E07936BD4959BD2BF3A57514B8D21360B3A1F6"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14854
Expires: Sun, 22 Jan 2023 03:18:55 GMT
Date: Sat, 21 Jan 2023 23:11:21 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 86c07c2115a81cd88bbc222441cf0d5b
b2452224defd74bd3d3e285fbac4c0642e652ff5
44395ca3266b6ce9a1ccae3fdede1bee9622a7cea55b48263bb7c5276315f2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "44395CA3266B6CE9A1CCAE3FDEDE1BEE9622A7CEA55B48263BB7C5276315F2C6"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12297
Expires: Sun, 22 Jan 2023 02:36:18 GMT
Date: Sat, 21 Jan 2023 23:11:21 GMT
Connection: keep-alive
static.rechargecdn.com/static/js/recharge.js?shop=drink-orgain.myshopify.com
200 OK 527 B URL HTTP/2 static.rechargecdn.com/static/js/recharge.js?shop=drink-orgain.myshopify.com
IP
File type ASCII text, with very long lines (1155)
Hash 1fc32c961c8de508370363d5d47a7b88
aa3c2ca62a5818c64970e503471d2bef6b0da427
242093991ff354a4c49ecb5c981a45f0484e7ff6d89d7ee937f1486f3523326e
GET /static/js/recharge.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.rechargecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-disposition: inline; filename=recharge.js
via: 1.1 google
vary: Accept-Encoding
content-encoding: br
accept-ranges: none
content-length: 527
date: Sat, 21 Jan 2023 22:21:39 GMT
age: 2982
last-modified: Fri, 20 Jan 2023 21:43:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=3600
access-control-allow-origin: *
x-cache-status: hit
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Recharge-App
access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-scripts.signifyd.com/shopify/script-tag.js?shop=drink-orgain.myshopify.com
200 OK 3.0 kB URL HTTP/2 cdn-scripts.signifyd.com/shopify/script-tag.js?shop=drink-orgain.myshopify.com
IP
File type ASCII text, with very long lines (3004), with no line terminators
Hash 1ebadac4613cd33aeac40fcdc723646d
e72aea3a791378fdf4e0acf5b9e4828512482d71
28007761338c1e98e5b151031b85fdea6624c9218c8d8503967f312867d7972a
GET /shopify/script-tag.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3004
date: Sat, 21 Jan 2023 23:01:03 GMT
cache-control: public, max-age=1800
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VAt-ThnQS9m7Fy62XSBr6bq31wh6ImvAUkgKgfieVMnwhrnaQ74e4A==
age: 618
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
IP
Hash a2716803eac6e5bf97649b93ead13b7f
322533c330ea6f07e2e1c849436b0b8f56ff8ba8
c8bef17a58c27dfa0638c0dcac62330be72350ec6ac1a810f2cc5393dfdbc74e
POST /s/gts1d4/CNNkrGp2ZqY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
200 OK 4.0 kB URL HTTP/2 cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
IP
File type HTML document, ASCII text, with very long lines (10607)
Hash ea841c153d565985907f8d12822ce9f8
3e706b8dabfb579ca2151302f36a81f8c4c44d8e
ccce95900f9a1063e2ed21831da10a77a3008629d4c7caa66f6b0b18a80f568d
GET /mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn.tapcart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvwh0wgD25Rne5w-buZ8V8UkUOWHGSv087b4TjXShdgS9zGZar3j7R51lJ4SiisC5NE0ALtDavAKrVbFYsutE64ctGm0iBv
vary: Accept-Encoding
x-goog-generation: 1601069883388603
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3994
content-encoding: gzip
x-goog-hash: crc32c=BxpSOw==, md5=6oQcFT1WWYWQf40Sgizp+A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3994
server: UploadServer
date: Thu, 19 Jan 2023 05:14:20 GMT
expires: Fri, 19 Jan 2024 05:14:20 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 25 Sep 2020 21:38:03 GMT
etag: "ea841c153d565985907f8d12822ce9f8"
content-type: application/javascript
age: 237421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 111 kB IP
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Size 111 kB (110602 bytes)
Hash 88d37adb7129f3c36d96d6759c079186
0b6161f33e6350999033ef32f3bcba55f6dfaca4
5bbdcba0f38abf8340f80e4b80b17642a4d3f00d8331cb2d97c407c84caaedca
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "120C03AB9EFC06B90347D732C7E07936BD4959BD2BF3A57514B8D21360B3A1F6"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14854
Expires: Sun, 22 Jan 2023 03:18:55 GMT
Date: Sat, 21 Jan 2023 23:11:21 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 86c07c2115a81cd88bbc222441cf0d5b
b2452224defd74bd3d3e285fbac4c0642e652ff5
44395ca3266b6ce9a1ccae3fdede1bee9622a7cea55b48263bb7c5276315f2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "44395CA3266B6CE9A1CCAE3FDEDE1BEE9622A7CEA55B48263BB7C5276315F2C6"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12297
Expires: Sun, 22 Jan 2023 02:36:18 GMT
Date: Sat, 21 Jan 2023 23:11:21 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UmzLkw4brhg
IP
Hash 4571e69480d916ef6aa494045295d718
9969befc6b340a2d224f10db4ed425e7caaf82e6
c4595a31db06d5b508fed7cb0dc09e48f4718383651ee06dde942e389659278d
POST /s/gts1d4/UmzLkw4brhg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
IP
Hash a2716803eac6e5bf97649b93ead13b7f
322533c330ea6f07e2e1c849436b0b8f56ff8ba8
c8bef17a58c27dfa0638c0dcac62330be72350ec6ac1a810f2cc5393dfdbc74e
POST /s/gts1d4/CNNkrGp2ZqY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 0e20630d354e8006c1218568e4c27fed
00aeb2e5ba147f6879e643598d83d1b3caee6ebd
2a1f8bd36bbf0eef542b3d79976456900055f65b402b1a279387b96fd8fb6da1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6408
Cache-Control: max-age=96116
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Etag: "63cb2c85-117"
Expires: Mon, 23 Jan 2023 01:53:17 GMT
Last-Modified: Sat, 21 Jan 2023 00:06:29 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 279
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 27ea348def51eef7866dff6f9cd9e7de
4d7f8c78cb4dfeb4158ef0bca5616447f67a2d4a
27450045fbce712fa7134a23a91156759d73cff8a5aaecc5283c0f67bf483d79
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 23:11:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 21 Jan 2023 21:33:15 GMT
Expires: Sun, 22 Jan 2023 21:33:15 GMT
ETag: "4d7f8c78cb4dfeb4158ef0bca5616447f67a2d4a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11178
200 OK 9.4 kB URL HTTP/2 config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=11178
IP
File type ASCII text, with very long lines (1470)
Hash 3c479d7e79776106f40aa0afc1e842c1
ad7ebc37e45507af6e8ec3b85312b0ce0941a0de
c04e142f2440e28f2a6990f46b95b3a63a90b9e587de21c36b918534c9d686af
GET /gorgias-chat-bundle-loader.js?applicationId=11178 HTTP/1.1
Host: config.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: no-cache
etag: W/"5bf-OSCOmeSEecNmqTHo1wXPqoHmjAQ"
via: 1.1 google
cf-cache-status: HIT
age: 52164
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba5aaf66b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
200 OK 12 kB URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP
File type ASCII text, with very long lines (15506)
Hash dbe01951531c89dc92fad4dc85d2c503
f0dbf12b24958ff92775e0e9a9fb86c4474050e7
ed5a814d38a5d1fe3f8d8a2cab129262db836b6f6883d521bcb5d246bd34cff6
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 78d3ba7e8b33b4f9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=2
200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=2
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=2 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=1
200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=1
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ck=0&m=1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
imgs.signifyd.com/fp/check.js;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
200 OK 50 kB URL HTTP/1.1 imgs.signifyd.com/fp/check.js;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
IP
File type ASCII text, with very long lines (4040)
Hash 88dea4a8a14728dd7f5d455fa6322006
a43089694fe80354b7db531df10791027a6e03e4
cb46c20c63ce5e7e21e40bc623768becab5d418ede192a83df2072e021d8d73d
GET /fp/check.js;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: a0d06eca18ae5b9b
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a6392be277cb05d451d205a64a118261
ea50b86b15c80bf2584902a5834b857a02274b38
8db1a90891bdf175f8ff9dcc1240a5ce906a5b01d62670e089b2a73aa753696e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 23:11:21 GMT
Last-Modified: Sat, 21 Jan 2023 21:24:07 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NHssQnUw_00n2y_YOc8nPAIZUZHQLvnjRF41DRolIA9zyzh33Jk_qQ==
Age: 6435
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
200 OK 31 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 9b0df0e2d00cb47a92ca0bb8a626a5ca
703ad8039c14079293957cdedacf800e9dab324b
5fc24a6ac6859491a9379b4aaa34017a02599e16cdb47a190993909a62be9dde
GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 16326009
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sat, 21 Jan 2023 23:11:21 GMT
etag: "803056b57d10d71:0"
last-modified: Wed, 03 Mar 2021 22:36:53 GMT
server: ECAcc (ska/F6B4)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30982
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a6392be277cb05d451d205a64a118261
ea50b86b15c80bf2584902a5834b857a02274b38
8db1a90891bdf175f8ff9dcc1240a5ce906a5b01d62670e089b2a73aa753696e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145500
Date: Sat, 21 Jan 2023 23:11:21 GMT
Etag: "63cbed55-1d7"
Expires: Mon, 23 Jan 2023 15:36:21 GMT
Last-Modified: Sat, 21 Jan 2023 13:49:09 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A08qxFpTz1hDZhb7iN0_oA2XD-dYrx-o1rSbvZtbGgiItcEWyGyGgA==
Age: 6432
ocsp.digicert.com/
200 OK 279 B IP
Hash 0e20630d354e8006c1218568e4c27fed
00aeb2e5ba147f6879e643598d83d1b3caee6ebd
2a1f8bd36bbf0eef542b3d79976456900055f65b402b1a279387b96fd8fb6da1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6408
Cache-Control: max-age=96116
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:21 GMT
Etag: "63cb2c85-117"
Expires: Mon, 23 Jan 2023 01:53:17 GMT
Last-Modified: Sat, 21 Jan 2023 00:06:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
imgs.signifyd.com/fp/ls_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
200 OK 13 kB URL HTTP/1.1 imgs.signifyd.com/fp/ls_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash cb949dd3091b3f42be00d035b16c7a6a
47b5a30cfcdc3aa4e8f50af5651e5e6038332c8b
f937694e40dd7e49f2053243578aef9a881b0eae45afbf58f2c4245ed159a536
GET /fp/ls_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3b362e6c73633d326164353e6c39396763653f3e383a37306b393a3031346c3e6e626a31353764
204 No Content 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3b362e6c73633d326164353e6c39396763653f3e383a37306b393a3031346c3e6e626a31353764
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jb=3b362e6c73633d326164353e6c39396763653f3e383a37306b393a3031346c3e6e626a31353764 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
imgs.signifyd.com/fp/top_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
200 OK 14 kB URL HTTP/1.1 imgs.signifyd.com/fp/top_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash c7cdada42b84287211a74e58c677fdca
08f15b28b3976728935920d26e2560fad390877a
5be9116cf2845845b752ef163e40d8b5ee9edefc622dc4fd991c1f21e0f31ad8
GET /fp/top_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ja=3f34392626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46636d6c6c656376616564792730466c786166697b2f324e727a6d6e7d6b747b2532443230672d72646b647e2f60617b6f6c25727a65746d6b662f7960696b6d68747670732533432d384c657065616164266b6d652f324e61676e666d6b74616f6e712532467070677e6f636c2f73606b636d712d3846787067667f6b7c732d32463030672d706e69647e276063736d6e257870677e65616c2571626963652e64723f2668683d63393c3d3e6133656c3a6d3833303e613c366d3a3b693f30386665313163613024627965374e6b6e7d722e62716a374661706d6465702d3238313037266a736f7735466364777a2662796a7d3f4e63726d64677a2c666063353136246e6d74703f382c7e70663f555c492e65637c62723530303b3c6a30386b30376762613464646932686b3a6336313b316c346b69613a3239613f3e6d31303261326139643936696b3e3e3266333c3e3e6a376e3e393824783f7a647d67616e5f646c617368273d4f6c6b6e7165297a647d6561645f7f6b6666657f7b5f6565646b615f706c63716f782f37476669667b6d237866756f6b665d6b6c67626d5f6161726f6261762d3f4f6c636e736d2b7864776f636e57737d6b69637c69656525374566616c716d2b7a6677656966557b606d6b617769746d273f4d6e6164736523706c75676b6655786f636e70646b716d702d3f456e6364716f29786c7d67696c5f766c635d78666b736770253d4f6e696e7b6f21786e7d65636657646d76616e76722535476e6b6679672370647f6f616c5779766f5d7e6b6f7f6d722d354564616c73652378667f6d6b6c5f626b7e69273d4f66696e7b672c6b6b643532373a353638&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438
204 204 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ja=3f34392626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46636d6c6c656376616564792730466c786166697b2f324e727a6d6e7d6b747b2532443230672d72646b647e2f60617b6f6c25727a65746d6b662f7960696b6d68747670732533432d384c657065616164266b6d652f324e61676e666d6b74616f6e712532467070677e6f636c2f73606b636d712d3846787067667f6b7c732d32463030672d706e69647e276063736d6e257870677e65616c2571626963652e64723f2668683d63393c3d3e6133656c3a6d3833303e613c366d3a3b693f30386665313163613024627965374e6b6e7d722e62716a374661706d6465702d3238313037266a736f7735466364777a2662796a7d3f4e63726d64677a2c666063353136246e6d74703f382c7e70663f555c492e65637c62723530303b3c6a30386b30376762613464646932686b3a6336313b316c346b69613a3239613f3e6d31303261326139643936696b3e3e3266333c3e3e6a376e3e393824783f7a647d67616e5f646c617368273d4f6c6b6e7165297a647d6561645f7f6b6666657f7b5f6565646b615f706c63716f782f37476669667b6d237866756f6b665d6b6c67626d5f6161726f6261762d3f4f6c636e736d2b7864776f636e57737d6b69637c69656525374566616c716d2b7a6677656966557b606d6b617769746d273f4d6e6164736523706c75676b6655786f636e70646b716d702d3f456e6364716f29786c7d67696c5f766c635d78666b736770253d4f6e696e7b6f21786e7d65636657646d76616e76722535476e6b6679672370647f6f616c5779766f5d7e6b6f7f6d722d354564616c73652378667f6d6b6c5f626b7e69273d4f66696e7b672c6b6b643532373a353638&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&ja=3f34392626613d30267a3f382c6c3733303838723938303c2c616e3f393032387031383032247378793d32703a2c6e72703d3926393a3a38263138303c2e3b3a303024313032322c31323a382633393b2e313a32382433383834243224322c7b6b64353234246c683d68767c7a792f3143253a4c2d3a44677867696b662c696765253a46636d6c6c656376616564792730466c786166697b2f324e727a6d6e7d6b747b2532443230672d72646b647e2f60617b6f6c25727a65746d6b662f7960696b6d68747670732533432d384c657065616164266b6d652f324e61676e666d6b74616f6e712532467070677e6f636c2f73606b636d712d3846787067667f6b7c732d32463030672d706e69647e276063736d6e257870677e65616c2571626963652e64723f2668683d63393c3d3e6133656c3a6d3833303e613c366d3a3b693f30386665313163613024627965374e6b6e7d722e62716a374661706d6465702d3238313037266a736f7735466364777a2662796a7d3f4e63726d64677a2c666063353136246e6d74703f382c7e70663f555c492e65637c62723530303b3c6a30386b30376762613464646932686b3a6336313b316c346b69613a3239613f3e6d31303261326139643936696b3e3e3266333c3e3e6a376e3e393824783f7a647d67616e5f646c617368273d4f6c6b6e7165297a647d6561645f7f6b6666657f7b5f6565646b615f706c63716f782f37476669667b6d237866756f6b665d6b6c67626d5f6161726f6261762d3f4f6c636e736d2b7864776f636e57737d6b69637c69656525374566616c716d2b7a6677656966557b606d6b617769746d273f4d6e6164736523706c75676b6655786f636e70646b716d702d3f456e6364716f29786c7d67696c5f766c635d78666b736770253d4f6e696e7b6f21786e7d65636657646d76616e76722535476e6b6679672370647f6f616c5779766f5d7e6b6f7f6d722d354564616c73652378667f6d6b6c5f626b7e69273d4f66696e7b672c6b6b643532373a353638&jb=39313b266c733d4d6f7a6b64666b2f304435263a2d3a32205d6966666775792d3a30465425303031302e322d39482f30325761643e3c273b48253a3270343e2d3b422d3230707625334133383f243a2b2732384d6d6b69672f324e3038333a38393039253232466972656467722f384433303d2438 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Sat, 21 Jan 2023 23:11:21 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
200 OK 4.4 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
IP
File type ASCII text, with very long lines (17376), with no line terminators
Hash 0bae611b12a8647d527e1cae062ef1de
87c7daf655d96df6f4e166d7f1046febb83fa0ee
ff6df20364db5d2ca68f93910231e319bef2a5c6c5d1d717835df3b81669eb43
GET /6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WXHcU2K/c6Xtob1u02oPw0npkncIHRZWcvkCnSoBcOcZnGxzOjdtkUwEONhtwIAHvO2ri59o20tctQu1z4a0eg==
x-amz-request-id: EZD36J7K6AZGX4XN
Date: Sat, 21 Jan 2023 23:11:22 GMT
Last-Modified: Fri, 05 Nov 2021 20:31:42 GMT
ETag: "0bae611b12a8647d527e1cae062ef1de"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: OMUfbyW2HM90knNnHstzkw0ZSAWAKMZO
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 4416
addshoppers.s3.amazonaws.com/customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298
200 OK 414 B URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298
IP
File type ASCII text, with very long lines (999), with no line terminators
Hash 8bfd24dfc7330a468ffd6b76e4c7bf8d
d9de9c37d58be52e6927e9b92d2d0ee69402bd9f
b4511b32d398fc185c70b9021439bae79262be92ed945689bce9f58ba3737577
GET /customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PUurFR6DG3wY7C5nqglpAS5cZnc/aGhRMWqPflimZ7BAoOUlYvQirGA+Lx5zldvPYVyrDS3WKZrG7KO68/rBkw==
x-amz-request-id: EZD9Q22WFT665RWZ
Date: Sat, 21 Jan 2023 23:11:22 GMT
Last-Modified: Fri, 05 Nov 2021 20:31:39 GMT
ETag: "8bfd24dfc7330a468ffd6b76e4c7bf8d"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: TEGmzKJ32uRmGiztMVE0LzsqKOgGwv_k
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 414
imgs.signifyd.com/fp/clear.png
200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, w2txo5aa/a0d06eca18ae5b9b919042154drinkorgainmyshopifycom
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:22 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 21 Jan 2023 23:11:22 GMT
Expires: Thu, 20 Jan 2028 23:11:22 GMT
Etag: a2899e70666a437abe73038c4dee7d08
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://orgain.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
searchanise-ef84.kxcdn.com/widgets.63185.min.js
200 OK 40 kB URL HTTP/2 searchanise-ef84.kxcdn.com/widgets.63185.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65492), with no line terminators
Hash 810372f3b92381e3bb5eb2ec55c507a8
f82ca190fe4d86da4d6732788967aa2cf713c462
6122ccfad8b040232e87bd65a299e11ae594aeb6599616c53815a98c9dd22895
GET /widgets.63185.min.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 39963
x-amz-id-2: eF64viH9jM5oWij4ufUzGRxJY5YohXUQZ7XRh0F2zSC2ixBCxd3PjFdjkcHnA2L5ghfdurbvgKU=
x-amz-request-id: 1NGZKVP5VETZ0Z76
last-modified: Tue, 10 Jan 2023 07:36:39 GMT
etag: "810372f3b92381e3bb5eb2ec55c507a8"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: U7Q65gjsFl.EXvPjWfWGr16UxpDPTDsa
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
200 OK 1.7 kB URL HTTP/2 searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (6697), with no line terminators
Hash 770b68ce2dc99217e36d43aa8829fecb
014b0a328362610191007bc6ba837e09bfff4651
3fb3855d9647b866bd352a40fc1e7f1b7a324c37fcb936ce2a40dcc556532f35
GET /templates.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 1680
x-amz-id-2: 7OZ68M0YCbELbfo8f5WUkQiOKkfTyfCyEfzamKaVocYZP6/HyVr4OnujJAYl1TScsIxZBfsVXas=
x-amz-request-id: FQ6AZ29HE7HZ2YXP
last-modified: Wed, 18 Jan 2023 22:25:38 GMT
etag: "770b68ce2dc99217e36d43aa8829fecb"
cache-control: public, no-cache
content-encoding: gzip
expires: Wed, 18 Jan 2023 22:25:37 GMT
x-amz-version-id: 9SDgVQBDTjM2aUuz5EyT1NR6CY0TbX02
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
200 OK 9.4 kB URL HTTP/2 searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
IP
File type Unicode text, UTF-8 text, with very long lines (45319), with no line terminators
Hash 08fa7e0d38fdbe927f79f8893b683153
1739cfcf6243ecbb045f001ebc20df9c33beaa4f
27b144c9173b50ed57d737880c5c6c05aff21567262821d8122aee959841745c
GET /preload_data.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 9382
x-amz-id-2: SZnUFHfaJ/0EKhWOF0BujyA3V+oVgYZ5aRv03zK7CF6eFDzCaC8+vyLB6w8UxMHtdGl2sVG7AZ0=
x-amz-request-id: FQ67GJ2SGZMYGBC9
last-modified: Sat, 21 Jan 2023 05:37:29 GMT
etag: "08fa7e0d38fdbe927f79f8893b683153"
cache-control: public, max-age=86400
content-encoding: gzip
expires: Sun, 22 Jan 2023 05:37:28 GMT
x-amz-version-id: .C4pFIstwG1Oyu.ogz0eF_t7oKBKcRRZ
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f1d84b4160eb6d9a78cd74199aafa45a
e576e8ec8f5762b3b1a0de5163beed9055c2dc23
74fc000a4b00232904e56fa3d05c5e8d9cb532b664fe14a5d82418fdb93ec6b6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116824
Date: Sat, 21 Jan 2023 23:11:22 GMT
Etag: "63cb7e2e-1d7"
Expires: Mon, 23 Jan 2023 07:38:26 GMT
Last-Modified: Sat, 21 Jan 2023 05:54:54 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZzqPXJVExUt4pcvzq288KLDvpPxbrQYHnjcFIQE-HQFZqwi2F6ZHjg==
Age: 6212
scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
200 OK 14 kB URL HTTP/2 scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
IP
File type ASCII text, with very long lines (405), with no line terminators
Hash 03beb6b4e08e288956bb0f528f7bf1a5
0ea3bfa8e76e074e1d05b3683d9ffd252059a597
7015c3615d52d9161dbe9e0549a46053cd07ebcfd4bc7c3e95ecfda79434df87
GET /shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: scripttags.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=411
etag: W/"af7993c2ff57b7b07fbeafbaae56fa81"
last-modified: Tue, 18 Aug 2020 17:32:56 GMT
x-77-cache: HIT
x-77-nzt: AblMCRSIA2b//FUMAA
x-77-nzt-ray: af58563002f291730fd4bf63d3121c14
x-77-pop: stockholmSE
x-age: 808444
x-cache: HIT
x-amz-id-2: gVrEH9OQA41WSGTzVndmBHz9llDC0fqyPC/W4Ahei2iNB2ese8fVfMEsvz6zkLCNWn2930f5DsA=
x-amz-request-id: YGX77S50VP08CQMN
cf-cache-status: HIT
expires: Sun, 29 Jan 2023 23:11:21 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba7d7a95b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtba0d06eca18ae5b9bam1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&di=yes
200 OK 81 B URL HTTP/1.1 w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtba0d06eca18ae5b9bam1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&di=yes
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&di=yes HTTP/1.1
Host: w2txo5aa2zrjfzc2c2kgve6nwqmrcghvhxi2trtba0d06eca18ae5b9bam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:22 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
cdn-loyalty.yotpo.com/loader/nrMQniDgXcFzSiDLTJlYSA.js?shop=drink-orgain.myshopify.com
200 OK 30 kB URL HTTP/2 cdn-loyalty.yotpo.com/loader/nrMQniDgXcFzSiDLTJlYSA.js?shop=drink-orgain.myshopify.com
IP
Hash 36f0fcde40b11a1954387b1b5882da90
8857145860fd84eaa3b51a06e8f790668d754373
97f3515a37039270b73822e9fae46accb5d3d3d3cc4647f022b2fc8befa58496
GET /loader/nrMQniDgXcFzSiDLTJlYSA.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn-loyalty.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin
etag: W/"f0186ab17bf8e9a187b3e29ac4d412af"
x-request-id: 963abb2c76b6ca5f3d4a1739631efa61
x-runtime: 0.050668
content-encoding: gzip
x-ratelimit-limit-second: 10000
x-ratelimit-remaining-second: 9999
ratelimit-remaining: 9999
ratelimit-limit: 10000
ratelimit-reset: 1
strict-transport-security: max-age=63072000; includeSubDomains
correlation-id: ce6d359d-5439-48bd-b6ce-fd3f7f9404c1
x-kong-upstream-latency: 75
x-kong-proxy-latency: 5
content-length: 30267
cache-control: private, must-revalidate, max-age=0
date: Sat, 21 Jan 2023 23:11:22 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com
200 OK 463 B URL HTTP/2 d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com
IP
Hash 374fb5d08db800d032c4e963eb0a8687
d235c5543b39e521aed7c4fdd03761ae9d888cf2
d1e26c3e6af32b965902df34319e98f02ca064c0eca4048fa364357548a8b28e
GET /shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: d34uoa9py2cgca.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 463
last-modified: Sun, 25 Mar 2018 15:39:33 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 21 Jan 2023 08:35:13 GMT
etag: "374fb5d08db800d032c4e963eb0a8687"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZAW9EjhF3XMnWkZmpVr4_Vi2aMiM_Cd0v6z3t5qFrREou8vopp8PoQ==
age: 52591
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3b362e6c73603d31633066386b69326131303d3e3038316a33336d646a373a3f3d666b36333465
204 No Content 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3b362e6c73603d31633066386b69326131303d3e3038316a33336d646a373a3f3d666b36333465
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3b362e6c73603d31633066386b69326131303d3e3038316a33336d646a373a3f3d666b36333465 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Sat, 21 Jan 2023 23:11:22 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
affiliatepluginintegration.cj.com/getPluginJS?shop=drink-orgain.myshopify.com
200 OK 6.4 kB URL HTTP/2 affiliatepluginintegration.cj.com/getPluginJS?shop=drink-orgain.myshopify.com
IP
File type ASCII text, with very long lines (6314)
Hash 7f56975c6a73bd852960dcf8ab5bf3ed
52def72613f4e9b5b5367af25c9d2ba17b41a3ac
55498324dc3ccf4f0c41894f9796c0e2ab5c67d6e80dafa24a28efae24312d9c
GET /getPluginJS?shop=drink-orgain.myshopify.com HTTP/1.1
Host: affiliatepluginintegration.cj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 6363
server: CloudFront
date: Sat, 21 Jan 2023 23:01:04 GMT
cache-control: max-age=1800
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fWWmi9mvDw0W964uI2H_4JkJnTtaA_uslvVibMjgi-aaUNC6I9jUBA==
age: 618
X-Firefox-Spdy: h2
nytrng.com/iframe?vcp=4dd5h0np&as_id=10392f6e524949fe9fb59a1e44ad419c
200 OK 581 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=10392f6e524949fe9fb59a1e44ad419c
IP
Hash fd38590084c60cb9be2d94f4275069f0
94050eec47146554722d14e01fe6204d6df4d4d2
fc024787063d8a43161a9d9c3a22c8721a772f44f3e1dbaa3e607e190c67cfa6
GET /iframe?vcp=4dd5h0np&as_id=10392f6e524949fe9fb59a1e44ad419c HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: text/html; charset=utf-8
content-length: 409
server: gunicorn
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/items_modern.63185.css
200 OK 5.3 kB URL HTTP/2 searchanise-ef84.kxcdn.com/items_modern.63185.css
IP
File type Unicode text, UTF-8 text, with very long lines (19323)
Hash c635789bf9f87204bb46737ac1e2287b
33c5e15194fc632f769525c256db9a8acaec7555
a35b7164144839746b028898510550f9fd777b42b6ccb26f44359af59ad803cd
GET /items_modern.63185.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: text/css
content-length: 5263
x-amz-id-2: Gb8HHhR9u2+bf+MoIoVTrkf3rJ69zLYwqE3Mikvmm25zHXFYxtAKGMMjYE8RZqHIndeKZSo9iVI=
x-amz-request-id: PPJQQR51Z83EBVTH
last-modified: Tue, 10 Jan 2023 07:36:43 GMT
etag: "c635789bf9f87204bb46737ac1e2287b"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: jJRmbMvRwgPolGyhUsII70eETfhi8jWY
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/results_big_pictures_new.63185.css
200 OK 11 kB URL HTTP/2 searchanise-ef84.kxcdn.com/results_big_pictures_new.63185.css
IP
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 80e6eded7d05ac53ba809e70a883179e
a56d38e5b912016e313deae2aba839aef11ba4fe
cffaed344a0bcff6eee249b527d22372b5799bcc7ad9789741751a67dcc781c1
GET /results_big_pictures_new.63185.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: text/css
content-length: 11413
x-amz-id-2: Ep8vpotCkmLUB0jGJqlpTk6qtTsxy9BUaejFexGuB7XW1hYSl6ftk2MeBFVUR9LvG/KCWhiX13s=
x-amz-request-id: F62SC8047CKSYV8F
last-modified: Tue, 10 Jan 2023 07:36:47 GMT
etag: "80e6eded7d05ac53ba809e70a883179e"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: O0OWfqwkAFW_q5iJxOhVbrRbP75QJ1ug
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-c772b95.js
200 OK 10 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-c772b95.js
IP
File type Unicode text, UTF-8 text, with very long lines (25838), with no line terminators
Hash 730461ee53ad8376aac59fc648862f20
c34baa43fdb49d485d5e7e7523c4fbf7257d1674
d30235cbe8557463df59edcefdefd242f854717e14cab2735cd9b75ef112e1a7
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-c772b95.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 0/GUafoEMYQenx/a3PK4SZoWNXr1vv2/6dDZ7yyr+YvO3AhOV9o8SAM+oU4VtYSySsMTCXEEcro=
x-amz-request-id: PSWCP42WA26N1WNT
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 08:33:01 GMT
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 16 Jan 2024 08:33:00 GMT
x-amz-version-id: R7yslonrbN6Zo3XSvNvCb.89dzcyCRe7
cf-cache-status: HIT
age: 333863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy51t2CFGjq2uW3yyu3iaUqDnAVhoIbwH6HSxnC9juql5F61COjCQ77dIQXInPmMLk%2BKNFQ7gFNi%2FfDqTvJ3b3tDFA8DlbaZ%2BRKoCygLUqWB9cSGiW3TCaEGChGJu3yyM1xEWP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78d3ba6b6d79b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/snize-autocomplete.63185.min.js
200 OK 10 kB URL HTTP/2 searchanise-ef84.kxcdn.com/snize-autocomplete.63185.min.js
IP
File type ASCII text, with very long lines (39837), with no line terminators
Hash fab21a4504d2b028aa7b28c418e10424
c017ef636a6978b37d1ac061e62d98438e81f30b
80787dbe8d90eaa81fa5f8f6261f5ddf7f4b142bde45c46f39f836dcd043ff3b
GET /snize-autocomplete.63185.min.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 10208
x-amz-id-2: go6sLbsn2TqVBeBzfHOlCaT2plpl7uEnzI6vLSjtia5cvUBfeQSVvLtG+W0SrK97V80oGpeHDQI=
x-amz-request-id: 4HDFKANF720DWWEJ
last-modified: Tue, 10 Jan 2023 07:36:40 GMT
etag: "fab21a4504d2b028aa7b28c418e10424"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: NehLOFqabkYVqWllwVBu9gp5nStzQFzN
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear1.png;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3c313026736b645f726e66357e6e785d574e3b654c7f61704c3740604c72474f2e7361645f666174653d333e3d3e39363036303b2e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c32383030363433376563313f383e3666373d333b69376d3d336a373861333b39653a37343064613836616c6f3c33333262383f6e6d61393f366e6339663e3e3b333d33343665616363663133383e673b346c323b6b303d33636b666b64333b31633d39646132346665376c393a693a30333f3f6a313a6d336330606a346f3a3a3269666367267369645d7b636d373132343e3a3a3a33383a6369336b353a3b69323963316031323836376d333c3d3a35373e3e3a30616a69396c3069316e6930353d333135306334313a306b3d38633335693e6e3f3b3e3b303a3039323a693c336961343332663934643f693f6e3b3566306f6c3e303c6f656b3a6d663b303b3769303761656538313b3a333d3d333533393e6c313a6c6b376e346d35332e7b696e723d32
204 204 0 B URL HTTP/1.1 imgs.signifyd.com/fp/clear1.png;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3c313026736b645f726e66357e6e785d574e3b654c7f61704c3740604c72474f2e7361645f666174653d333e3d3e39363036303b2e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c32383030363433376563313f383e3666373d333b69376d3d336a373861333b39653a37343064613836616c6f3c33333262383f6e6d61393f366e6339663e3e3b333d33343665616363663133383e673b346c323b6b303d33636b666b64333b31633d39646132346665376c393a693a30333f3f6a313a6d336330606a346f3a3a3269666367267369645d7b636d373132343e3a3a3a33383a6369336b353a3b69323963316031323836376d333c3d3a35373e3e3a30616a69396c3069316e6930353d333135306334313a306b3d38633335693e6e3f3b3e3b303a3039323a693c336961343332663934643f693f6e3b3566306f6c3e303c6f656b3a6d663b303b3769303761656538313b3a333d3d333533393e6c313a6c6b376e346d35332e7b696e723d32
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jf=3c313026736b645f726e66357e6e785d574e3b654c7f61704c3740604c72474f2e7361645f666174653d333e3d3e39363036303b2e7b6b6c557471726d3f7d6d6a3a6d636471612673696657616f733f31303d333b38333b3a3638353a63323e3c386b65336630323031323e3a3238633a363c326b6d316c3a33383338353a3b3c32383030363433376563313f383e3666373d333b69376d3d336a373861333b39653a37343064613836616c6f3c33333262383f6e6d61393f366e6339663e3e3b333d33343665616363663133383e673b346c323b6b303d33636b666b64333b31633d39646132346665376c393a693a30333f3f6a313a6d336330606a346f3a3a3269666367267369645d7b636d373132343e3a3a3a33383a6369336b353a3b69323963316031323836376d333c3d3a35373e3e3a30616a69396c3069316e6930353d333135306334313a306b3d38633335693e6e3f3b3e3b303a3039323a693c336961343332663934643f693f6e3b3566306f6c3e303c6f656b3a6d663b303b3769303761656538313b3a333d3d333533393e6c313a6c6b376e346d35332e7b696e723d32 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Sat, 21 Jan 2023 23:11:22 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=94
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jac=1&je=3932392626726d3d6e6f24697f6e623f66663d3e6a3d363832303d376b663f6d6a363839636165646361373e3d383c676135393a3e6b34303f363a3a6b67336c38393f39363433313430303b3b6e6e3024657039356c643e32656e356a323d3030616e34623539666238646a6f686f6731663d6b696b616c39393e3638
204 No Content 4.6 kB URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jac=1&je=3932392626726d3d6e6f24697f6e623f66663d3e6a3d363832303d376b663f6d6a363839636165646361373e3d383c676135393a3e6b34303f363a3a6b67336c38393f39363433313430303b3b6e6e3024657039356c643e32656e356a323d3030616e34623539666238646a6f686f6731663d6b696b616c39393e3638
IP
Hash ac9abbec5ea93485cafe70e81f34db06
bfc455ffd9b2e0c99621fee172e41eb246617248
a434a4c99767aaaf2f1b657f221b789947572f712e495646c0efddb15790bc08
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b&jac=1&je=3932392626726d3d6e6f24697f6e623f66663d3e6a3d363832303d376b663f6d6a363839636165646361373e3d383c676135393a3e6b34303f363a3a6b67336c38393f39363433313430303b3b6e6e3024657039356c643e32656e356a323d3030616e34623539666238646a6f686f6731663d6b696b616c39393e3638 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 21 Jan 2023 23:11:22 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 5746ed84562b020cdc1ab3221931e3fb
5ae7f846fb975fe86186e0c445b06ca91056e248
99e69569dc9744277ef44d7381693f20329177e8500fb479be0d46f3f580a483
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2847
Cache-Control: max-age=108792
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 23:11:22 GMT
Etag: "63cb6bf3-1d7"
Expires: Mon, 23 Jan 2023 05:24:34 GMT
Last-Modified: Sat, 21 Jan 2023 04:37:07 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471
cdn.nytrng.com/pl.2.2.min.js
200 OK 539 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP
Hash a60910f13965e612cfdf73d3d4f28918
fc3f45ece54590221eff2d08227021c6186d5682
1c778ad25eced6ae3d68087fb86544cbe688433c0e1e43e66f127746cf85d0fd
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Mon, 02 Jan 2023 11:38:59 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QP22_iHy_qGaAimDE6xJDLO3BYTUm9L3lizJGNiATq53UqQKmogDPQ==
age: 1683143
X-Firefox-Spdy: h2
www.mczbf.com/384165514209/pageInfo
200 OK 68 B URL HTTP/1.1 www.mczbf.com/384165514209/pageInfo
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
POST /384165514209/pageInfo HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://orgain.com
Content-Length: 346
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Date: Sat, 21 Jan 2023 23:11:22 GMT
X-Request-ID: ebcc6b96-99e0-11ed-ac02-2f4f895c076b
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -J8-Q5Yvq_T2hON7EgPnDZPx7p-pzESyTYK83jrX-OAedgIUp6R_UA==
pi.pardot.com/pd.js
200 OK 1.9 kB IP
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:22 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Fri, 20 Jan 2023 05:15:56 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Mon, 20 Jan 2025 23:11:22 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
cdn-swell-assets.yotpo.com/app.v1.0.367.js
200 OK 196 kB URL HTTP/2 cdn-swell-assets.yotpo.com/app.v1.0.367.js
IP
File type ASCII text, with very long lines (32075)
Size 196 kB (195984 bytes)
Hash 02a5d9b16fd52427c1ef9a820db5adf6
0c99013c0512076322c721decc301f17fafe6470
1b1a392e2d389aab24cf52d7955e1b981a29362c402e274341630ee8b5a15cda
GET /app.v1.0.367.js HTTP/1.1
Host: cdn-swell-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 197447
content-type: text/plain
date: Sat, 21 Jan 2023 23:11:22 GMT
etag: "4bd20914edff8a4d128f28b904251d06+gzip"
last-modified: Thu, 24 Nov 2022 15:56:13 GMT
server: ECS (ska/F717)
vary: Accept-Encoding
x-amz-id-2: d+pXIz9amv3Ey1rUHUVSiC5HBOXcGt4aEeAo56xgnNQawngdx+xY6Fh5NrPzLpu4XumhluTs1dk=
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1669305372/atime:1669305372/md5:4bd20914edff8a4d128f28b904251d06/ctime:1669305372
x-amz-request-id: 6MCZ9J1S9YKYPZ2H
x-amz-version-id: de8cWd89oC7MbqUVwmxAR7mmGXJPmDk4
x-cache: HIT
content-length: 195984
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bdeda397fc829e2922b81e1ee75a6795
17f00767577168ef64bcc5823b2cbae72a2401a2
8321d837c9b1ea8b28ec49fee5335f7961f3fa2fa9a5918e50592f8c65dd3fd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8321D837C9B1EA8B28EC49FEE5335F7961F3FA2FA9A5918E50592F8C65DD3FD0"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12970
Expires: Sun, 22 Jan 2023 02:47:32 GMT
Date: Sat, 21 Jan 2023 23:11:22 GMT
Connection: keep-alive
www.automizely-analytics.com/analytics/collect?v=2>m=amwcp1&sr=1280x1024&ul=en-US&cid=1899207404.1674342677&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&dr=&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sid=04b84217-5bb2-4054-bad2-e3629f8a1d85&_psc=as&en=page_enter&ep.kit=3.3&epn.event_time=1674342680658&ep.platform=WEB&ep.user_id=&ep.session_id=04b84217-5bb2-4054-bad2-e3629f8a1d85&ep.log_id=adfeb895-0d21-47c4-aba0-40fb78e11afb&ep.environment=production&ep.product_code=automizely&ep.collector=GTAG&ep.0app_platform=shopify&ep.0app_key=drink-orgain&ep.0app_names%2B=%5B%22aftership%22%5D&ep.0__organization_id=&ep.1page_referrer=&ep.1page_location=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ep.1page_id=83480.72875186&ep.1page_type=&ep.1page_sn=&ep.km=app_connections%2Cpage
200 OK 1.4 kB URL HTTP/2 www.automizely-analytics.com/analytics/collect?v=2>m=amwcp1&sr=1280x1024&ul=en-US&cid=1899207404.1674342677&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&dr=&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sid=04b84217-5bb2-4054-bad2-e3629f8a1d85&_psc=as&en=page_enter&ep.kit=3.3&epn.event_time=1674342680658&ep.platform=WEB&ep.user_id=&ep.session_id=04b84217-5bb2-4054-bad2-e3629f8a1d85&ep.log_id=adfeb895-0d21-47c4-aba0-40fb78e11afb&ep.environment=production&ep.product_code=automizely&ep.collector=GTAG&ep.0app_platform=shopify&ep.0app_key=drink-orgain&ep.0app_names%2B=%5B%22aftership%22%5D&ep.0__organization_id=&ep.1page_referrer=&ep.1page_location=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ep.1page_id=83480.72875186&ep.1page_type=&ep.1page_sn=&ep.km=app_connections%2Cpage
IP
Hash 7b0c20db7a035641131840440e846a09
ad35e4c0006c360840281436baa79505a65ef88d
2aa087d2db2110cac4bf76ff62c960ac4e633d371893e8e59aa7561f51a7a397
POST /analytics/collect?v=2>m=amwcp1&sr=1280x1024&ul=en-US&cid=1899207404.1674342677&dl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&dr=&dt=404%20Not%20Found%20%E2%80%93%20Orgain&sid=04b84217-5bb2-4054-bad2-e3629f8a1d85&_psc=as&en=page_enter&ep.kit=3.3&epn.event_time=1674342680658&ep.platform=WEB&ep.user_id=&ep.session_id=04b84217-5bb2-4054-bad2-e3629f8a1d85&ep.log_id=adfeb895-0d21-47c4-aba0-40fb78e11afb&ep.environment=production&ep.product_code=automizely&ep.collector=GTAG&ep.0app_platform=shopify&ep.0app_key=drink-orgain&ep.0app_names%2B=%5B%22aftership%22%5D&ep.0__organization_id=&ep.1page_referrer=&ep.1page_location=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&ep.1page_id=83480.72875186&ep.1page_type=&ep.1page_sn=&ep.km=app_connections%2Cpage HTTP/1.1
Host: www.automizely-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: _am=deleted; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=None
date: Sat, 21 Jan 2023 23:11:23 GMT
vary: Origin
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
x-kong-upstream-latency: 15
x-kong-proxy-latency: 1
via: kong/2.5.1, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bdeda397fc829e2922b81e1ee75a6795
17f00767577168ef64bcc5823b2cbae72a2401a2
8321d837c9b1ea8b28ec49fee5335f7961f3fa2fa9a5918e50592f8c65dd3fd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8321D837C9B1EA8B28EC49FEE5335F7961F3FA2FA9A5918E50592F8C65DD3FD0"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12969
Expires: Sun, 22 Jan 2023 02:47:32 GMT
Date: Sat, 21 Jan 2023 23:11:23 GMT
Connection: keep-alive
pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1030&account_id=698203&title=404%20Not%20Found%20%E2%80%93%20Orgain&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&referrer=
200 OK 550 B URL HTTP/1.1 pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1030&account_id=698203&title=404%20Not%20Found%20%E2%80%93%20Orgain&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&referrer=
IP
Hash 765c9dfc93344c23844bced151369948
b24893719bbd75fd32627843e3df6134571458e8
22c3da58641c6b7c53410e5e659bc9fc754826949ea24e93e5754c75fb1e69ac
GET /analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1030&account_id=698203&title=404%20Not%20Found%20%E2%80%93%20Orgain&url=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&referrer= HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 23:11:23 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 550
Connection: keep-alive
x-pardot-canary: true
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
visitor_id697203=633496981; expires=Tue, 18-Jan-2033 23:11:23 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
visitor_id697203-hash=04c7011b2104a4f5af6fc8b95952f793292eda2ff360ae2752b6d5244f8113da85f1eb19a61d611f9ae3198d300e126244058759; expires=Tue, 18-Jan-2033 23:11:23 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
lpv697203=aHR0cHM6Ly9vcmdhaW4uY29tL2NvbGxlY3Rpb25zL2RyaW5rcy9wcm9kdWN0cy8yMGctcGxhbnQtYmFzZWQtcHJvdGVpbi1zaGFrZWh0dHBzOi9vcmdhaW4uY29tL2NvbGxlY3Rpb25zL3Byb3RlaW4tc2hha2VzL3Byb2R1Y3RzLzIwZy1wbGFudC1iYXNlZC1wcm90ZWluLXNoYWtl; expires=Sat, 21-Jan-2023 23:41:23 GMT; Max-Age=1800; path=/; secure; SameSite=None
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
r3.o.lencr.org/
200 OK 673 B IP
ASN #20940 Akamai International B.V.
Hash 30e0ed8cc0dc9ecdc5b845ca4487ee68
0408c84673c4c740ba3ca6cf4e1a144eb018ce94
4dc3320e0ed3119a48452866307077013a06eaf87c903c78df82bd079564080a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D31A5D86A78C8224E31DDEFC41005250FE924C0834865DA78C5E54D680D05B80"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=808
Expires: Sat, 21 Jan 2023 23:24:51 GMT
Date: Sat, 21 Jan 2023 23:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ee6a6a69796bc38bf4dff81d9c468d5
2a4c6dd9e68873b168f63e080f0f88461a2bd8db
c86262cd55de9e2f1aa8e2a186e9797046f067b093aed02ebe5218e1539f3a85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C86262CD55DE9E2F1AA8E2A186E9797046F067B093AED02EBE5218E1539F3A85"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20702
Expires: Sun, 22 Jan 2023 04:56:25 GMT
Date: Sat, 21 Jan 2023 23:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29886e0d76ec115c04049b78607460af
70860f78fb4588f9621533a1d876a84955b66fb9
9530248e63ea3f62c4bfe2f2a5ef6503e8d962452ac7de4e135937a6f174e567
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9530248E63EA3F62C4BFE2F2A5EF6503E8D962452AC7DE4E135937A6F174E567"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sun, 22 Jan 2023 05:11:19 GMT
Date: Sat, 21 Jan 2023 23:11:23 GMT
Connection: keep-alive
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
204 No Content 1.9 kB URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
IP
Hash 8bc20414f9fde8333d79a9b48e4dffd7
fdd46567fb8e56e3c9e6588c1132c332b1bdf51b
a30d1a77e76f12bc369216b2177dbf33d45e29ddd2837803647980f1520233d8
POST /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://imgs.signifyd.com
Connection: keep-alive
Referer: https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=805626133F886408F4411B9E1A560BE6?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=a0d06eca18ae5b9b
Cookie: thx_guid=f98664693b7b8396d2d5e7c78a683934
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Sat, 21 Jan 2023 23:11:23 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://imgs.signifyd.com
Content-Type: text/javascript
app.octaneai.com/b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 app.octaneai.com/b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com
IP
GET /b12tbeazfscoyvns/shopify.js?x=1aJPhpByQdbaA08g&shop=drink-orgain.myshopify.com HTTP/1.1
Host: app.octaneai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:22 GMT
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2023 08:41:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba7daba1b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
IP
GET /cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: instafeed.nfcube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/javascript
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=19872
etag: W/"6269c6e5-4da0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Apr 2022 22:42:45 GMT
pragma: public
vary: Accept-Encoding
x-rule: cdn migration
cf-cache-status: HIT
age: 137353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyks0w7RF%2FdZK23N63l%2Bfxh2rDOJKIMUl1cdRXfyJzTTi3WrVdkAnjHfw9hMUfO2lN3IuH2VmRZpnyHOUlN6tPiR69QvEffqXSwTRWK2ecoGBtoDQfKZtxnV2WLXKY4lMjcEHatn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78d3ba7dfd88b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
config.gorgias.chat/applications/11178/agents
200 OK 0 B URL HTTP/2 config.gorgias.chat/applications/11178/agents
IP
GET /applications/11178/agents HTTP/1.1
Host: config.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:17 GMT
content-type: application/json; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: max-age=60
etag: W/"14b-zXx0IVsu1lT8oUjgfunkMBBTRAU"
via: 1.1 google
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d3ba62af7ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js?v=20220906 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-c31d2fa4962d2ef90b673e945ee33f4f87302b97d0882cd8e83a629b84b30dab.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 207136fb-bb4b-48c5-a73e-b239bfd35ec4
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Tue, 25 Oct 2022 19:46:06 GMT
cf-cache-status: HIT
age: 375827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPo%2F1luCeQQz76nZ41SP7Ee5ryrDHOdspBInQb81KHHKLAMtxtXQlwv8iALjOhkz%2BZ6i0VZs4PqKZ5YuuPqYCeKmEZP9M3SnnMWdv4HktooHpt5lu9%2FmGhZsIu3Fzf1v0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=20.237, imageryFetch;dur=20.009, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 78d3ba5a8c0fb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
200 OK 0 B URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e154599399e6b8b29dcb1102cc76eb199fa33a09af4fa78d15e8f8544ee64fcd.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 25149feb-0120-46d3-aad1-53a2a1121aa1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Wed, 04 Jan 2023 20:04:20 GMT
cf-cache-status: HIT
age: 137350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTDmMqVwBdoFcOLFPLG4qkBuFBGcqQqx266xYSTpWYTHnHkiW2g30ZyvYwXQICJ6kyuTtzMIvPjxg0FkQ4v3ZtEb%2BZfAdulybSMHMqNYCQZFP3llG1PeaGjFIdYV19QJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=23.226, imageryFetch;dur=23.055, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 78d3ba5aac35b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
IP
GET /aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: hHZwt2NvUg38FIhTVMA1y2SjyBEiHcONrNBq2FOmOXW6eETUQCfVMcZ8QxUCej5dAh4NWD6edtM=
x-amz-request-id: 8MQJY6NZF6CSP0M3
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"6b5ee600d2b0385cffe59f410b014590"
cf-cache-status: HIT
expires: Sun, 22 Jan 2023 03:11:21 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78d3ba7daed00b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6&genhash=&device_static_hash=&userid_hash=&pageId=lp3v9q&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sw=1280&sh=1024
200 OK 0 B URL HTTP/2 aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6&genhash=&device_static_hash=&userid_hash=&pageId=lp3v9q&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sw=1280&sh=1024
IP
GET /api/session/findp?callback=jsonFindCallback&accid=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6&genhash=&device_static_hash=&userid_hash=&pageId=lp3v9q&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sw=1280&sh=1024 HTTP/1.1
Host: aly.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
access-control-allow-methods: GET, POST
access-control-expose-headers: DAV, content-length, Allow
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28w1Xe92a6MDGAYhusqbdskXm88bFcFdLwpW6czsF; SameSite=None; Secure; path=/; expires=Sat, 21-Jan-23 23:41:23 GMT; HttpOnly
server: cloudflare
cf-ray: 78d3ba8b5c8e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
intg.snapchat.com/shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 intg.snapchat.com/shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com
IP
GET /shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com HTTP/1.1
Host: intg.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: sc_at=v2|H4sIAAAAAAAAAA3HwQ0AIAgEsIlITkCQcYjKFAyv/dVO1Y1ySsYknRDKFaB9twRgblrdw1xF+a/xAA+1+8IyAAAA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 18:48:06 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Jan 2023 19:17:15 GMT
etag: W/"a65742ae31227369fe79296540c138fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mXNCYrL696XLJPxUN8MVUR9WfmjqBYS6Hz0vCMlcV9t6wOBaqkwLpg==
age: 14046
X-Firefox-Spdy: h2
assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/amplitude.js
200 OK 0 B URL HTTP/2 assets.gorgias.chat/dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/amplitude.js
IP
GET /dcea30cf393bc7904a7d9179db13a70b9894aabd/static/js/amplitude.js HTTP/1.1
Host: assets.gorgias.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:16 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtg7FDRrcok5gCS5040mymTLtTwN397zxfTqfqznAZht6mi870XQGOIbQ4dTcAeG9Q9BJ3VRqmBjIfB3WVVUNFrmRoj0Oqf
cache-control: public, max-age=31536000, s-maxage=31536000
expires: Sat, 20 Jan 2024 16:49:54 GMT
last-modified: Fri, 20 Jan 2023 16:45:52 GMT
etag: W/"e47e2fafd4a9ca6ef66908cc6f95432d"
vary: Accept-Encoding
x-goog-generation: 1674233152751147
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17289
x-goog-hash: crc32c=+gOZPA==, md5=5H4vr9Spym72aQjMb5VDLQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 108507
server: cloudflare
cf-ray: 78d3ba62af77b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
200 OK 0 B URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gYdoQg2cWS80rSPWHbypjltl4yIE4uUmaHQEhqi00ZOd1mUBezscPA==
age: 129673
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/vendor.js?v=126306995043103580991673470436
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/vendor.js?v=126306995043103580991673470436
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0074/0832/0621/t/665/assets/vendor.js?v=126306995043103580991673470436 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/vendor.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: fc9e2db8-3fe6-478b-9cbf-32f50d3b2d29
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 11 Jan 2023 21:05:19 GMT
cf-cache-status: HIT
age: 375842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzQmvC%2BlFyqySDITblghgmTSbuLKeBW3%2BYhYXMlg53j7Qjr3WFrpdubFfKhd34HKRq55I3oeV3Znxp9clt5F3JqlTKMo7Sxn12cyxAuyGsEc8f1Gr480uqVw0O%2BrXPS2HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=242.589, imageryFetch;dur=154.033, cfRequestDuration;dur=16.000032
server: cloudflare
cf-ray: 78d3ba5aea2dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
IP
GET /redirect-app.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: easyredirects.esc-apps-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"9643234c1fa77f5a0767132cdbd8bd1a"
last-modified: Thu, 10 Mar 2022 10:52:17 GMT
vary: Accept-Encoding
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-id: Y7mNEnveFZPrzBKCaTzdXY3LtiT0rfjWir-ZQLSozGUM83NY3Gf2tg==
x-amz-cf-pop: OSL50-C1
x-cache: Hit from cloudfront
cache-control: max-age=3600
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX1ABWzN5vJ7HCKgwiEvmzrJJVETBnF5Kc%2BlYIgHFspwez2un1PF0AgpxMmHTYv9L5SVjKnmr1iiW7MPrywUj8gIi9wa5hp%2B6rJF8JYYsda0pxZklrz6KJlgQwC2pIz5IGrCtgrpe4rFSRhmQIb6xYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d3ba7dfabbb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
200 OK 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 21 Jan 2023 20:35:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MhzO6hJqbgo0oy1fBrv-ukfi3IttvFDOM_hRsp_3Xwaezo7K9EKl6g==
age: 9335
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
IP
GET /aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: bYcyAh/Jj1vIQOQwmtGTkmISI5RR5dtE5guOKJyW2XuIhUjSavfz843D062ohyCnppUJDUmg3cc=
x-amz-request-id: 8MQKBVB5NKH75478
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"a0629c9eea780e8f21ab0bdb2518e3e7"
cf-cache-status: HIT
expires: Sun, 22 Jan 2023 03:11:21 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78d3ba7d7e960b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staticw2.yotpo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 23:11:16 GMT
date: Sat, 21 Jan 2023 23:11:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/cj-event-storage.js?v=179835027038517210171673468075
200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/cj-event-storage.js?v=179835027038517210171673468075
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0074/0832/0621/t/665/assets/cj-event-storage.js?v=179835027038517210171673468075 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:15 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/cj-event-storage.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 401dcbb7-a03d-4139-877a-83b0fbb99d91
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Fri, 20 Jan 2023 06:29:13 GMT
cf-cache-status: HIT
age: 137350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is3%2FgYlae7L62HxlUZuiftOdWYHMPzddMOFRj3k1DDQnZ5nYmryzVE1%2FZUJuQfD%2BHBELm0yZFET1uNFecz8OvvtsUCXNgwB5eMx1g7y6YGZYtG4znVZ6pd0zOKjQOsq9tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=74.602, imageryFetch;dur=73.095, cfRequestDuration;dur=9.999990
server: cloudflare
cf-ray: 78d3ba5a89ebfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&upid=sml8w9s&upv=1.1.0
200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&upid=sml8w9s&upv=1.1.0
IP
GET /track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2Fcollections%2Fdrinks%2Fproducts%2F20g-plant-based-protein-shakehttps%3A%2Forgain.com%2Fcollections%2Fprotein-shakes%2Fproducts%2F20g-plant-based-protein-shake&upid=sml8w9s&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.jst.ai/vck-shopify.js
200 OK 0 B URL HTTP/2 cdn.jst.ai/vck-shopify.js
IP
GET /vck-shopify.js HTTP/1.1
Host: cdn.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/javascript
access-control-max-age: 3000
cache-control: public, max-age=700000
cf-bgj: minify
cf-polished: origSize=10925
etag: W/"259ddac425e70184b1c9890febcb1a48"
last-modified: Tue, 18 Jan 2022 22:56:21 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-77-cache: HIT
x-77-nzt: AblMCQ3tUfz/vHAGAA
x-77-nzt-ray: c0a4cc28753708ee96b4986319612d13
x-77-pop: stockholmSE
x-age: 422076
x-cache: HIT
x-amz-id-2: pVXGOrNpvK3oKKQf9k2gIw53NNyCQNsaHHRyMTaexA2qruDigYA+SZvRpyFtH7bIdWOiwLjjoi0=
x-amz-request-id: KXR8K7DSJB72E4FE
x-amz-version-id: mkHVrKu9..67dXu1ksQk643SRpaI.rtc
cf-cache-status: HIT
age: 590538
expires: Mon, 30 Jan 2023 01:38:01 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 78d3ba7f0c98b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
200 OK 0 B URL HTTP/2 app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
IP
GET /app/datapartners/status?usersite_id=6177068293f3c3408b6854a9 HTTP/1.1
Host: app.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orgain.com
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/json; charset=UTF-8
etag: W/"0467ba22658b680d6de72dc567071b5bc495547f"
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-credentials: true
set-cookie: _xsrf=2|526e4b90|7699669981f4bcc934f2491f4d568dd4|1674342681; Path=/
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin: *
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
200 OK 0 B URL HTTP/2 searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
IP
GET /widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com HTTP/1.1
Host: searchserverapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 23:11:21 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Jan 2023 12:01:02 GMT
etag: W/"63c7df7e-1b08"
expires: Sat, 21 Jan 2023 23:11:20 GMT
cache-control: no-cache
access-control-allow-origin: *
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
23.227.38.32
142.250.74.163
93.184.220.29
104.18.32.68
34.249.87.203
95.101.97.70
23.33.119.26
3.67.17.187