order.cava.com Open in urlscan Pro
13.32.121.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://order.cava.com/stores
Submission Tags: falconsandbox
Submission: On August 07 via api (August 7th 2022, 4:18:17 am UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 24 domains to perform 68 HTTP transactions. The main IP is 13.32.121.21, located in United States and belongs to AMAZON-02, US. The main domain is order.cava.com. The Cisco Umbrella rank of the primary domain is 281333.
TLS certificate: Issued by Amazon on June 7th 2022. Valid for: a year.

This is the only time order.cava.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.102 52.222.206.102	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5bb0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	159.53.117.101 159.53.117.101	7743 (JPMORGAN-...) (JPMORGAN-AS7743)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 6	2600:9000:225... 2600:9000:225e:5000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.167.251.147 35.167.251.147	16509 (AMAZON-02) (AMAZON-02)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	52.17.123.159 52.17.123.159	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:27::... 2620:1ec:27::cafe:1586	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.208.204.145 34.208.204.145	16509 (AMAZON-02) (AMAZON-02)
1	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
68	32

8 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

order.cava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-102.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5bb0 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:27 (United States)

ASN13335 (CLOUDFLARENET, US)

api.cava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.117.101 (Blacklick, United States)

ASN7743 (JPMORGAN-AS7743, US)

safetechpageencryption.chasepaymentech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225e:5000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.251.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-251-147.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.123.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-123-159.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1586 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.204.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-204-145.us-west-2.compute.amazonaws.com

flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 894	83 KB
9	cava.com order.cava.com — Cisco Umbrella Rank: 281333 api.cava.com — Cisco Umbrella Rank: 183330	2 MB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2181 d.adroll.com — Cisco Umbrella Rank: 1521	21 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 f.clarity.ms — Cisco Umbrella Rank: 5359 c.clarity.ms — Cisco Umbrella Rank: 996	26 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 898	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	476 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	195 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 5680 flask.nextdoor.com — Cisco Umbrella Rank: 5476	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5596	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 10	611 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 566 p.typekit.net — Cisco Umbrella Rank: 677	1 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 952	8 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 506	354 B
1	t.co t.co — Cisco Umbrella Rank: 445	336 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3528	829 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 609	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	78 KB
1	chasepaymentech.com safetechpageencryption.chasepaymentech.com — Cisco Umbrella Rank: 26280	911 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	17 KB
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	3 KB
68	24

	Domain	Requested by
14	analytics.tiktok.com	order.cava.com analytics.tiktok.com
8	order.cava.com	order.cava.com
6	s.adroll.com	2 redirects www.googletagmanager.com order.cava.com s.adroll.com
4	tr.snapchat.com	sc-static.net order.cava.com
3	bat.bing.com	order.cava.com bat.bing.com
3	www.facebook.com	order.cava.com
3	connect.facebook.net	order.cava.com connect.facebook.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.de	order.cava.com
2	www.google.com	order.cava.com
2	www.google-analytics.com	order.cava.com www.google-analytics.com
1	c.bing.com	1 redirects
1	f.clarity.ms	www.clarity.ms
1	flask.nextdoor.com	order.cava.com
1	d.adroll.com	s.adroll.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sc-static.net	www.googletagmanager.com
1	ads.nextdoor.com	www.googletagmanager.com
1	analytics.twitter.com	order.cava.com
1	t.co	order.cava.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	siteimproveanalytics.com	order.cava.com
1	static.ads-twitter.com	order.cava.com
1	www.googletagmanager.com	order.cava.com
1	safetechpageencryption.chasepaymentech.com	order.cava.com
1	api.cava.com	order.cava.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	order.cava.com
1	fonts.googleapis.com	order.cava.com
1	www.googleadservices.com	order.cava.com
1	d2wy8f7a9ursnm.cloudfront.net	order.cava.com
68	32

This site contains no links.

Subject Issuer	Validity	Valid
*.cava.com Amazon	`2022-06-07` - `2023-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-16` - `2022-08-14`	3 months	crt.sh
safetechpageencryption.chasepaymentech.com Entrust Certification Authority - L1M	`2021-08-17` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
nextdoor.com Amazon	`2022-05-05` - `2023-06-02`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://order.cava.com/stores
Frame ID: F179E02439E9427B27D05767B176F6EA
Requests: 66 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=247fc463-f9aa-46d7-af26-5f2e463ede4b&u_scsid=cff8e325-c6cd-46bd-b039-38adbe667b44&u_sclid=923abff4-8337-46e2-b505-94dd89897654
Frame ID: 31422763A520057D5EFECA94AF51EA40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAVA | Order Online

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

68
Requests

94 %
HTTPS

52 %
IPv6

24
Domains

32
Subdomains

32
IPs

5
Countries

2695 kB
Transfer

3724 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://s.adroll.com/j/exp/IFFH3LRNVNEK5DGHSDNZYU/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 43

https://s.adroll.com/j/pre/IFFH3LRNVNEK5DGHSDNZYU/DF622QT2ORHCDLKDC3DDPR/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 66

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&RedC=c.clarity.ms&MXFR=17CE596979E663C7113848907DE66D8F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&MUID=273B25F44A9A65CF273D340D4B4864B8

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request stores Show response
order.cava.com/ 3 KB
4 KB 832ms
799ms Document
text/html 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d963ad8ac1f05a0e1956fc7038b7648dae588bd98f2666958f3dfc3d3087ca9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=600, no-transform, public
Connection: keep-alive
Content-Length: 3384
Content-Type: text/html; charset=utf-8
Date: Sun, 07 Aug 2022 04:18:12 GMT
ETag: "75d1ff54944c1114d2845be8b72b411f"
Last-Modified: Tue, 19 Jul 2022 09:59:51 GMT
Server: AmazonS3
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 0HJdABuERhNV8FDaTvvk_48c0BmaB8IILfILydywOCX_KhBjGTi6wA==
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Error from cloudfront

GET
H/1.1 200
OK app.7ccfa7afd2428b426617.css
order.cava.com/ 139 KB
139 KB 112ms
112ms Stylesheet
text/css 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/app.7ccfa7afd2428b426617.css
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba6ca723df7e614725498820e695bdb78fc8f5074898725f5b260a23cb481aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/stores
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:12 GMT
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Jul 2022 09:59:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "d370291dfdc46ee6d3986bab100553c4"
X-Cache: RefreshHit from cloudfront
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141996
X-Amz-Cf-Id: tfRNbve8cmDm7j1F6acoAnB7d2eRUx4TBwtuRjWL_9VQDYkEqKQkRQ==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 43ms
9ms Script
application/javascript 52.222.206.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 00:45:51 GMT
Content-Encoding: gzip
Age: 531141
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
X-Amz-Cf-Id: XVr3vVLWR6Ds7ZCQIsHaQCkwRdcB_kO4VzTxOeR79PCdT5EWbIW24A==

GET
H/1.1 200
OK app.7ccfa7afd2428b426617.js Show response
order.cava.com/ 2 MB
2 MB 415ms
399ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/app.7ccfa7afd2428b426617.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cdb975802d4d43b08baeaaab99807f262e327f77649ee965536088efa911c41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/stores
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:13 GMT
Via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Jul 2022 09:59:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "6a68391066953acbaaab6c8b9808cefe"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1887488
X-Amz-Cf-Id: pG7rrbqqWskpcBcimK6Z9IO8GPaopgGRM7ydAFxFWklk2GmHImOVug==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 132ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17001
x-xss-protection: 0
server: cafe
etag: 6464440653375776403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 04:18:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 132ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif

Requested by

Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3e0fbb31ea7229f433a1ea02fb9d52c4864862ec41c07a27cadcf990d10c28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Aug 2022 03:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 07 Aug 2022 04:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Aug 2022 04:18:12 GMT

GET
H2 200 emb7nel.css
use.typekit.net/ 2 KB
870 B 314ms
124ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/emb7nel.css

Requested by

Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

affb4822fa0ce3098029af18a7b75fd34f76ddcec2ac33831c8c13848ebd979b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sun, 07 Aug 2022 04:18:12 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 638

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 160ms
17ms Stylesheet
text/css 2a02:26f0:10e::6860:5bb0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=emb7nel&ht=tk&f=10881.10882&a=3405817&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/emb7nel.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 07 Aug 2022 04:18:12 GMT
last-modified: Sat, 16 Oct 2021 05:50:56 GMT
server: nginx
etag: "616a6840-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

OPTIONS
H2 403 register
api.cava.com/api/device/ Frame 0
0 90ms
27ms Preflight
text/html 2606:4700::6812:27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cava.com/api/device/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://order.cava.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 736d34fd9c779a41-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 07 Aug 2022 04:18:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 69ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: zQUAch5MAgt30IOwP1CjpHeYWftHoVLgKZfOkqXlusF6H2XuLABPzx6zYB79q78DsnKR8Jnf6OIQXLcu1uW+jA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 07 Aug 2022 04:18:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK getkey.js Show response
safetechpageencryption.chasepaymentech.com/pie/v1/64750000001815/ 851 B
911 B 1136ms
162ms Script
text/plain 159.53.117.101
JPMORGAN-AS7743

General

Check archive.org

Show headers Download Go to

Full URL: https://safetechpageencryption.chasepaymentech.com/pie/v1/64750000001815/getkey.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.53.117.101 Blacklick, United States, ASN7743 (JPMORGAN-AS7743, US),
Reverse DNS
Software: /
Resource Hash: 4aeff528af718b6906d5dc72c1d617c36f36ca216bdb48c8fa1c2d8dfb93f3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Aug 2022 04:18:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 548
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 148ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4572
date: Sun, 07 Aug 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 07 Aug 2022 05:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
78 KB 180ms
83ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NX9NCP

Requested by

Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a9a2bb79ebc01732058fb5c4f0a3d0ed58448901520ab7f5017b7b83e6b740b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79075
x-xss-protection: 0
last-modified: Sun, 07 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Aug 2022 04:18:12 GMT

POST register
api.cava.com/api/device/ 0
0

GET
H/1.1 200
OK 5a1c8b97554f9e6dd3a74bbffd6e5257.svg
order.cava.com/ 4 KB
5 KB 392ms
392ms Image
image/svg+xml 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.cava.com/5a1c8b97554f9e6dd3a74bbffd6e5257.svg
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fbb6c077b4a123bea8f94ccd90c31ab633efc6926b35884830758b52d036419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/stores
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:13 GMT
Via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 Jan 2017 19:32:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "5a1c8b97554f9e6dd3a74bbffd6e5257"
X-Cache: RefreshHit from cloudfront
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4496
X-Amz-Cf-Id: u4dubZP6FVVKLMsTezOCAjaWRwYU_JQ_Qxr1ZECzsxFlyVbyYsVV0A==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 74ms
17ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 21:38:45 GMT
etag: "ca88912498e17137955859948f14e272+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15196
x-served-by: cache-iad-kiad7000034-IAD, cache-vie6369-VIE

GET
H2 200 siteanalyze_6020290.js Show response
siteimproveanalytics.com/js/ 48 B
829 B 75ms
32ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6020290.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d52994b327c797e0d0d410ace642d8cce0c0d3053b558ea94edf00a9ebde07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:12 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NSVQQ1PPPR9WHV4A
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
x-amz-id-2: 4dNPhuR/vjbVhCC5iUo7i8Nbm0FTnmeKKzlpPImhSMBV8SK3crgPk9V6cgSVcCvQ5kVS0i+lzOY=
last-modified: Thu, 21 Jul 2022 10:38:02 GMT
server: cloudflare
etag: "0dd016e9f015564d85bf6b4135df054a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmNJTxjU1hOEt1pZjuy0%2F%2BfZtjpAl5MTibrrqOkbZTy9LSshq6MXskgyMa%2FjoandHn%2B8odVwl6joyI24HFdH9scGkLAdMSHyelGCctkloO%2F7NtbTWm9nu9KmqSqfF%2FAb4Jo9PTI1MEPILbXAy%2FP4INs%2FD%2F15Zp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 736d34fd8e2cbb9d-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868720658/ 2 KB
2 KB 169ms
61ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868720658/?random=1659845892669&cv=9&fst=1659845892669&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Forder.cava.com%2Fstores&tiba=CAVA%20%7C%20Order%20Online&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b664092cd25d495aa12f0603921da4810f821ecb97ef21f2d69eae9567da79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1003
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 2bd1dc2b91930d6fcbf0c281f763ac4e.woff2
order.cava.com/ 43 KB
44 KB 402ms
402ms Font
application/font-woff2 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/2bd1dc2b91930d6fcbf0c281f763ac4e.woff2
Requested by: Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 038943028568899d9f97e37747d7cf59bde4a82f16435a5308f48408516d47f5

Request headers

Referer: https://order.cava.com/app.7ccfa7afd2428b426617.css
Origin: https://order.cava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:14 GMT
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 44068
Last-Modified: Wed, 04 Jan 2017 19:32:58 GMT
Server: AmazonS3
ETag: "2bd1dc2b91930d6fcbf0c281f763ac4e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, no-transform, public
Accept-Ranges: bytes
X-Amz-Cf-Id: Dj12QzjFuvKwZQi8CkcRPNc7k8h7XPlhD5TARnaxsWbPbZDVwlLBgQ==

GET
H2 200 308432946216559 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/308432946216559?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abb3b00536f79344b475ae21b0168244486e62fa90ec8adfd1c9b65a0289dbf8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UU8kLs99EWvtiOC/35XWzLfKctAcXNFvK/5ixVbd6I8vjs1sgajqYO7BtntpYHPEJabbuz0Z1zEml/wLGEA9bQ==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 07 Aug 2022 04:18:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659845892759
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
336 B 167ms
111ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c1c22f82-b0f8-4574-be25-ed993d89a336&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=d4e4c6be-1c2e-4213-9e26-920037e7f555&tw_document_href=https%3A%2F%2Forder.cava.com%2Fstores&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvp3f&type=javascript&version=2.4.15

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 07 Aug 2022 04:18:12 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 63220dc8c2a5fab685c041996888fb1eabe209f97d3901e10937e6d49624a9e9
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 193ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c1c22f82-b0f8-4574-be25-ed993d89a336&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=d4e4c6be-1c2e-4213-9e26-920037e7f555&tw_document_href=https%3A%2F%2Forder.cava.com%2Fstores&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvp3f&type=javascript&version=2.4.15

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 105
date: Sun, 07 Aug 2022 04:18:12 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c94bb94e6c5ada447eb54083b2ef066d1341e006fae84007c977748ee6aa6264
content-length: 43

GET
H/1.1 200
OK 8f7bac378918c86553ea74331a592cb0.jpg
order.cava.com/ 95 KB
95 KB 453ms
397ms Image
image/jpeg 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.cava.com/8f7bac378918c86553ea74331a592cb0.jpg
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e423383d3be2a40b83db6f40a7af5bbbd02be428dfb73ef5d22fe2ae676b641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/stores
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:14 GMT
Via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 Jan 2017 19:33:01 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "8f7bac378918c86553ea74331a592cb0"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96967
X-Amz-Cf-Id: WtPgmlCC323GauscgXFCwmKgEkQ2pazBYzGyuxYH20_CA7u6TjaKeg==

GET
H/1.1 200
OK b4004a65c860322e1261dd69da960bfc.woff2
order.cava.com/ 44 KB
45 KB 166ms
114ms Font
application/font-woff2 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/b4004a65c860322e1261dd69da960bfc.woff2
Requested by: Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 897b09bbba043a4bbe2de18cb38fc13edd2a1286554a4e78fe68dd3bda78c96c

Request headers

Referer: https://order.cava.com/app.7ccfa7afd2428b426617.css
Origin: https://order.cava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:13 GMT
Via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 45104
Last-Modified: Wed, 04 Jan 2017 19:33:05 GMT
Server: AmazonS3
ETag: "b4004a65c860322e1261dd69da960bfc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, no-transform, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 1ue2pb7abDaD8QoXOql7U1kkAIbyQE38DV7EvEhyCuALRRdmkxYo3A==

GET
H/1.1 200
OK d8c7e4512645f895048e57d62a823a08.woff2
order.cava.com/ 29 KB
29 KB 454ms
399ms Font
application/font-woff2 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://order.cava.com/d8c7e4512645f895048e57d62a823a08.woff2
Requested by: Host: order.cava.com
URL: https://order.cava.com/app.7ccfa7afd2428b426617.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe74bca1db05ee86384c38d7ccbe3ea90b2f60fb928c1ce2d7f17e92d75f9ca5

Request headers

Referer: https://order.cava.com/app.7ccfa7afd2428b426617.css
Origin: https://order.cava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 07 Aug 2022 04:18:14 GMT
Via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 29520
Last-Modified: Wed, 04 Jan 2017 19:33:07 GMT
Server: AmazonS3
ETag: "d8c7e4512645f895048e57d62a823a08"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, no-transform, public
Accept-Ranges: bytes
X-Amz-Cf-Id: DgalfgIxyFqOocNd5CelprLeX-tA-8G465ExvfKwtI6izxEyKyZvWw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 71ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308432946216559&ev=PageView&dl=https%3A%2F%2Forder.cava.com%2Fstores&rl=&if=false&ts=1659845892827&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1659845892827.288656435&it=1659845892685&coo=false&rqm=GET

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 07 Aug 2022 04:18:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 121ms
45ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=81675694&t=pageview&_s=1&dl=https%3A%2F%2Forder.cava.com%2Fstores&dp=%2Fstores&ul=en-us&de=UTF-8&dt=CAVA%20%7C%20Order%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=113387959&gjid=410343989&cid=120569975.1659845893&tid=UA-20771256-2&_gid=1427620267.1659845893&_r=1&_slc=1&z=79382596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://order.cava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868720658/ 42 B
548 B 145ms
48ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868720658/?random=1659845892669&cv=9&fst=1659844800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Forder.cava.com%2Fstores&tiba=CAVA%20%7C%20Order%20Online&fmt=3&is_vtc=1&random=253212472&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/868720658/ 42 B
548 B 132ms
48ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868720658/?random=1659845892669&cv=9&fst=1659844800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Forder.cava.com%2Fstores&tiba=CAVA%20%7C%20Order%20Online&fmt=3&is_vtc=1&random=253212472&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 720101308646521 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 170ms
169ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/720101308646521?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22e480a09b0d5a9d423d4a80a6803e9d4330505176889b079047eab4ca8f5fa4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: J11kCMdGXVOqnbgRm4C5f/q/y86NiFzdlO90e3QVllrITTJ2Jthq9deALj0PGeUjcJpAb0pgXyRa4rISr8J3eg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 07 Aug 2022 04:18:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659845893107
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 76ms
16ms Script
application/javascript 2600:9000:225e:5000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NX9NCP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: iORgrk9LTMl3w05sDnO.StPor_BzcIZl
Content-Encoding: gzip
Etag: W/"d570d2e0cc47679b5bf3a6f9ff5b9e5b"
Age: 8798
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Aug 2022 16:07:19 GMT
Server: AmazonS3
Date: Sun, 07 Aug 2022 01:51:41 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: BnI_W2oDwvRKvAj2ia6cLaFDueki1j_FQE8WNCdWOXK-wF9Rx7MdJA==

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 556ms
177ms Script
application/javascript 35.167.251.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NX9NCP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.251.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-251-147.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.lightning.force.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 17:47:46 GMT
server: istio-envoy
etag: W/"62ed57c2-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 3
content-security-policy: frame-ancestors 'self' *.lightning.force.com;

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 67ms
27ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NX9NCP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc8cb6b69c6e8ed388dc82fbb93e880e9c42c7d6793003b9290fbf1ee8d03060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7824
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-id: 6rPWJaY6grDvGv8tFcu3JH52PyjOndkp_ZLp4gPWhw5oE94wfxFWug==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 82ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65409CB90CB4456397ED5102A9FDAA15 Ref B: FRAEDGE1317 Ref C: 2022-08-07T04:18:12Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 07 Aug 2022 04:18:12 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 161 KB
45 KB 235ms
111ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 402ef34916c12fede88e27d6b045bc8b801f80b8323f6d1bc8745a3fa7078cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 7e49d64f.31b6400e
date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-32-16-71.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 101,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=7, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022080704181313FC9B14862387F9C2A9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.32.16.71
x-tt-trace-host: 018debac48b254c96e084d365932782b4dcb2c03a2971879392dc0c016733d606036e2ba5b03f8610eefc12095a37dbe862ed2d6d4ffd328aa5ac68a9b79241d519cac590deb820c9e1c3b0e6a57917b565b410c57a7a06dd5e0e38af404a3b275
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 75ms
31ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20771256-2&cid=120569975.1659845893&jid=113387959&gjid=410343989&_gid=1427620267.1659845893&_u=YEBAAEAAAAAAAC~&z=313675032

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 07 Aug 2022 04:18:13 GMT
content-type: text/plain
access-control-allow-origin: https://order.cava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
478 B 125ms
23ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=247fc463-f9aa-46d7-af26-5f2e463ede4b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

a14fb59bd1bc75ba4be4118b788398d2e50d11f3ff8b8d87b537d710e7b1d1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://order.cava.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
163 B 126ms
24ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=247fc463-f9aa-46d7-af26-5f2e463ede4b&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f029570707570adad39a91957394459f0aff88940b8c6074e6db934ceead6fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://order.cava.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 3142 0
294 B 103ms
22ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=247fc463-f9aa-46d7-af26-5f2e463ede4b&u_scsid=cff8e325-c6cd-46bd-b039-38adbe667b44&u_sclid=923abff4-8337-46e2-b505-94dd89897654

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://order.cava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 07 Aug 2022 04:18:13 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 17557495.js Show response
bat.bing.com/p/action/ 1 KB
870 B 181ms
180ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17557495.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

8f86badfa6027c7bfb6d82aeb265d73d290ef81fce7042814498d8fc4aaebc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD64386149D44403A8CC51246D551F84 Ref B: FRAEDGE1317 Ref C: 2022-08-07T04:18:13Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Sun, 07 Aug 2022 04:18:12 GMT
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
176 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17557495&Ver=2&mid=5342596f-738a-41ac-b2e0-12c106c76596&sid=f3dea520160711ed91240fda3eefe120&vid=f3dedcb0160711edab33a72f612cf1ce&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CAVA%20%7C%20Order%20Online&p=https%3A%2F%2Forder.cava.com%2Fstores&r=&lt=1588&evt=pageLoad&sv=1&rn=665349

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E953FD94EDEA4639B6DF9361E8A5818A Ref B: FRAEDGE1317 Ref C: 2022-08-07T04:18:13Z
date: Sun, 07 Aug 2022 04:18:12 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 130ms
48ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20771256-2&cid=120569975.1659845893&jid=113387959&_u=YEBAAEAAAAAAAC~&z=1929367536

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 131ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20771256-2&cid=120569975.1659845893&jid=113387959&_u=YEBAAEAAAAAAAC~&z=1929367536

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/IFFH3LRNVNEK5DGHSDNZYU/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

19ms
12ms

Script
application/javascript

2600:9000:225e:5000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Server: 2600:9000:225e:5000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: 54CR.I9BC9Znk_eUBi_4NwuScKvxGyTv
Via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 70362
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Thu, 04 Aug 2022 20:10:45 GMT
Server: AmazonS3
Date: Sat, 06 Aug 2022 08:45:32 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5GRwe-tUAOyNbApIHM5Tyo040uwDukW0ymI_F5-ddWxa1NxHvXuFPw==

Redirect headers

Date: Sat, 06 Aug 2022 20:27:49 GMT
Via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
Age: 28223
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dmeuuGufBJfBLJpGJMISb8XZWk8LoHN0nWu4wJhoFHhSJ1MOUm-VXw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/IFFH3LRNVNEK5DGHSDNZYU/DF622QT2ORHCDLKDC3DDPR/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

13ms
13ms

Script
application/javascript

2600:9000:225e:5000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: HTTP/1.1
Server: 2600:9000:225e:5000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 70692
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sat, 06 Aug 2022 08:40:05 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: IY00PxgM4Qkcqn9ul5dx7ahi0p_1Xvm5KXqdwoyaHnJFdqX-8qxBXw==

Redirect headers

Date: Sun, 07 Aug 2022 04:11:27 GMT
Via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
Age: 406
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Yi20lYuffWFr3IjvY7SHMkD9H5mCB-c5BCiJi7vUyCu3vYQme2678Q==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/IFFH3LRNVNEK5DGHSDNZYU/DF622QT2ORHCDLKDC3DDPR/ 0
808 B 29ms
11ms Script
text/javascript 2600:9000:225e:5000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/IFFH3LRNVNEK5DGHSDNZYU/DF622QT2ORHCDLKDC3DDPR/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: jTzAg4BIyHyn7NfG9hn3LPsGcJrgIAuR
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 406
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Tue, 02 Aug 2022 02:42:47 GMT
Server: AmazonS3
Date: Sun, 07 Aug 2022 04:11:28 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pHDXbXSx_t7HZMYOtigCcEYpaHcczbhkukAW1IdWnX38w85dICZH-A==

GET
H2 200 p
tr.snapchat.com/ 68 B
306 B 94ms
23ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=56d493f4-a527-4c36-b582-c7d74ef0853e&pid=247fc463-f9aa-46d7-af26-5f2e463ede4b&ev=PAGE_VIEW&pl=https%3A%2F%2Forder.cava.com%2Fstores&ts=1659845893047&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=1927&m_rd=1958&m_pi=1588.3999977111816&m_dcl=1588.3999977111816&m_fcps=1591.2999992370605&m_pl=0&m_ic=0&m_pv=v2&u_c1=f576b2e1-c9dd-4657-a7a1-8d298d7ba8d6

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 IFFH3LRNVNEK5DGHSDNZYU Show response
d.adroll.com/consent/check/ 449 B
542 B 150ms
32ms Script
application/javascript 52.17.123.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/IFFH3LRNVNEK5DGHSDNZYU?arrfrr=https%3A%2F%2Forder.cava.com%2Fstores&_s=161249257005444e14414c2483ef9868&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.123.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-123-159.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4710fecab662161144c3aa0c67dbefef4a4695fb9878aec062197cc86b2d8166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
17ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=720101308646521&ev=PageView&dl=https%3A%2F%2Forder.cava.com%2Fstores&rl=&if=false&ts=1659845893158&sw=1600&sh=1200&v=2.9.73&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=29&fbp=fb.1.1659845892827.288656435&it=1659845892685&coo=false&tm=1&rqm=GET

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 07 Aug 2022 04:18:13 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 104ms
104ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080704181306A7A8A857727AEC738D
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aaef49d2fc4057f79dd0fe5d1663c792c6094e065cd6ae1eab8efefec29615c34a2f238052dbf7e97baa18342a82829d9ac
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
x-akamai-request-id: 31b6412e
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 301ms
299ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a2d2b107.31b64155
date: Sun, 07 Aug 2022 04:18:13 GMT
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 292,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=214, origin; dur=78, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202208070418135C3CCEBA69BAB5F432E4
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 78,23.32.16.92
x-tt-trace-host: 018debac48b254c96e084d365932782b4dcb2c03a2971879392dc0c016733d60609829e52c9ea62b6d14c4774b42805135c622a44924fbc5feaa76e53c7c7eb886e00ee7798e10d83f8717d3004621acc82cae238c93c63c7aefca973061ee3f9c
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
547 B 125ms
123ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208070418138A0B7280B5234B11A4E4
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae11e17a2fe548b1518d75846dc56c41ebde72174ee734a696e17564abba5ac974af7d77039eb55cb71afe537a614343fc
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=110
x-akamai-request-id: 31b6415a
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 192ms
190ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a2d2af81.31b6415d
date: Sun, 07 Aug 2022 04:18:13 GMT
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 181,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=161, origin; dur=20, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220807041813C69EDE85B44D6CFECDDF
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.32.16.92
x-tt-trace-host: 018debac48b254c96e084d365932782b4dcb2c03a2971879392dc0c016733d60609829e52c9ea62b6d14c4774b42805135a861308097cb99bf8f0a2bf0b5934e6a65df364e77907f14e502aa21400cb9717d56a73ff235d1226508e58391dd7488
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
546 B 113ms
112ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208070418133F0BE47485CAEA12B3E9
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aaeadd81f25d1e3325ff92fde67745422c874dbe0d38280f7e3d5867c99b10ebb34312339b0bfe855cf32477b7ad585c90b
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
x-akamai-request-id: 31b64162
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
685 B 115ms
114ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 21cdced0.31b64168
date: Sun, 07 Aug 2022 04:18:13 GMT
x-cache-remote: TCP_MISS from a23-32-16-93.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 98,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=11, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220807041813B02D313EFA191AF220F5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.32.16.93
x-tt-trace-host: 018debac48b254c96e084d365932782b4dcb2c03a2971879392dc0c016733d6060d00f6d2bc710809a0ad7539b8374b2a7ce358be6cbd1b993dbff1ae25da8dc07cb14a0a424c472691b074254dc4e6f58e4fe5bca1339e7120719e2490c742442
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
545 B 115ms
115ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208070418139562CE24F71870F8424F
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae7e0ae3b388094b4f1f71d4626b1cbdfcec6246686af6ae8b2367dc34060767dea22eeecdd861fe4ecf363752153ad851
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=2, origin; dur=96
x-akamai-request-id: 31b6416d
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 111ms
110ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8STODK02NERG4EK0OJ0&hostname=order.cava.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a4bf653f1cfb8380639490b0e06a78ea559d00a742260459a68024f30643c35e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 3c9f4e3.31b64170
date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 93,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=4
content-length: 344
pragma: no-cache
server: nginx
x-tt-logid: 20220807041813E1396117259B4CFD13CE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.32.16.68
x-tt-trace-host: 018debac48b254c96e084d365932782b4dcb2c03a2971879392dc0c016733d606087acf38b191239d80e0904ebc67ab06494aed7a378ac473f4d3e0fdc33f7079f33b089c483a7ce084b7e5474fa494d5b1d07aa2381e4de6d2b392870f88dd48d
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
548 B 123ms
123ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080704181325E374664DD6D802E828
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae297d042fc4ffd4d1d70cab5b409b9156bb558e967550ae09c78b948c94cf3c1d11a2b0da6c20e646cd432427cd107659
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=103
x-akamai-request-id: 31b64172
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
547 B 129ms
129ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080704181389E3B3492E59C7F71D7C
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae5c64009546ea0861f7c833fe26a56a21b3c16a44231b303575daae8f44fa6b9162a4e28c99559c89a90f0253c01bfd49
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=109
x-akamai-request-id: 31b64179
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

GET
H2 200 17557495 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 205ms
125ms Script
application/x-javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17557495
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17557495.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 6df3f88c7f140435970b281a37dff2531f7d566a62de5262e9fe8b5bdf3525c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
x-powered-by: ASP.NET
x-azure-ref: 0BT3vYgAAAADKd3N5HhC0Sbld6zJmoZCMTVJTMjBFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length: 1588
expires: -1

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
17ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308432946216559&ev=Microdata&dl=https%3A%2F%2Forder.cava.com%2Fstores&rl=&if=false&ts=1659845893330&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22CAVA%20%7C%20Order%20Online%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22CAVA%20%7C%20Order%20Online%22%2C%22og%3Adescription%22%3A%22order.cava.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd2dk1lz1pgt72l.cloudfront.net%2FCampaign%2FWeb%2F2017_fall_hero_bowl.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Forder.cava.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1659845892827.288656435&it=1659845892685&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: order.cava.com
URL: https://order.cava.com/stores

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
547 B 110ms
110ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080704181325E374664DD6D802E83C
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae434d3ef68c6dccbbfb59d3d6bb6f04315b55aaa2840996c73f74e4340c92194d2680ff74833ff00251c8ccff230ea374
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=2, origin; dur=102
x-akamai-request-id: 31b6422d
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
548 B 123ms
123ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208070418138A0B7280B5234B11A4F8
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aaed8108cd55c099129fcd1bb264d1730757fcd8e552bbf414c3c8766cc1383e36e340ffeb14fece650f6fdb08df826aee1
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=0, origin; dur=112
x-akamai-request-id: 31b64233
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
545 B 107ms
107ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8STODK02NERG4EK0OJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220807041813EA05A54F1DF32D023A11
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.204
x-tt-trace-host: 018debac48b254c96e084d365932782b4d11ab3bfdc4fd4b04641fbe289fe93aae7b5c1f6edf15147fe8c118ddb71ee03e3700f6f908f28db358a7091f5cfd60187f5c71c04ab9d2a96126695233dcfb1a
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
x-akamai-request-id: 31b64297
content-length: 0
expires: Sun, 07 Aug 2022 04:18:13 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.37/ 53 KB
23 KB 116ms
116ms Script
application/javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17557495
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
content-encoding: br
etag: "1d8a82be9612196"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0BT3vYgAAAAB4OjvvNkvoR4AsdFzubC2HTVJTMjBFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 551ms
172ms Image
text/plain 34.208.204.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=b6cb8556-7dd5-4f3f-8005-27c45b0df48f&ev=PAGE_VIEW&pl=https%3A%2F%2Forder.cava.com%2Fstores&ndclid=&rf=&sem=&tm=1
Requested by: Host: order.cava.com
URL: https://order.cava.com/stores
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.204.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-204-145.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 04:18:13 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
context-id: a720d2e3-7a3e-4d20-8c36-f17d7d63ac0e

POST
H2 204 collect Show response
f.clarity.ms/ 0
175 B 298ms
96ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://order.cava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://order.cava.com
date: Sun, 07 Aug 2022 04:18:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&RedC=c.clarity.ms&MXFR=17CE596979E663C7113848907DE66D8F
https://c.clarity.ms/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&MUID=273B25F44A9A65CF273D340D4B4864B8

42 B
392 B

29ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&MUID=273B25F44A9A65CF273D340D4B4864B8
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.cava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:14 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Aug 2022 04:18:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CC5B5391E224782982254E9213EE2B9 Ref B: FRAEDGE1317 Ref C: 2022-08-07T04:18:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=4D981B84C09A425D83B4AE2105C33FD9&MUID=273B25F44A9A65CF273D340D4B4864B8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.cava.com
URL: https://api.cava.com/api/device/register

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:05:32	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
order.cava.com/	1970-01-20 06:30:29	Name: cg_device Value: 538e35ff-4c3b-55c0-ffea-94a17ad1619c
.cava.com/	1970-01-20 07:13:41	Name: _fbp Value: fb.1.1659845892827.288656435
.cava.com/	1970-01-20 14:40:05	Name: _ga Value: GA1.2.120569975.1659845893
.cava.com/	1970-01-20 05:05:32	Name: _gid Value: GA1.2.1427620267.1659845893
.cava.com/	1970-01-20 05:04:05	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 05:04:06	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 14:40:05	Name: muc_ads Value: a4f35ac9-d75b-41d8-93ad-aa1e1ff1e212
.cava.com/	1970-01-20 07:13:41	Name: _gcl_au Value: 1.1.2093479696.1659845893
.twitter.com/	1970-01-20 14:40:05	Name: personalization_id Value: "v1_xVb1PrRUDB2aD4aQjjXtLA=="
.bing.com/	1970-01-20 14:25:41	Name: MUID Value: 273B25F44A9A65CF273D340D4B4864B8
.cava.com/	1970-01-20 05:05:32	Name: _uetsid Value: f3dea520160711ed91240fda3eefe120
.cava.com/	1970-01-20 14:25:41	Name: _uetvid Value: f3dedcb0160711edab33a72f612cf1ce
.cava.com/	1970-01-20 14:33:52	Name: _scid Value: f576b2e1-c9dd-4657-a7a1-8d298d7ba8d6
.snapchat.com/	1970-01-20 14:25:41	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBCQ0AMAgEMEUkwI5PzxgqEL/WtCYeO2GCCaVK6Q80kJaIVrm9K26VsKyz/AGR+Kz0MgAAAA==
.tiktok.com/	1970-01-20 14:25:41	Name: _ttp Value: 2D0pXCa35uV1I8QTASUP7ott5Gm
.cava.com/	1970-01-20 14:25:41	Name: _tt_enable_cookie Value: 1
.cava.com/	1970-01-20 14:25:41	Name: _ttp Value: 1816934e-18b1-4d1b-9762-278e36b8a4b6
www.clarity.ms/	1970-01-20 13:49:41	Name: CLID Value: 42b85c92663d470b9b3b8f0b4b8a0ea7.20220807.20230807
.cava.com/	1970-01-20 13:49:41	Name: _clck Value: dnvb3k\|1\|f3t\|0
.cava.com/	1970-01-20 05:05:32	Name: _clsk Value: 9dp7lt\|1659845894000\|1\|1\|f.clarity.ms/collect
.c.bing.com/	1970-01-20 14:25:41	Name: SRM_B Value: 273B25F44A9A65CF273D340D4B4864B8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:25:41	Name: MUID Value: 273B25F44A9A65CF273D340D4B4864B8
.c.clarity.ms/	1970-01-20 05:04:06	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://order.cava.com/stores Message: Access to fetch at 'https://api.cava.com/api/device/register' from origin 'https://order.cava.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.cava.com/api/device/register Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.nextdoor.com
analytics.tiktok.com
analytics.twitter.com
api.cava.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.adroll.com
d2wy8f7a9ursnm.cloudfront.net
f.clarity.ms
flask.nextdoor.com
fonts.googleapis.com
googleads.g.doubleclick.net
order.cava.com
p.typekit.net
s.adroll.com
safetechpageencryption.chasepaymentech.com
sc-static.net
siteimproveanalytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
use.typekit.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.cava.com
104.244.42.5
104.244.42.67
13.32.121.21
142.250.184.226
159.53.117.101
18.66.120.247
199.232.16.157
20.234.93.27
20.84.22.197
23.36.163.232
2600:9000:225e:5000:6:9280:1080:93a1
2606:4700::6812:27
2620:1ec:27::cafe:1586
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9b
2a02:26f0:10e::6860:5bb0
2a02:26f0:3500:16::215:14a0
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3121::c
34.208.204.145
35.167.251.147
35.190.43.134
52.17.123.159
52.222.206.102
038943028568899d9f97e37747d7cf59bde4a82f16435a5308f48408516d47f5
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362
1b664092cd25d495aa12f0603921da4810f821ecb97ef21f2d69eae9567da79f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cdb975802d4d43b08baeaaab99807f262e327f77649ee965536088efa911c41
1fbb6c077b4a123bea8f94ccd90c31ab633efc6926b35884830758b52d036419
22e480a09b0d5a9d423d4a80a6803e9d4330505176889b079047eab4ca8f5fa4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
402ef34916c12fede88e27d6b045bc8b801f80b8323f6d1bc8745a3fa7078cae
4710fecab662161144c3aa0c67dbefef4a4695fb9878aec062197cc86b2d8166
4a9a2bb79ebc01732058fb5c4f0a3d0ed58448901520ab7f5017b7b83e6b740b
4aeff528af718b6906d5dc72c1d617c36f36ca216bdb48c8fa1c2d8dfb93f3c9
6df3f88c7f140435970b281a37dff2531f7d566a62de5262e9fe8b5bdf3525c1
7d52994b327c797e0d0d410ace642d8cce0c0d3053b558ea94edf00a9ebde07d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
897b09bbba043a4bbe2de18cb38fc13edd2a1286554a4e78fe68dd3bda78c96c
8e423383d3be2a40b83db6f40a7af5bbbd02be428dfb73ef5d22fe2ae676b641
8f86badfa6027c7bfb6d82aeb265d73d290ef81fce7042814498d8fc4aaebc1c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a14fb59bd1bc75ba4be4118b788398d2e50d11f3ff8b8d87b537d710e7b1d1d2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e0fbb31ea7229f433a1ea02fb9d52c4864862ec41c07a27cadcf990d10c28e
a4bf653f1cfb8380639490b0e06a78ea559d00a742260459a68024f30643c35e
abb3b00536f79344b475ae21b0168244486e62fa90ec8adfd1c9b65a0289dbf8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affb4822fa0ce3098029af18a7b75fd34f76ddcec2ac33831c8c13848ebd979b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
ba6ca723df7e614725498820e695bdb78fc8f5074898725f5b260a23cb481aad
cc8cb6b69c6e8ed388dc82fbb93e880e9c42c7d6793003b9290fbf1ee8d03060
d963ad8ac1f05a0e1956fc7038b7648dae588bd98f2666958f3dfc3d3087ca9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f029570707570adad39a91957394459f0aff88940b8c6074e6db934ceead6fdd
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fe74bca1db05ee86384c38d7ccbe3ea90b2f60fb928c1ce2d7f17e92d75f9ca5

order.cava.com Open in urlscan Pro 13.32.121.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

94 %HTTPS

52 %IPv6

24 Domains

32 Subdomains

32 IPs

5 Countries

2695 kBTransfer

3724 kBSize

25 Cookies

0 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

order.cava.com Open in urlscan Pro
13.32.121.21 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

94 %
HTTPS

52 %
IPv6

24
Domains

32
Subdomains

32
IPs

5
Countries

2695 kB
Transfer

3724 kB
Size

25
Cookies

68 HTTP transactions
0 data transactions