urlscan.io logo urlscan.io
SecurityTrails logo

employees.naturesway.com Open in urlscan Pro
23.227.38.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://employees.naturesway.com/
Effective URL: https://employees.naturesway.com/password
Submission: On October 03 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 27 domains to perform 88 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is employees.naturesway.com.
TLS certificate: Issued by R3 on October 3rd 2022. Valid for: 3 months.
This is the only time employees.naturesway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 23.227.38.74 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
22 104.16.255.71 13335 (CLOUDFLAR...)
2 104.16.254.71 13335 (CLOUDFLAR...)
1 7 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2620:1ec:bdf::40 8068 (MICROSOFT...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 20.110.81.91 8075 (MICROSOFT...)
3 20.85.30.134 8075 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:141b:500... 20940 (AKAMAI-ASN1)
1 142.250.80.34 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 173.223.189.27 16625 (AKAMAI-AS)
6 18.164.93.6 16509 (AMAZON-02)
2 143.204.138.162 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 23.44.237.171 20940 (AKAMAI-ASN1)
1 4 35.71.131.137 16509 (AMAZON-02)
1 104.26.11.16 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 192.28.144.124 15224 (OMNITURE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 54.85.225.242 14618 (AMAZON-AES)
1 34.199.90.210 14618 (AMAZON-AES)
2 2 3.208.136.8 14618 (AMAZON-AES)
2 2 52.45.33.138 14618 (AMAZON-AES)
5 96.16.29.8 16625 (AKAMAI-AS)
88 28
3    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
employees.naturesway.com
1    2607:f8b0:4006:809::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    104.16.255.71 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
monorail-edge.shopifysvc.com
2    104.16.254.71 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
fonts.shopifycdn.com
7    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2620:1ec:bdf::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
8    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    20.110.81.91 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
3    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
1    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2600:141b:5000:494::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    173.223.189.27 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-189-27.deploy.static.akamaitechnologies.com
munchkin.marketo.net
6    18.164.93.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-93-6.jfk50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
2    143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
js.adsrvr.org
1    2607:f8b0:4006:821::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.44.237.171 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-237-171.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    2607:f8b0:4006:80b::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
315-oqj-766.mktoresp.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:80c::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:816::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    54.85.225.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-225-242.compute-1.amazonaws.com
usermatch.krxd.net
1    34.199.90.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-90-210.compute-1.amazonaws.com
beacon.krxd.net
2    3.208.136.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-136-8.compute-1.amazonaws.com
dpm.demdex.net
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    96.16.29.8 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-29-8.deploy.static.akamaitechnologies.com
ct.pinterest.com
Apex Domain
Subdomains		 Transfer
16 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2420
85 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 668
132 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 804
c.clarity.ms — Cisco Umbrella Rank: 1219
j.clarity.ms — Cisco Umbrella Rank: 6473
26 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 665
c.bing.com — Cisco Umbrella Rank: 426
25 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2307
insight.adsrvr.org — Cisco Umbrella Rank: 922
match.adsrvr.org — Cisco Umbrella Rank: 463
9 KB
6 cloudfront.net
d10lpsik1i8c69.cloudfront.net
100 KB
6 shopifysvc.com
monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2955
3 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1035
3 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1028
70 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
41 KB
3 naturesway.com
employees.naturesway.com
19 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 432
624 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 293
2 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1933
beacon.krxd.net — Cisco Umbrella Rank: 757
219 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
222 B
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 6929
7 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1008
21 KB
2 shopifycdn.com
fonts.shopifycdn.com — Cisco Umbrella Rank: 4779
19 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 7572
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 19
548 B
1 mktoresp.com
315-oqj-766.mktoresp.com
318 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
2 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 11805
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
15 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 913
379 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
89 KB
88 27
Domain Requested by
16 cdn.shopify.com employees.naturesway.com
8 cdn.cookielaw.org www.googletagmanager.com
cdn.shopify.com
cdn.cookielaw.org
6 d10lpsik1i8c69.cloudfront.net employees.naturesway.com
d10lpsik1i8c69.cloudfront.net
6 monorail-edge.shopifysvc.com cdn.shopify.com
6 bat.bing.com employees.naturesway.com
bat.bing.com
5 ct.pinterest.com cdn.shopify.com
s.pinimg.com
5 analytics.tiktok.com employees.naturesway.com
analytics.tiktok.com
3 match.adsrvr.org js.adsrvr.org
3 connect.facebook.net employees.naturesway.com
connect.facebook.net
3 j.clarity.ms cdn.shopify.com
3 employees.naturesway.com 1 redirects d10lpsik1i8c69.cloudfront.net
2 ups.analytics.yahoo.com 2 redirects
2 dpm.demdex.net 2 redirects
2 www.facebook.com
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 munchkin.marketo.net employees.naturesway.com
munchkin.marketo.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 fonts.shopifycdn.com employees.naturesway.com
1 beacon.krxd.net js.adsrvr.org
1 usermatch.krxd.net 1 redirects
1 www.google.ca
1 www.google.com
1 315-oqj-766.mktoresp.com munchkin.marketo.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 settings.luckyorange.net cdn.shopify.com
1 insight.adsrvr.org 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.shopify.com
1 c.bing.com 1 redirects
1 www.googletagmanager.com employees.naturesway.com
88 33
Subject Issuer Validity Valid
employees.naturesway.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.shopify.com
R3		 2022-09-16 -
2022-12-15		 3 months crt.sh
fonts.shopifycdn.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
monorail-edge.shopifysvc.com
R3		 2022-09-24 -
2022-12-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-13 -
2022-10-11		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2022-02-06 -
2023-02-07		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-30 -
2022-11-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh

This page contains 7 frames:

Primary Page: https://employees.naturesway.com/password
Frame ID: 98BCE53EC9D0A0B2991DB4F1D892D312
Requests: 79 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: 7FFA84BBBEC102B5DD828C1E9DC7C259
Requests: 2 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: 020BF09C2223FA7205EE3E204D968D37
Requests: 4 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
Frame ID: CE3C8E1FEACF132AA19BCFB777CB5F08
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: CD4EB8655DA218FEA2FF885A2D255A94
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fM0mZl5E2uKiPX3xEcLsa1OnHnFqtmM-~A&gdpr=0&gdpr_consent=
Frame ID: 7DCA79B1306FB68F5339E19B24D7349E
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2209CC6B207D5AFCA8B2C898A60BE779
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Myleafline ProdShopify logoBack ButtonFilter Button

Page URL History Show full URLs

  1. https://employees.naturesway.com/ HTTP 302
    http://employees.naturesway.com/password HTTP 307
    https://employees.naturesway.com/password Page URL

Detected technologies

Overall confidence: 25%
Detected patterns
  • <link[^>]+=['"]//cdn\.shopify\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

88
Requests

97 %
HTTPS

40 %
IPv6

27
Domains

33
Subdomains

28
IPs

3
Countries

687 kB
Transfer

2200 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://employees.naturesway.com/ HTTP 302
    http://employees.naturesway.com/password HTTP 307
    https://employees.naturesway.com/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&RedC=c.clarity.ms&MXFR=1B3161708B0561B814AC73428F056F70 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&MUID=17813816E09068EA38D92A24E1BA6975
Request Chain 49
  • https://insight.adsrvr.org/track/up?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10} HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Request Chain 67
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
Request Chain 68
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=32f5028f-6473-4122-98f3-169d941ec9a4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=32f5028f-6473-4122-98f3-169d941ec9a4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Request Chain 69
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=32f5028f-6473-4122-98f3-169d941ec9a4&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=32f5028f-6473-4122-98f3-169d941ec9a4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fM0mZl5E2uKiPX3xEcLsa1OnHnFqtmM-~A&gdpr=0&gdpr_consent=

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
employees.naturesway.com/
Redirect Chain
  • https://employees.naturesway.com/
  • http://employees.naturesway.com/password
  • https://employees.naturesway.com/password
52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a410de6cce6447601fa8c2cfd3fc610ff5dfdb4f0ec5568dfbb6e5475701caf4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7547c00c4e1ea216-YYZ
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 18:30:38 GMT
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OumMFPu8QKmmQy3GPc%2Bq3O47kb86ShU21vQqeE5ce7Rn8e5ZY%2F6x4IwW0tk4EATZ0cjTCh9diyZH5iKSgAfeu%2BhQq7wfik9vqLybZOLMuUdpKzHQJwTU8FSoRpoe8c7u7PAD%2Bs4rnD0g%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=80, db;dur=30, parse;dur=3
strict-transport-security
max-age=7889238
vary
Accept
x-alternate-cache-key
cacheable:78a3037ec7b436f1393feaf0176886f2
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-northamerica-northeast2,us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
86d3cf36-844b-4040-9419-dabb3ae3b358
x-robots-tag
nofollow
x-shardid
219
x-shopid
66240676060
x-shopify-stage
production
x-sorting-hat-podid
219
x-sorting-hat-shopid
66240676060
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://employees.naturesway.com/password
Non-Authoritative-Reason
HSTS
gtm.js
www.googletagmanager.com/ 		271 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c68c6586a8387062113193443bffe46f334f80a6fc73090803a255acdcf6af35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90481
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Oct 2022 18:30:39 GMT
load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employees.naturesway.com/
Origin
https://employees.naturesway.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=24.350, imageryFetch;dur=24.215
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e4af48cc-9ef5-444e-88c5-97b4001fad96
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftb3K3d0lwhO0Dq1SBHdhf4h5ej%2Fhd7kX%2BoR6z5q1IhJoNYjuMb10A5z2NYh1kAqjMKfdjWWxsIK%2FOQCsI20H91UdDbo3RBrSOc2zhlbn0dioxenaskH1CWnWZ91BpoiPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js>; rel="canonical"
cf-ray
7547c00dea8ba22f-YYZ
poppins_n4.934accbf9f5987aa89334210e6c1e9151f37d3b6.woff2
fonts.shopifycdn.com/poppins/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/poppins/poppins_n4.934accbf9f5987aa89334210e6c1e9151f37d3b6.woff2?h1=bXlsZWFmbGluZS1wcm9kLmFjY291bnQubXlzaG9waWZ5LmNvbQ&h2=ZW1wbG95ZWVzLm5hdHVyZXN3YXkuY29t&hmac=2e1fb445059aca22ac1fddb384b6afa4865c3ad96ff175d3f5e23a66706b76e7
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.254.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e884b8a3a06db9a0c709e9d77b569f2855deda5e146c9a6504fcf598e87973
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employees.naturesway.com/
Origin
https://employees.naturesway.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
server-timing
imagery;dur=18.390, imageryFetch;dur=17.878
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9128
x-xss-protection
1; mode=block
x-request-id
f7c0cbfb-9306-4010-b336-fb496df69955
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn3d1RRUiDEo4GlFCrtIu37L3X%2FhPEHQUY3jdP5j5%2Fr%2FdT84bSPcmQu0zp%2BN5%2BfKolAYYGgztiHAGZKLnvczQT%2Bce4pT6JJzSI3Tettn7qcz6Oe6%2FaLZJ3xJfgJLzUsKnPIcw54D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
7547c00ded723fd2-YYZ
link
<https://imagery4-fonts.shopifysvc.com/premium-fonts/poppins/poppins_n4.934accbf9f5987aa89334210e6c1e9151f37d3b6.woff2>; rel="canonical"
timing-allow-origin
*
section-password.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-password.css?v=103124485985703196321663073845
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa23496dbc360495e67a6ce75662f808d0a05b126d5361f98848684fff839bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=87.186, imageryFetch;dur=86.274
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d8d5ab19-459b-406f-9395-a03bb01ef62d
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUfJtlwBKiS2C7VJrJyTaLKulklCZlMG7JY9nELerogLQUQeDddhJrBP8SnsjURb8HGsGxJceKIzSXI0ST%2BWU7lBGevIE8%2FScdCoab93pSq4NZMzIb%2FkxdfafcA%2FW%2FroWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-password.css>; rel="canonical"
cf-ray
7547c00decbaa250-YYZ
base.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/base.css?v=5009009139583313541663073842
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00910c511db6b8be64453db4b4d6621d31bb772af8bffa68eefddac7d4b57473
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=58.826, imageryFetch;dur=53.183
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
71345a25-8ee0-4a1f-97c3-9f855e8779ca
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUIdcZS7X3xy9W6gP1APzrdPjf10YM8mpI7qjp6h96TAMAJj8CnIa6s4Ve6RpIlb%2BN254zxagKeST10B4qyX%2FKbYqk44ZGQkwid7PmrtDCNb1L3D0zCPZwtLqV09UUgOOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/base.css>; rel="canonical"
cf-ray
7547c00decbea250-YYZ
component-list-social.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		428 B
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-list-social.css?v=52211663153726659061663073847
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83ce5690e47394c42ac7531691f0239359d489ba3973c8336497f031e297018
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=156.594, imageryFetch;dur=48.513
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
904b1f21-e613-419d-a2d8-5eb625a8b0dc
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8DD4pM0U3tmt7HXrFXVZJm1Qs3WIotqyoQRPq%2FEOqRqmSetXGxJJdKLLp9FdRVr75nkM%2Bg%2F1gZDU7QeHHQ9KCQlKudQvBdweruScb3qeya19HdUACIliax1eX2oMjM7MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-list-social.css>; rel="canonical"
cf-ray
7547c00decc0a250-YYZ
global.js
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/global.js?v=71017451778715223411663073846
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a926c5a2d801b130212c7b51cc65a48a4eee35a4579b440986557954856d30d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=81.983, imageryFetch;dur=77.190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7ef3c25c-b3b3-47ea-9670-23710c641cda
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRmAt0ZCjdw1oG3bF%2FyLAMBNtb5mdyhwrvSn%2Flaa3z9952Z41rfo2xYLMRKpuXZK7DY0ujjeBWkCWIJxonwdqvPVt4Bqz75F%2BSPI51PRtmEUR5wanj2kdrBf0eI%2Bgk5FOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/global.js>; rel="canonical"
cf-ray
7547c00fd8813fd2-YYZ
details-modal.js
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/details-modal.js?v=4511761896672669691663073847
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48547d04f11194f2dc3f55815e8d58ad274dd7ba2314e6aa6bba1e0933dea3d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=80.372, imageryFetch;dur=79.497
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e3901cbb-2787-4c6e-887e-2c2fb7c39d6e
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKq8uvfmIM7UlLEsHSMT%2FOffNzzY0vxnDVC%2FrFbgRUmEu8VKeJVjD6JEEdzWXReAJpCPaY29cF%2FOQCb5E4eTWXtyTIZNCWEajbIQxAVO90QoHZTCdUX2LwU%2Fk5APRL513w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/details-modal.js>; rel="canonical"
cf-ray
7547c00fd87f3fd2-YYZ
password-modal.js
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		248 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/password-modal.js?v=77921935531001391111663073848
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa7a6143bc018e83958a082733841889afe137a5bd0fb9a097298a1da0d0f6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=40.810, imageryFetch;dur=40.145
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e25fbcb4-9173-4407-9c9d-d128897b3a99
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbUN4UikzFuusZ6gTXZN2NUJaheKdQ%2BkGEGRtdY0mFU0gvUmCvBWn%2F4BdORm6Ud7EkT2DJdbJ85Sb6A1Yh0DSDZDw4TL%2Budes8E%2FS0gCBXaWOFh3YPiibLzVfGARIYWr4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/password-modal.js>; rel="canonical"
cf-ray
7547c00fd87e3fd2-YYZ
section-image-banner.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-image-banner.css?v=172771800792222463101663073846
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b649c2224b4bb2b828d2acd8e73b66435251f6a7c943861a3f3735c13eb291b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=66.123, imageryFetch;dur=64.387
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
68c7b519-5a2c-407b-a7ee-22da259189ad
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuA5MUXyQWpDln075XdwTuPLhaIN2aiKaK0wxAuU5gx108ymy7WfFHUq42FCrQOiZK23jbyCfaJbEx8uoQms7horkc37j7pasxob22aw27wu9l2BMI4BdLLBFD1x6kRCxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-image-banner.css>; rel="canonical"
cf-ray
7547c00decc1a250-YYZ
component-newsletter.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		1 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-newsletter.css?v=103472482056003053551663073841
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0058f2a6c77f3a1b695cd8473110331b2e58fb70098cf0aeba4f9e16512bbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=78.535, imageryFetch;dur=77.690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5f5ecf66-d568-4987-b860-9eb4bac78526
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FUCY882eVbs%2FUIAwMI3%2BrRUOBXAth3D30Ykcc9rrj%2F9qOX17%2BKdSoWEGOSXSESoe%2FuDfKmJk1VDAZbun53QzWrkh2p0y4hITb1eCsUI70Q86XT1372cq21MDaIYbN2FWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-newsletter.css>; rel="canonical"
cf-ray
7547c00decc5a250-YYZ
newsletter-section.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		850 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/newsletter-section.css?v=62410470717655853621663073847
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff7b61655b404a344daf7c1f7431045efa945e63b52ffc84b3b531e5b6e4d87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=24.651, imageryFetch;dur=23.670
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
69334e9f-a90f-493a-8d38-5c712e71eb51
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbeFHtQPlp5uu7EtAW5OFnB2D7GzoJf6EFgMAty9VjmvoCzsMrkCmKUXvc3UFftXcHdo2iLvwCmbMoQb6JFEeTvVV59EJEg25IxauI%2BBfEq%2FyRPBK6VTfMvEFhjC3QhVtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/newsletter-section.css>; rel="canonical"
cf-ray
7547c00decc8a250-YYZ
section-email-signup-banner.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-email-signup-banner.css?v=117538721875720396891663073846
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709890a1d2331930bc5e5abea074339ad84117faf0463b8a4532bba20650eb5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=91.854, imageryFetch;dur=91.018
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c283b722-3d8c-4252-9972-6a2b21f20f85
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEGDt%2BL63DUQHQbpKnyoS1cIiATBdgbwSdNDittOM3%2FxJJC4ez5kIy%2BYebRcK6s%2FpXxjhxMDJHDZw1aybIs7UWrIQ7jkdYydw4Ojli9dEsg86fNppLrC%2F69J8VSvVTUdVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/section-email-signup-banner.css>; rel="canonical"
cf-ray
7547c00deccca250-YYZ
component-rte.css
cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/ 		1 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-rte.css?v=69919436638515329781663073847
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d46d6b8532bf41622baa6d6577940e83ce817e3ae48fc0a54c43353d2e3c518c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
content-encoding
br
server-timing
imagery;dur=564.720, imageryFetch;dur=563.877
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9c42f0b9-e8e0-42d9-892e-30c8ae43f2f7
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOasXbA0gjEuYMjrx3uakUPrNZyS7RStIR64swLcbmepCHWZYQPzIf8tFsKMd66rWV9ooPdCvhwPEundcOna25w2A37XvILh1DddqBlQMcnD3t2r7fZl7Z1EyOAi%2B%2BNPwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0662/4067/6060/t/2/assets/component-rte.css>; rel="canonical"
cf-ray
7547c00deccaa250-YYZ
trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
cdn.shopify.com/s/ 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3c842221b7ca9085396e43668203fdf9408c3db3eeb23541e0c999a6321ea7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
age
1035355
content-encoding
br
server-timing
imagery;dur=83.935, imageryFetch;dur=83.728
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ebb5804f-a887-4715-b254-6df5d4e2c5ec
last-modified
Wed, 21 Sep 2022 18:54:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzAGe78B%2BeBxY%2FtlfxhGfHFW%2FhoqHNWXaMUC0n0RWvXB2Fq4wGGNpr3gcFf4RhqNWUbAxHiN5eIB8vq5KOBZWkLlxH5caI%2BVr32Wv%2BOz6DseoEUFEgSvRlh%2FRLIM4S%2Bgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js>; rel="canonical"
cf-ray
7547c00fd87c3fd2-YYZ
shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
cdn.shopify.com/shopifycloud/shopify/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
age
3341809
content-encoding
br
server-timing
imagery;dur=16.966, imageryFetch;dur=16.748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9fa76191-8398-43ad-b133-aa92dfd343c3
last-modified
Fri, 26 Aug 2022 02:13:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kMsMEfLG5%2B7MIIQ0dvYkKrPY2xXFaoDY5sW%2BnvjeKcVQzxF0DPGxh25VqCFpHlmysUCY7TP8wumCeGuc1U1eZ67QixjDu2K5xj%2BWUghrnMAUQEwpJr16jhtMs5Fqliwyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js>; rel="canonical"
cf-ray
7547c00fd87d3fd2-YYZ
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1f494d117f4f4397ef187947841d475fb48b3d6b2c2dc78ed4dd2dad31dcd9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
age
7470
content-encoding
br
server-timing
imagery;dur=141.554, imageryFetch;dur=141.349
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8d438f2a-4866-4c8d-aef0-8b2c43bb4666
last-modified
Mon, 03 Oct 2022 16:26:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQV8tjqRVGWOX5TVuulhKJFkbvV29Rws4j6WwH1NsV7ZwZxcRf3hYbQOnBt2kP%2BtOFKnGmRmR8uAVNv%2BkrNKPc5V68zMUFi9Z56E8g%2B1H%2FVGaDAqneRfkL2VsGThYONkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
cf-ray
7547c00fd8803fd2-YYZ
browser.js
cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.160/esm/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.160/esm/browser.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d17b06e728721265cbdde22cacf728bea2e385c808bdfc079754c4ab9cd9d6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employees.naturesway.com/
Origin
https://employees.naturesway.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
content-encoding
br
server-timing
imagery;dur=23.005, imageryFetch;dur=22.824
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ee087a10-1c81-4285-a0d4-3b60da1bbeb8
last-modified
Mon, 03 Oct 2022 18:30:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCfu%2Fox7PSVsVl%2BqJUbG9XEnYI6d2oAgD3bP2ySKmgRtmibMeDMPK%2FZngKWeJ5GUuWK95L31ADr2%2FgDsfsHQIuuyxlx1Xs4x4M5Xz9lQ96grjiI8VzKlN93zddlgCNiFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.160/esm/browser.js>; rel="canonical"
cf-ray
7547c00ff98aa232-YYZ
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 03 Oct 2022 18:30:39 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FCB56ECC4FA345F1AFF5324C55CB8339 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:39Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
296 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
5c3047c2-a485-44fe-b363-0384051823dc
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghvThTjXYd%2FZS2aoBh6MLljwfL%2FKPpFQdGopgyh5Zy3mOvbvJAuCpdliCTH6UICsLKEkQjJiWs2zQPggGt3aJE0aXt9hVVx5Ks7A9bAuD635bhhapQkLZxpyZD%2Bj3rXUKW5lIwawUVfbGvXcRjk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c0109d2254a3-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
869 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
361a17b2-fc5a-4748-970c-706926a27632
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw2v5hZQ%2BrbsdepCBBTRSHaIOQwxf%2Bc4HBWfPPOk6usl3p9eRigu9vzLQCraKIBxTcqVdgR3PxS8bZFHFxP4OMFiMiGX7FxA%2BNnrfze9u4MqL3cn6%2BVTYYcnj2M%2BL8%2BB2Y%2BWuFqEYPIvhhvd%2BbI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c0109d2554a3-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
4a3f8ac4-8cc8-4b6e-a8a4-57b04a95068e
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeUXoZArCz9zRSdgoI5Dl0glng%2FnkglkZxHub2vwhLqTVf%2BKDVdDedhbkBhbgSAcHEIZ4kHcM%2FKYXbJo3ZoXWcIifGKZhM%2FOH610yqC8cP4L0O9341UKSOkOsfTCVPzrBibPXA8QQy%2Fg2bmjAIE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c0109d2454a3-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
295 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.e695302c3cd17296c85e559451c496db44e32e17.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-east1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
20e9af5a-0ab5-493d-958c-901cd4f42aea
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4V0dR0r4DauCuP55MLi5elzeZ8V%2BNY5XCh4GGGgb5hh1MCAFyzKxWlxRhjA1KD%2F007xz9s6FK%2F5T95h36rmUfyfNV37yQIYbibn62M1DZSpHBVWJtiSEQUORyyIAeCaIGeUGrnHoT5HF5lmufg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c0109d2654a3-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
27033264.js
bat.bing.com/p/action/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27033264.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f10e5a6cf506388da5be38aeb67bdf2116ca72ce29f8704abb02fe4f0cb6e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 03 Oct 2022 18:30:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 965526B49CCD424997D13EA110BD71E7 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:39Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
27033264
www.clarity.ms/tag/uet/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/27033264
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/27033264.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f30daa1b79e0266df3a0a7c284f25f68ff78c95af7da32d4b9083ee47615ece7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date
Mon, 03 Oct 2022 18:30:39 GMT
x-azure-ref
0Tyo7YwAAAABAcsOBgJbcQopVJBMjpPAKQ0hJMzBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1497
expires
-1
clarity.js
www.clarity.ms/eus2-d/s/0.6.42/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-d/s/0.6.42/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/27033264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
"1d8d4495324d7d4"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
x-azure-ref
0Tyo7YwAAAACSfdv8KhJWT5bjphIt5nwDQ0hJMzBFREdFMDUwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
23382
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
800 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.160/esm/browser.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Oct 2022 18:30:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
b843838e-1642-459a-9034-0f89e725d444
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whQWX8%2BHHvM5Qrtvvdmwkd%2FHy4pzPTMAbAv6AcE9swsmF3WB054cr4r54%2BQ9NPdMcn9OlIOvvQpPAniNpG3Oaz%2FlK6gA6umNkq5rc%2BGVCk0Ezr24SAQ8Y3iUtliDOqlCnz2tWGkUDs1k1ajhw%2F0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c012b875543d-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zvDmpz9S9y5z1XhncmOZ/w==
age
7803
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Mon, 03 Oct 2022 02:36:57 GMT
server
cloudflare
etag
0x8DAA4E8240D7FA3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c7541f2-801e-00a2-2ed5-d6157a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7547c012d9797150-YUL
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27033264&Ver=2&mid=b1a95c35-d9ea-48e3-aced-5d9ff09c9f1f&sid=7b3e8bb0434911ed8dd92b9dbd76cff1&vid=7b3f16b0434911edbe0b63a212871d58&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Myleafline%20Prod&p=https%3A%2F%2Femployees.naturesway.com%2Fpassword&r=&lt=1267&evt=pageLoad&sv=1&rn=575243
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 18:30:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4FCB1972E24C4942B9E9DAB6015CBE56 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
4da6a21d-b7a0-4d91-bbfe-89301915b310-test.json
cdn.cookielaw.org/consent/4da6a21d-b7a0-4d91-bbfe-89301915b310-test/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4da6a21d-b7a0-4d91-bbfe-89301915b310-test/4da6a21d-b7a0-4d91-bbfe-89301915b310-test.json
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853970abc8e4298de22a2905328ecb0a7dfc8157453ed1f30f0584546b5e9c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
HpTHN2LqjTrSBadS6ame6A==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1299
x-ms-lease-status
unlocked
last-modified
Fri, 25 Mar 2022 15:22:32 GMT
server
cloudflare
etag
0x8DA0E7348A75BD1
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dd391bdb-f01e-0048-1556-d7ea7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7547c0133bfc4bcb-YUL
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&RedC=c.clarity.ms&MXFR=1B3161708B0561B814AC73428F056F70
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&MUID=17813816E09068EA38D92A24E1BA6975
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&MUID=17813816E09068EA38D92A24E1BA6975
Protocol
H2
Server
20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:39 GMT
last-modified
Tue, 13 Sep 2022 19:53:42 GMT
server
Microsoft-IIS/10.0
etag
"b0f8d886aac7d81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 83ACBEE541864D0BA498668AC4171C27 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C05AAEA35BA74124966B858C729BD3D3&MUID=17813816E09068EA38D92A24E1BA6975
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
j.clarity.ms/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://employees.naturesway.com
date
Mon, 03 Oct 2022 18:30:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		176 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93aa07e92433a857fb762b8cff3e36ef2a89ab704bbc20aa9b5e8e643a1c42bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7547c0144f99ecea-YUL
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.32.0/ 		335 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ryfZhYsqLisJEnBsOqgVsQ==
age
12335
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
81095
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:23 GMT
server
cloudflare
etag
0x8DA08FC76466F7A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fb3d0be8-001e-00f7-0afa-3afe0d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7547c0148c257150-YUL
en.json
cdn.cookielaw.org/consent/4da6a21d-b7a0-4d91-bbfe-89301915b310-test/e5cd7964-5639-41e6-a99d-375e322f5767/ 		112 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4da6a21d-b7a0-4d91-bbfe-89301915b310-test/e5cd7964-5639-41e6-a99d-375e322f5767/en.json
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e611e0e8db3f7625275a0face7794d48f282084c764747765074200922d256f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
aiylyJg5HgIqluaYhiLp4g==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
22625
x-ms-lease-status
unlocked
last-modified
Fri, 25 Mar 2022 15:22:37 GMT
server
cloudflare
etag
0x8DA0E734B4F3AEB
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
64bbc33e-a01e-015f-7c56-d76c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7547c014dfa04bcb-YUL
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:494::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"ef33a337cb7aa4b4f9c294765d2176c0"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1146
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 18:30:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Oct 2022 18:30:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6Xx8R9dKB4+ta2cxAhQ4PgQxUiCJngiIv8pchycVBdgd5g1vADtQ7O7t/5YGgo9oJehRYb6P/7VXjHzD14+tTQ==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.189.27 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-189-27.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 18:30:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 21:55:11 GMT
Server
AkamaiNetStorage
ETag
"652cf747f68f64e15276c347eb3aef37:1661464511.126488"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
740
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 17:57:12 GMT
content-encoding
gzip
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2009
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ELr64GT3vlumQO4NGsz-VwzRLXCOEwoN5dNCFDPThIKDPV3icTKRUg==
bat.js
bat.bing.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 03 Oct 2022 18:30:40 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1958C902257B45C8B3D53C71C4DA84E9 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:40Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-138-162.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 13:07:17 GMT
Via
1.1 329b0fc45cd0599e7f2c2cee0cf4ae8e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR52-C2
Age
19404
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
ayZ-6-xZHYTGDplylAQyyxMHjrpq-Kb5hiOpykHk9qQZZ5Rh-xaztA==
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
socGP4QnjnoZ3QOM3y7Ztg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2565
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:16 GMT
server
cloudflare
etag
0x8DA08FC71DCDA25
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9c258c56-901e-00b6-7956-d7d61e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7547c015d9aa4bcb-YUL
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcTab.json
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6736760a1c0c624190fee65234d5013a261ded35d345e6f278a3739719fac230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
WpvSdOxCF1ZEyB09Op39Tw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11931
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:17 GMT
server
cloudflare
etag
0x8DA08FC7270043D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b82ab685-801e-00a2-4756-d7157a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7547c015d9ae4bcb-YUL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
SHFDtZO2nDZuiPDW83p1IQ==
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f23f6a05-201e-00eb-5956-d7261a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7547c015d9b14bcb-YUL
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV2XZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 16:34:58 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
6942
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 18:34:58 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9HF9FBC77U7J0JTPSE0&lib=ttq
Requested by
Host: employees.naturesway.com
URL: https://employees.naturesway.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d02d92cce062af55617d50f2c13ddfaf3123f39629495f7734dc94e2cc7199b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-akamai-request-id
1828838d
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20221003183040C997AE48F0A54CC72749
vary
Accept-Encoding
x-cache
TCP_MISS from a23-44-237-167.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,23.44.237.167
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decce9ada46de50f3189d4d48e7ef69fcff7ce9b1fddf7e0f3f2f390d09d042ad3df04ffdeec992589deb88906c2c9d930912ee8dcce560b843deb37842f522f817
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=20
expires
Mon, 03 Oct 2022 18:30:40 GMT
33000697.js
bat.bing.com/p/action/ 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/33000697.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 18:30:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D482FA874F154E7AA917DCB4CD778036 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:40Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
private,max-age=1800
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=33000697&Ver=2&mid=041b68ba-dafc-4cf0-97c1-73971f4ec2e2&sid=7b3e8bb0434911ed8dd92b9dbd76cff1&vid=7b3f16b0434911edbe0b63a212871d58&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Myleafline%20Prod&p=https%3A%2F%2Femployees.naturesway.com%2Fpassword&r=&lt=1359&evt=pageLoad&sv=1&rn=268228
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 18:30:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F3406803ED24D8F9F3DEF3E9B880EB9 Ref B: YTO01EDGE0816 Ref C: 2022-10-03T18:30:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.adsrvr.org/track/upb/ Frame 7FFA
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&...
  • https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&...
838 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
fa9647f7b58c08eb6a88eabfa60351c86f818455b5b7ad91d43ca9ca31ad504a

Request headers

Referer
https://employees.naturesway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 18:30:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 18:30:40 GMT
location
https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
1639397956091449
connect.facebook.net/signals/config/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1639397956091449?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39d673536dee8ab74d9e00d819d1f269342a021b072c0587522ba3089f72cab5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Oct 2022 18:30:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IezTFquMFnatCXMrW8/kWhqJJMxozEdkC2ukmio993EBov06LjA/L+wXf+hIoRAkkJA1msN45KnokXOAsqG86A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
settings.luckyorange.net/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Femployees.naturesway.com%2Fpassword&s=166373
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7ed90d17d77cd383bf578680b2fa805da0a8508c290d9457f430d1c780841f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://employees.naturesway.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeSf9hUUYOr2Yxf34jklmu4OPq%2FNeqO025imt2%2FDCKbbXQbH7X4J3AMCc9FG4uyqRdatvGX%2FQVudDEMnmitnDNEOtm62jffgkjKsZXAROM5jt7ghpkC1JrYp2MCPExsdBFsSsDgpA%2FyggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
7547c016cd1aa228-YYZ
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
munchkin.js
munchkin.marketo.net/162/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/162/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.189.27 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-189-27.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 18:30:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 00:59:12 GMT
Server
AkamaiNetStorage
ETag
"75daf56f6191efe42577301908659c29:1656637152.894482"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4677
Expires
Wed, 11 Jan 2023 18:30:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/835521217/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835521217/?random=1664821840413&cv=9&fst=1664821840413&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Femployees.naturesway.com%2Fpassword&tiba=Myleafline%20Prod&auid=863123442.1664821840&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ba17670192f6606738bb2d5c5df99850544452b5cdfe62cedacab0160a84a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
315-oqj-766.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://315-oqj-766.mktoresp.com/webevents/visitWebPage?_mchNc=1664821840436&_mchCn=&_mchId=315-OQJ-766&_mchTk=_mch-naturesway.com-1664821840435-45304&_mchHo=employees.naturesway.com&_mchPo=&_mchRu=%2Fpassword&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 18:30:40 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
2568c9b0-7c28-4297-8e61-50a4a1349dca
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
poppins_n7.58aca33913fc6666cc9e8a53f6b16ec5c3c05a3f.woff2
fonts.shopifycdn.com/poppins/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/poppins/poppins_n7.58aca33913fc6666cc9e8a53f6b16ec5c3c05a3f.woff2?h1=bXlsZWFmbGluZS1wcm9kLmFjY291bnQubXlzaG9waWZ5LmNvbQ&h2=ZW1wbG95ZWVzLm5hdHVyZXN3YXkuY29t&hmac=7117b90d2c8417f9b4f02e798b1773a29fad2d8f6f456ddb13d859334124470c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.254.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0995924a806dffca7a0cd326d695e4ad70fa5537c2b063450043f596bbba11f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employees.naturesway.com/
Origin
https://employees.naturesway.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
server-timing
imagery;dur=28.909, imageryFetch;dur=28.559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8944
x-xss-protection
1; mode=block
x-request-id
ed73eee0-2297-4318-8c24-52dfaa8391a6
last-modified
Mon, 03 Oct 2022 18:30:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH1qZeVOGEBIymYLCqMn%2BbG%2FB8ZeVOuQr5obf8HUSN6SLRmwFbxyoJbfe%2BKUUsENaMAppIuDFsLJ6rtCcnl%2FzWL1%2FpgaB50rMDAs1l8fNDO1OkF%2Fx6PqIB0y57wRb%2FV1Wh6Yd19N"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
7547c0173a975443-YYZ
link
<https://imagery4-fonts.shopifysvc.com/premium-fonts/poppins/poppins_n7.58aca33913fc6666cc9e8a53f6b16ec5c3c05a3f.woff2>; rel="canonical"
timing-allow-origin
*
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Oct 2022 18:30:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
11461
x-ms-lease-status
unlocked
last-modified
Mon, 03 Oct 2022 02:37:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b42d1c6b-301e-011e-45d6-d6445e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7547c01789ac7150-YUL
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 7FFA 		487 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=ro5y4yc&ref=https%3A%2F%2Femployees.naturesway.com%2Fpassword&upid=ie9c94h&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1={td1}&td2={td2}&td3={td3}&td4={td4}&td5={td5}&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-138-162.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 13:52:00 GMT
Via
1.1 329b0fc45cd0599e7f2c2cee0cf4ae8e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR52-C2
Age
16721
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
48VfO5jL0efdO_z4pENvsWlKI_A9BW6QA6EtYdQihdLVEoypbtiJbA==
667039643417831
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/667039643417831?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9bc6a65a10eb87b6f787cbe58c7ee729befb247d2f43a777d823384873fdb6d9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Oct 2022 18:30:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ywEmoV11BBripJ6kBeyqPToOwmcdtyefMq+kJkaohkKqPiDhUKTR6dF1gyqvNJX/7w8yMRbCVOD4jpssOaoHMQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1639397956091449&ev=PageView&dl=https%3A%2F%2Femployees.naturesway.com%2Fpassword&rl=&if=false&ts=1664821840611&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664821840595.1736799149&it=1664821840380&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Oct 2022 18:30:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
main.3a217bc7.js
s.pinimg.com/ct/lib/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:494::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"e07e047bcf076284d8d2680e8f0c262c"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
19398
/
www.google.com/pagead/1p-user-list/835521217/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/835521217/?random=1664821840413&cv=9&fst=1664820000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Femployees.naturesway.com%2Fpassword&tiba=Myleafline%20Prod&async=1&fmt=3&is_vtc=1&random=3240517630&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/835521217/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/835521217/?random=1664821840413&cv=9&fst=1664820000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Femployees.naturesway.com%2Fpassword&tiba=Myleafline%20Prod&async=1&fmt=3&is_vtc=1&random=3240517630&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame 020B 		287 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin
https://employees.naturesway.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:41 GMT
content-encoding
gzip
via
1.1 c50e3f7de0b772d07240015272b1aff6.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
etag
W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
0nrrD2ymZQW5pKv_JsP4-haHhvBaqCw_1EhkK2DAWPPZm7j-nAq_Cw==
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9HF9FBC77U7J0JTPSE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-akamai-request-id
182884c4
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210031830403EFC256B05B2E8C9D51D
vary
Accept-Encoding
x-cache
TCP_MISS from a23-44-237-167.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.44.237.167
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decce9ada46de50f3189d4d48e7ef69fcff3654321c919fe791e587a81ad51a1e73fd278c5b9cca92cbae65f7d1be56156a4a70f0b40e82946fa0808303cf693036
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=18
expires
Mon, 03 Oct 2022 18:30:40 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		882 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9HF9FBC77U7J0JTPSE0&hostname=employees.naturesway.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9HF9FBC77U7J0JTPSE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
27232e99c09e3754fe7699ef736512ef358554e72d557fe9c0708e7b1901d9a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id
18288519
date
Mon, 03 Oct 2022 18:30:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-44-237-167.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
content-length
358
pragma
no-cache
server
nginx
x-tt-logid
2022100318304020EE395F3A759AC0D989
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.44.237.167
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decce9ada46de50f3189d4d48e7ef69fcff47f5f85c6dcd6c2432bb275a7198d6f4355215bee1c69e9e069afa50bffb3df2bd0e1fead95a4b518a1f510c7043cb18
expires
Mon, 03 Oct 2022 18:30:40 GMT
usermatch.gif
beacon.krxd.net/ Frame CE3C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.90.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-90-210.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-cache, no-store
date
Mon, 03 Oct 2022 18:30:40 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time
D=28 t=1664821843
x-served-by
beacon-n022-ash-prod.krxd.net

Redirect headers

content-length
0
date
Mon, 03 Oct 2022 18:30:40 GMT
location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=32f5028f-6473-4122-98f3-169d941ec9a4
x-age
0
x-cache
MISS
x-cache-hits
0
x-served-by
usermatch-a005-ash-prod.krxd.net
generic
match.adsrvr.org/track/cmf/ Frame CD4E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=32f5028f-6473-4122-98f3-169d941ec9a4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=32f5028f-6473-4122-98f3-169d941ec9a4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
70 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 03 Oct 2022 18:30:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
DCS
dcs-prod-va6-2-v043-0bc06c3aa.edge-va6.demdex.com 10 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7f2TRhNPQaM=
generic
match.adsrvr.org/track/cmf/ Frame 7DCA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=32f5028f-6473-4122-98f3-169d941ec9a4&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=32f5028f-6473-4122-98f3-169d941ec9a4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fM0mZl5E2uKiPX3xEcLsa1OnHnFqtmM-~A&gdpr=0&gdpr_consent=
70 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fM0mZl5E2uKiPX3xEcLsa1OnHnFqtmM-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 03 Oct 2022 18:30:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Mon, 03 Oct 2022 18:30:40 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fM0mZl5E2uKiPX3xEcLsa1OnHnFqtmM-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=667039643417831&ev=PageView&dl=https%3A%2F%2Femployees.naturesway.com%2Fpassword&rl=&if=false&ts=1664821840760&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664821840595.1736799149&it=1664821840380&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Oct 2022 18:30:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
pixel
analytics.tiktok.com/api/v2/ 		0
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9HF9FBC77U7J0JTPSE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
x-akamai-request-id
18288567
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210031830403EFC256B05B2E8C9D53A
x-cache
TCP_MISS from a23-44-237-167.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
26,23.44.237.167
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decce9ada46de50f3189d4d48e7ef69fcffdd6cb3d747b39b5588a08cada61c82b4ed0bfeabeef67a051587bd2d66cf57c97f380bf11faab9b0b8d8db198007d037
server-timing
inner; dur=14, cdn-cache; desc=MISS, edge; dur=10, origin; dur=26
content-length
0
expires
Mon, 03 Oct 2022 18:30:40 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9HF9FBC77U7J0JTPSE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:40 GMT
x-akamai-request-id
1828856a
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210031830408D6FD2C7BCD290C18522
x-cache
TCP_MISS from a23-44-237-167.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
45,23.44.237.167
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decce9ada46de50f3189d4d48e7ef69fcffa3578bb3b1ad2c1d79a3f5ba2653e6aaa96ba68b89e4e3ed38a678b6b03dfb5b23d753a1be1114afe4e4e453032adff9
server-timing
inner; dur=36, cdn-cache; desc=MISS, edge; dur=16, origin; dur=45
content-length
0
expires
Mon, 03 Oct 2022 18:30:40 GMT
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:05:07 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2028334
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1283
x-amz-cf-id
JFFiGhRMpLXXQXmRQ6RdfribQjpM_gr8EVOOZHFF4mL0VMPrWpz9_w==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:05:07 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2028334
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1143
x-amz-cf-id
X1ljYEBU7X3JByeCac5r4Lzdz_6MdC__K0r0VkJdREaTN8JqnwjTqw==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:05:07 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2028334
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
277
x-amz-cf-id
OWGuoc160fQJVBaQEQqtrGNdBDQ-f5Nz5LGY31hHwAjrQnkdv4Os6w==
cart.js
employees.naturesway.com/ Frame 020B 		0
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://employees.naturesway.com/cart.js
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:40 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-northamerica-northeast2,us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
processing;dur=17, db;dur=7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
66240676060
x-request-id
567ecad9-7cf3-4738-bbac-54862be8a6cb
x-shardid
219
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
66240676060
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNGb6h%2Fno3jmNwZ6dboH9HIbYfxUUAbNJUvrBwKGcnJUR3A5yRkzlF4EFngcYrdNmoMZophDtVwp8BkJ6v%2BzQAgqqSWNG1TIdc4Y9zuP3rRez3YSAvq%2By5ZzWBvDE%2BjcvtOY1sWmqydGTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
7547c019a887a1fc-YYZ
x-sorting-hat-podid
219
/
ct.pinterest.com/user/ 		534 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613861879725&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1664821840918
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.29.8 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.8e304317.1664821840.1e3ab23e
x-envoy-upstream-service-time
1
content-length
377
x-pinterest-rid
5590641071054484
pin-unauth
dWlkPVl6Um1OVGhrTmpVdFpqUTFOUzAwWW1abExXRTBNemN0Tm1NM09HTTBZbUptTXpJNA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://employees.naturesway.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		534 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613861879725&cb=1664821840919
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.29.8 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:30:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.8e304317.1664821840.1e3ab240
x-envoy-upstream-service-time
1
content-length
377
x-pinterest-rid
2783970452138907
pin-unauth
dWlkPU16RXhNVGMzTURFdE9ERTNaaTAwTkdZeUxUbG1ORGt0TVdObVlqUXlaREZoWVRKaQ
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://employees.naturesway.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613861879725&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Femployees.naturesway.com%2Fpassword%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664821840939
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.29.8 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8e304317.1664821840.1e3ab242
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
3695705949121306
expires
Sat, 01 Jan 2000 00:00:00 GMT
produce
monorail-edge.shopifysvc.com/v1/ 		0
760 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.255.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 18:30:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
295b3643-b440-4b21-b783-e7de48a3c26a
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFCUJKCQ8BOacojwxxb1%2F1Q10%2BJZoNQ231Wu2wUKysYzUDXCQDS9l67zXALpIQDQ6SoIpeiyggl4UFLRuNDBFaSRGMzk1EMxDH5RvOB5Acz2zt5QhvCoenDENtfxkG2hWvH1AXYi6sLIMrVa2YM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://employees.naturesway.com
access-control-allow-credentials
true
cf-ray
7547c01a0f80543d-YYZ
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-93-6.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:05:07 GMT
content-encoding
gzip
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2028335
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
hKiuH6yRsMHnATS71dSqV2F-lSPtV6pueP4ZzWWaQfs92h1dCLqkPA==
32380726-7292-4db9-b764-9281c9fd7692
https://employees.naturesway.com/ Frame 020B 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://employees.naturesway.com/32380726-7292-4db9-b764-9281c9fd7692
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
0
855203bc-fccb-40d7-bab8-3f1715ffe35b
https://employees.naturesway.com/ Frame 020B 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://employees.naturesway.com/855203bc-fccb-40d7-bab8-3f1715ffe35b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
31224
ct.html
ct.pinterest.com/ Frame 2209 		565 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.29.8 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://employees.naturesway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

akamai-grn
0.8e304317.1664821841.1e3ab29e
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 18:30:41 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
1
x-pinterest-rid
1198122779088519
/
ct.pinterest.com/v3/ 		35 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613861879725&cb=1664821840919&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVl6Um1OVGhrTmpVdFpqUTFOUzAwWW1abExXRTBNemN0Tm1NM09HTTBZbUptTXpJNA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Femployees.naturesway.com%2Fpassword%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664821841044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.29.8 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://employees.naturesway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 18:30:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8e304317.1664821841.1e3ab2bf
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1721774087087465
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://employees.naturesway.com
date
Mon, 03 Oct 2022 18:30:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://employees.naturesway.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://employees.naturesway.com
date
Mon, 03 Oct 2022 18:30:43 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| meta string| attr object| ShopifyAnalytics object| trekkie object| BOOMR object| uetq object| _visit function| UET function| UET_init function| UET_push object| ueto_4650cf2040 function| clarity function| getFocusableElements function| trapFocus function| focusVisiblePolyfill function| pauseAllMedia function| removeTrapFocus function| onKeyUpEscape function| debounce function| fetchConfig object| webPixelsManager object| OneTrustStub function| OptanonWrapper number| BOOMR_onload number| visuallyReady string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust function| pintrk function| fbq function| _fbq number| __lo_site_id string| GoogleAnalyticsObject function| ga string| TiktokAnalyticsObject object| ttq function| tiktokGetViewContentData object| ueto_5baa3056f1 function| ttd_dom_ready function| TTDUniversalPixelApi object| dynParam boolean| __lo_csr_added function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| MunchkinTracker object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| WTW_Watcher object| LO object| _loq object| tagConfig

46 Cookies

Domain/Path Name / Value
employees.naturesway.com/ Name: secure_customer_sig
Value:
employees.naturesway.com/ Name: localization
Value: US
.naturesway.com/ Name: _orig_referrer
Value:
.naturesway.com/ Name: _landing_page
Value: %2Fpassword
.naturesway.com/ Name: _y
Value: f7545d73-416e-4dac-941c-92e22f9d6113
.naturesway.com/ Name: _s
Value: 86ebd68e-a50a-4544-b7e0-5b8ca0af9728
.naturesway.com/ Name: _shopify_y
Value: f7545d73-416e-4dac-941c-92e22f9d6113
.naturesway.com/ Name: _shopify_s
Value: 86ebd68e-a50a-4544-b7e0-5b8ca0af9728
.naturesway.com/ Name: _shopify_sa_t
Value: 2022-10-03T18%3A30%3A39.412Z
.naturesway.com/ Name: _shopify_sa_p
Value:
.bing.com/ Name: MUID
Value: 17813816E09068EA38D92A24E1BA6975
.bat.bing.com/ Name: MR
Value: 0
www.clarity.ms/ Name: CLID
Value: baf9700efdd7461d83792d1056a2547c.20221003.20231003
.naturesway.com/ Name: _clck
Value: ztgbke|1|f5e|0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 17813816E09068EA38D92A24E1BA6975
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 17813816E09068EA38D92A24E1BA6975
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.naturesway.com/ Name: _clsk
Value: i0wx5h|1664821840108|1|1|j.clarity.ms/collect
.naturesway.com/ Name: _gcl_au
Value: 1.1.863123442.1664821840
.naturesway.com/ Name: _uetsid
Value: 7b3e8bb0434911ed8dd92b9dbd76cff1
.naturesway.com/ Name: _uetvid
Value: 7b3f16b0434911edbe0b63a212871d58
.naturesway.com/ Name: _ga
Value: GA1.2.1447612387.1664821840
.naturesway.com/ Name: _gid
Value: GA1.2.1072957856.1664821840
.naturesway.com/ Name: _mkto_trk
Value: id:315-OQJ-766&token:_mch-naturesway.com-1664821840435-45304
.adsrvr.org/ Name: TDID
Value: 32f5028f-6473-4122-98f3-169d941ec9a4
employees.naturesway.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Oct+03+2022+18%3A30%3A40+GMT%2B0000+(GMT)&version=6.32.0&hosts=&consentId=5891c5f6-7c76-44a8-9dc7-8ee0ca8738f6&interactionCount=0&landingPath=https%3A%2F%2Femployees.naturesway.com%2Fpassword&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CSPD_BG%3A1%2CC0004%3A1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.naturesway.com/ Name: _fbp
Value: fb.1.1664821840595.1736799149
.tiktok.com/ Name: _ttp
Value: 2FdVF19XhruD26VCTfvHm3iGhKQ
.naturesway.com/ Name: _tt_enable_cookie
Value: 1
.naturesway.com/ Name: _ttp
Value: 8972e4ac-7729-4ffd-a9c7-e5d544211e89
.naturesway.com/ Name: _lo_uid
Value: 166373-1664821840545-12366bd243ae0f07
.naturesway.com/ Name: _lorid
Value: 166373-1664821840545-422b622799b0f530
.naturesway.com/ Name: _lo_v
Value: 1
.naturesway.com/ Name: __lotl
Value: https%3A%2F%2Femployees.naturesway.com%2Fpassword
.demdex.net/ Name: demdex
Value: 49350023165076615391211489770724415403
.yahoo.com/ Name: A3
Value: d=AQABBFAqO2MCEAOEqOygIZXk34ubsFl0nFkFEgEBAQF7PGNFYwAAAAAA_eMAAA&S=AQAAAkRy2jis8p4J14BgHvv07F8
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~27ii
.dpm.demdex.net/ Name: dpm
Value: 49350023165076615391211489770724415403
.adsrvr.org/ Name: TDCPM
Value: CAESEwoEa3J1eBILCL6dnIbt3ZI7EAUSEgoDYWFtEgsIvp2chu3dkjsQBRIZCgpyaWdodG1lZGlhEgsIvp2chu3dkjsQBRgFIAEoAzILCL6Vn7OD3pI7EAU4AUIdIhsIARIXChNYYXhpc0Nvb2tpZVBhcnRuZXJzEABaB3JvNXk0eWNgAQ..
.krxd.net/ Name: _kuid_
Value: PHcW-yHM
.employees.naturesway.com/ Name: _pin_unauth
Value: dWlkPVl6Um1OVGhrTmpVdFpqUTFOUzAwWW1abExXRTBNemN0Tm1NM09HTTBZbUptTXpJNA
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZ1NFdDME1QcWg3KzRxWE9yVmRUdUVQSW9jS3lXUitBKzRUNndhOGZRT1RDRmVyemdYMU1tVjdBTWZNRDVjajFycUkwYmRNV1BNMCt0eVU4QWFLS1FKbEY2cVhwKytPTkNvMVMwaTQxcjFwdz0mNE0wNlpnNS9IbGZaTjRyTythV0hCdmZKUEtNPQ=="

1 Console Messages

Source Level URL
Text
network error URL: https://employees.naturesway.com/cart.js
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

315-oqj-766.mktoresp.com
analytics.tiktok.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.cookielaw.org
cdn.shopify.com
connect.facebook.net
ct.pinterest.com
d10lpsik1i8c69.cloudfront.net
dpm.demdex.net
employees.naturesway.com
fonts.shopifycdn.com
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
j.clarity.ms
js.adsrvr.org
match.adsrvr.org
monorail-edge.shopifysvc.com
munchkin.marketo.net
s.pinimg.com
settings.luckyorange.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.16.254.71
104.16.255.71
104.26.11.16
142.250.80.34
143.204.138.162
173.223.189.27
18.164.93.6
192.28.144.124
20.110.81.91
20.85.30.134
23.227.38.74
23.44.237.171
2600:141b:5000:494::1931
2606:4700:4400::6812:2962
2606:4700::6810:9540
2607:f8b0:4006:809::2008
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:816::2003
2607:f8b0:4006:821::200e
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.208.136.8
34.199.90.210
35.71.131.137
52.45.33.138
54.85.225.242
96.16.29.8
00910c511db6b8be64453db4b4d6621d31bb772af8bffa68eefddac7d4b57473
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
0995924a806dffca7a0cd326d695e4ad70fa5537c2b063450043f596bbba11f5
0e0058f2a6c77f3a1b695cd8473110331b2e58fb70098cf0aeba4f9e16512bbb
0e611e0e8db3f7625275a0face7794d48f282084c764747765074200922d256f
27232e99c09e3754fe7699ef736512ef358554e72d557fe9c0708e7b1901d9a0
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
39d673536dee8ab74d9e00d819d1f269342a021b072c0587522ba3089f72cab5
3ba17670192f6606738bb2d5c5df99850544452b5cdfe62cedacab0160a84a89
3d02d92cce062af55617d50f2c13ddfaf3123f39629495f7734dc94e2cc7199b
3d3c842221b7ca9085396e43668203fdf9408c3db3eeb23541e0c999a6321ea7
3f10e5a6cf506388da5be38aeb67bdf2116ca72ce29f8704abb02fe4f0cb6e2a
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
48547d04f11194f2dc3f55815e8d58ad274dd7ba2314e6aa6bba1e0933dea3d2
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b649c2224b4bb2b828d2acd8e73b66435251f6a7c943861a3f3735c13eb291b
5d17b06e728721265cbdde22cacf728bea2e385c808bdfc079754c4ab9cd9d6a
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f
6736760a1c0c624190fee65234d5013a261ded35d345e6f278a3739719fac230
6fa23496dbc360495e67a6ce75662f808d0a05b126d5361f98848684fff839bc
709890a1d2331930bc5e5abea074339ad84117faf0463b8a4532bba20650eb5b
853970abc8e4298de22a2905328ecb0a7dfc8157453ed1f30f0584546b5e9c19
89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1f494d117f4f4397ef187947841d475fb48b3d6b2c2dc78ed4dd2dad31dcd9
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
8ff7b61655b404a344daf7c1f7431045efa945e63b52ffc84b3b531e5b6e4d87
93aa07e92433a857fb762b8cff3e36ef2a89ab704bbc20aa9b5e8e643a1c42bf
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bc6a65a10eb87b6f787cbe58c7ee729befb247d2f43a777d823384873fdb6d9
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f7ed90d17d77cd383bf578680b2fa805da0a8508c290d9457f430d1c780841f
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
a410de6cce6447601fa8c2cfd3fc610ff5dfdb4f0ec5568dfbb6e5475701caf4
a6e884b8a3a06db9a0c709e9d77b569f2855deda5e146c9a6504fcf598e87973
a926c5a2d801b130212c7b51cc65a48a4eee35a4579b440986557954856d30d2
ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c68c6586a8387062113193443bffe46f334f80a6fc73090803a255acdcf6af35
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
d46d6b8532bf41622baa6d6577940e83ce817e3ae48fc0a54c43353d2e3c518c
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dfa7a6143bc018e83958a082733841889afe137a5bd0fb9a097298a1da0d0f6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30daa1b79e0266df3a0a7c284f25f68ff78c95af7da32d4b9083ee47615ece7
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f83ce5690e47394c42ac7531691f0239359d489ba3973c8336497f031e297018
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
fa9647f7b58c08eb6a88eabfa60351c86f818455b5b7ad91d43ca9ca31ad504a
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91